This page contains a list of all of the publications available on KnowledgeLeader from the following categories: Articles, Newsletters, Performer Profiles, Protiviti Booklets, Questions & Answers, Regulatory Updates, and Survey Reports. If you would like to explore a specific publication category, please use the links on the left.
The following 1393 items are listed by date.
August 15, 2011
Testing the Cloud
Managing IT networks requires a broad set of competencies in a growing number of technologies and products. It makes sense that these competencies are centralized in larger data centers providing cloud services to a number of smaller enterprises for which IT is not a core competency. What are the special challenges that cloud service providers face in this regard?
CONTENT AREA: Articles
TOPICS: Business Continuity Management, Information Technology Risk, IT Audit, IT Controls, IT Infrastructure
August 15, 2011
What Do You Do If You Are the Victim of Identity Theft?
This section of "The Global Privacy and Information Security Landscape: Frequently Asked Questions" focuses on identity theft. Topics covered include: What are the steps I should take if I am a victim of identity theft? What is a fraud alert? And, what is an identity theft report?
CONTENT AREA: Questions & Answers
TOPICS: Security, Investigations/Forensics, Security Management Practices, Laws & Regulations, Privacy
August 8, 2011
Addressing Security Breaches
This section of "The Global Privacy and Information Security Landscape: Frequently Asked Questions" focuses on security breaches. Topics covered include: What is a security breach? What are some of the differences among the data breach notification laws enacted by these states? And, is there a federal law requiring notification for security breaches?
CONTENT AREA: Questions & Answers
TOPICS: Financial Services Industry, Security, Network & Internet Security, Security Management Practices, Laws & Regulations, Privacy, Social Media Risk
August 8, 2011
Enabling Effective IT Governance: Leveraging ISO/IEC 38500:2088 and COBIT to Achieve Business-IT Alignment
Most organizations are revisiting their IT strategy and goals to align with the business strategy. Effective IT governance is the need of the hour to achieve improved performance and for compliance with external requirements.
CONTENT AREA: Articles
TOPICS: Information Technology Risk, IT Audit, IT Governance, IT Infrastructure, Performance Management/Measurement
August 8, 2011
Is Your Organization an Early Mover?
An Early Mover is a firm that quickly recognizes a unique opportunity or risk and uses that knowledge to evaluate its options either before anyone else or along with other firms that likewise recognize the significance of what’s developing in the market and seize the initiative. Early Movers have the advantage of time, with more decision-making options before market shifts invalidate critical assumptions underlying the strategy. This issue of
Board Perspectives: Risk Oversight explains the attributes of an Early Mover using three R’s – RECOGNIZE, REACT and REFLECT.
CONTENT AREA: Newsletters
TOPICS: Audit Committee & Board, Enterprise Risk Management, Risk Assessment, Strategic Risk, Performance Management/Measurement
August 8, 2011
PCI DSS 2.0 - 2011年重要修订
《支付卡行业数据安全标准》(PCI DSS) 2.0已于2010年10月发布。虽然新版本并未对现有版本标准(PCI DSS 1.2)做出重大修订,但当中仍有一些值得关注的要点,例如就新兴技术提供了更多的指引和视角。
CONTENT AREA: Articles
TOPICS: Accounts Receivable, Consumer Products & Retail Industry, IT Controls, IT Audit, Security Management Practices, China
August 8, 2011
Performance/Risk Integration Management Model – PRIM2: The Convergence of Enterprise Performance Management and Risk Management
Whether a company is rapidly growing, focused on establishing sustainable competitive advantage or both, it must consider how an integrated approach and discipline to deploy strategy while also managing the associated risks, will improve its probability of achieving strategic objectives. This white paper provides a framework for integrating strategy, risk and performance management.
CONTENT AREA: Articles
TOPICS: Internal Audit, Audit Committee & Board, Risk Assessment, Entity-Level Control, Financial and Credit Risk, Performance Management/Measurement, Governance Risk & Compliance, Strategic Risk, Enterprise Risk Management
August 8, 2011
SAS 70s Change Poll
This week’s poll question asks: Has your company started addressing this change?
CONTENT AREA: Polls
TOPICS: IT Controls, Audit Reporting, IT Audit, SAS 70
August 8, 2011
SAS 70s: Background on the Reason for Change
In the world of SAS 70s, a number of new report options now exist. In principal, these report options have not created much of anything new. However, having three report options alleviates the problem service organizations and external auditors have had for years: getting a report that fits the organization.
CONTENT AREA: Articles
TOPICS: IT Controls, Audit Reporting, IT Audit, SAS 70
August 1, 2011
Dodd-Frank Heaps New Requirements on Broker-Dealers
For small broker-dealers already struggling with added regulatory requirements, the many provisions of the Dodd-Frank Act, including those that call for more robust compliance systems, will be difficult to shoulder. "Dodd-Frank will add to the compliance burden; how much more depends on how the rules are written," says Hillel Cohn, a partner with law firm Morrison & Foerster.
CONTENT AREA: Articles
TOPICS: Whistleblower/Complaint Reporting, Financial Services Industry, Compliance