Tools

The following tools were published on KnowledgeLeader this week:

Access Management Policy

Get comprehensive standards and procedures for managing access to a company’s systems and applications. It aims to ensure confidentiality, availability and integrity. Sample 1 defines user access roles and responsibilities, approval requirements, review requirements and removal requirements, emphasizing the role of authorized approvers and the necessity of quarterly reviews. Sample 2 focuses on the submission and review of user access privileges, requiring managers to submit lists of users and their access privileges twice a year, as well as detailing procedures for changing and revoking user access.

Other Liabilities Audit Work Program

Streamline your auditing liabilities with our Other Liabilities Audit Work Program, designed to maintain accurate financial records and approvals. The program outlines potential risk areas, such as unauthorized expenses in accrual balances and misclassifications, thereby guiding auditors to examine records and processes critically. It provides specific audit objectives aimed at ensuring that liabilities are accurately recorded in compliance with company policies and generally accepted accounting principles (GAAP).

Database Audit Work Program

This tool includes two sample audit programs that provide steps organizations can take to perform a database administration review audit. Sample steps include: ensure that passwords are unique and renewed regularly, ensure password encryption, ensure that object privileges that grant a user the right to access and possibly manipulate data within an object or the right to execute stored procedures exist, ensure that product profiles exist that limit user access to certain database commands or products, and ensure that roles are created and assigned to users as a means of granting them the necessary privileges to perform their duties.

Accounts Payable Audit Work Program

Our Accounts Payable Audit Work Program provides a detailed framework for conducting thorough audits of an organization's accounts payable processes. It is structured to guide auditors through each stage of the audit, from planning and fieldwork to report issuance. It emphasizes the importance of establishing clear audit objectives, such as ensuring the effectiveness of controls around the payables process and maintaining proper segregation of duties. It also includes a comprehensive breakdown of administrative tasks, such as scheduling, finalizing audit programs, and compiling test work, which are essential for the smooth execution of the audit.

IT Risks and Controls Review Report

Stay ahead of IT risks with our expert review on IT controls, which aims to reduce the volume of controls while focusing on key risks, thereby improving consistency across various applications and IT processes. Organizations can expect to gain insights into the rationalization of risks, as the tool identifies common risks that significantly impact business operations. The report includes a detailed assessment of controls, categorizing them into key, secondary and non-IT controls, which helps with understanding the adequacy of existing measures.

Security Management Audit Work Program

Our Security Management Audit Work Program provides a detailed framework for conducting comprehensive security audits within your organization. It outlines various methodologies to assess the effectiveness of information security measures, identify vulnerabilities, and evaluate risk management strategies across different facets of security management. It includes five sample audit work programs, each focusing on specific areas such as policy review, risk assessment, access controls, logical security and incident response. These samples serve as practical guides, offering step-by-step procedures for ensuring thorough evaluations and recommending necessary improvements. The program emphasizes the importance of aligning security policies with business objectives and regulatory requirements, thereby enhancing the overall security posture of the organization.

Publications 

KnowledgeLeader has also published several publications this week.

Pursuing Modern Digital Product Management — and Why It Matters to Your Organization’s Digital Acceleration

Learn how your business can enhance its customer-centricity, agility and competitiveness by embracing modern digital product management techniques. This article outlines the evolution of product management in a digital context. It identifies 12 key elements that distinguish contemporary digital product management from traditional approaches. Central to this evolution is the need for a customer-centric mindset, where understanding user needs and preferences becomes paramount. Agile methodologies like Scrum and Kanban are highlighted as essential for fostering flexibility and iterative development, enabling teams to adapt to changing market conditions. Data-driven decision-making is crucial, with product managers leveraging analytics tools to inform strategies and optimize performance.

Information Security Risk Management Tools in the Air Traffic Management Domain: What Are Practitioners’ Needs?

As the old Chinese proverb goes: for one’s work to be done properly, one must first sharpen the tools. However, despite the availability of various information security risk management (ISRM) methodologies and standards such as ISO/IEC 2700x and NIST 800-30, practitioners often struggle to effectively implement them. Implementation is especially tricky for novices who have little or no previous experience and know-how in information security. A recent study conducted by Taylor & Francis through semi-structured interviews with 17 security practitioners in the Air Traffic Management (ATM) domain and five validation sessions with 34 experts identified two primary themes regarding practitioner needs: automation and assistance. 

Trump 2.0: The First 100 Days – A Look at Industry Winners and Losers

Upon taking office, President Trump swiftly enacted numerous executive orders aimed at deregulation and promoting an economic nationalist agenda, which significantly altered the business landscape. In this flash report, Protiviti offers a comprehensive analysis of the early impacts of President Trump’s policies on various sectors of the U.S. economy during the first 100 days of his second term. The report identifies several sectors as potential winners, notably Crypto, financial services and oil and gas, which have thrived under the administration's deregulatory measures and supportive financial policies. In stark contrast, industries such as Airlines, Agribusiness and Higher Education are grappling with negative repercussions stemming from new tariffs, substantial funding cuts, and restrictive immigration policies that threaten their operational viability and financial stability.

Recommended Resources 

This list of recommended resources from the web may be of interest to you. Click each link to learn more. 

1. Exercising Caution With Non-GAAP Measures and Disclosures
2. iHeartMedia Appoints New Chief Legal Officer
3. Return to Office Policies Create Real Estate Cost Efficiencies