The following 36 items are listed by Content Data.
Policies & Procedures
Data Access and User Authentication Policy
The purpose of this access management policy is to ensure that access to all company systems and applications is properl...
Subscriber Content
Audit Programs
Systems and Data Audit Work Program
This sample work program can be used by auditors to identify and mitigate risks associated with an organization’s critic...
Subscriber Content
Policies & Procedures
System Software Development Policy
This template can be used to record a company’s system software development policy and requirements and the responsibili...
Subscriber Content
Checklists & Questionnaires
Identity Management Tool Questionnaire
The questions provided in this tool can help organizations manage their security and privacy concerns specific to identi...
Subscriber Content
Policies & Procedures
Facility Access Controls Policy
This sample policy provides an overview of procedures organizations should perform during the facility access controls p...
Subscriber Content
Protiviti Booklets
FAQ: Understanding the General Data Protection Regulation
Organizations have many questions about the General Data Protection Regulation (GDPR), and in response, Protiviti has de...
Subscriber Content
Audit Reports
ISO 27001 Information Security Assessment Report
This audit report focuses on a project baselining an organization’s information security practices, with the purpose of ...
Subscriber Content
Articles
Integration Prioritization Model for Identity Access Management
Protiviti recommends a simple identity access management (IAM) prioritization model based on risk, impact and friction. ...
Subscriber Content
Articles
Five Common Identity and Access Management Pitfalls
Explore five common identity and access management (IAM) pitfalls organizations run into today.
Subscriber Content
Audit Reports
Application Access Audit Report
This sample audit report presents the results of an application access audit performed within a company’s IT environment...
Subscriber Content
Memos
Delegated Entity Review Memo
This memo focuses on IT SOX readiness procedures for an application, testing change management, computer operations and ...
Subscriber Content
Memos
Minimum Testing Standards for Systems and Data Memo
This memo outlines minimum IT controls around user access, change control, backup, privacy, licenses and document retent...
Subscriber Content