The following 325 items are listed by Content Data.
Newsletters
Oversight of IT Risk Management
In this issue of Board Perspectives: Risk Oversight, we make suggestions for boards to consider as they enhance their ri...
Subscriber Content
Audit Programs
System Management Risk Assessment and Control Audit Work Program
This work program will assist audit teams with identifying risks and related controls for logical security administratio...
Subscriber Content
Guides
COSO Internal Controls Guide: Integrated Framework
Design and implement your organization’s internal controls with the COSO internal control framework included in this gui...
Subscriber Content
Newsletters
Managing Cybersecurity Risk
In this issue of Board Perspectives: Risk Oversight, we present four considerations for managing cybersecurity risk.
Subscriber Content
Newsletters
Social Business: What it Means to Your Risk Profile
This issue of Board Perspectives: Risk Oversight discusses 10 examples of social business risks every company should mon...
Subscriber Content
Protiviti Booklets
Guide to the Sarbanes-Oxley Act: IT Risks and Controls
In this booklet, we provide guidance to Section 404 compliance project teams on the consideration of information technol...
Subscriber Content
Policies & Procedures
Production System Access Policy
This sample outlines a set of policies and procedures governing access to production systems and applications, and the d...
Subscriber Content
Policies & Procedures
System, Database and Application Administrator Policy
The purpose of this policy is to define the roles, activities, and responsibilities of administrators with regard to acc...
Subscriber Content
Policies & Procedures
User Authentication and Authorization Policy
The following sample policy outlines a set of policies and procedures governing user authentication and authorization an...
Subscriber Content
Policies & Procedures
Systems Development Lifecycle (SDLC) and Change Management Policy
This sample outlines a set of policies and procedures designed to provide an orderly process in which changes to a compa...
Subscriber Content
Policies & Procedures
User Malicious Software Policy
The purpose of this security policy is to outline the user’s responsibilities in ensuring updates and maintenance of ant...
Subscriber Content
Audit Programs
System Intrusion Audit Work Program
The objective of this audit work program is to evaluate a business’s ability to detect unauthorized system access attemp...
Subscriber Content