The following 171 items are listed by Content Data.
Policies & Procedures
Systems Audit Logging and Monitoring Policy
This sample policy is designed to help organizations define and comply with system audit logging and monitoring requirem...
Subscriber Content
Benchmarking Tools
Transaction Authority Risk Key Performance Indicators (KPIs)
This tool contains performance measures and questions an organization can use to enforce and ensure the validity of tran...
Subscriber Content
Audit Programs
Application Security Review and Testing Audit Work Program
This tool includes two sample audit programs that provide steps organizations can take to facilitate an application secu...
Subscriber Content
Policies & Procedures
Separation of Duties Policy
In this sample policy, we outline the standards for applying separation of duties to protect a company’s information ass...
Subscriber Content
Policies & Procedures
Telecommunication Usage Policy
This sample policy defines guidelines and procedures organizations should follow when using telecommunications systems.
Subscriber Content
Audit Programs
Data Conversion Audit Work Program
This tool contains two sample audit programs that provide steps organizations can take to perform a data conversion audi...
Subscriber Content
Policies & Procedures
Information Security Management System Policy
This policy establishes the scope of a company's information security management system and characterizes the interfaces...
Subscriber Content
Policies & Procedures
Physical Security Standard Policy
The purpose of this policy is to create and maintain a physically secure environment that protects company property and ...
Subscriber Content
Audit Programs
Enterprise Resource Planning Security Audit Work Program
In this work program sample, we list general best-practice steps for the enterprise resource planning security process.
Subscriber Content
Checklists & Questionnaires
Sarbanes-Oxley Testing Documentation Questionnaire
This tool includes questions to consider when documenting Sarbanes-Oxley (SOX) testing procedures, results and recommend...
Subscriber Content
Policies & Procedures
Network Access Control Devices Policy
The purpose of this sample policy is to ensure that all company network devices and firewalls are properly identified an...
Subscriber Content
Policies & Procedures
Encryption Key Policy
This tool contains two sample policies that establish guidelines for use of encryption to secure company information ass...
Subscriber Content