This review focuses on the configurable application controls, application security, and segregation of duties for the ac...

This memo documents low-risk opportunities in the network infrastructure environment identified during an internal audit...

This document outlines risks and controls common to the application control review process in a risk and control matrix ...

This memo outlines the assumptions and decision used to scope the documentation efforts around application security.

This audit program outlines procedures to evaluate six system control objectives.

This document outlines risks and controls common to the “define IT strategy and organization” process in a risk control ...

The purpose of this audit program is to review an organization’s system backup procedures.

This sample compliance work program can be modified for scope considerations that will depend on the extent of the softw...

The purpose of this work program is to determine whether the right security policies exist and determine if existing pol...

This document outlines steps to audit an organization’s data management process and includes a self-assessment questionn...

This document outlines risks and controls common to the "manage security and privacy" process in a risk control matrix (...

This document outlines steps to audit the process used to deploy software to desktop computers.