The following 182 items are listed by Content Data.
Memos
Network Audit Management Memo
This memo documents low-risk opportunities in the network infrastructure environment identified during an internal audit...
Subscriber Content
Risk & Control Matrices - RCMs
Application Control Review RCM
This document outlines risks and controls common to the application control review process in a risk and control matrix ...
Subscriber Content
Memos
Scope of Application Security Memo
This memo outlines the assumptions and decision used to scope the documentation efforts around application security.
Subscriber Content
Audit Programs
Siebel/Oracle Information Security Audit Work Program
This audit program outlines procedures to evaluate six system control objectives.
Subscriber Content
Risk & Control Matrices - RCMs
Define IT Strategy and Organization RCM
This document outlines risks and controls common to the “define IT strategy and organization” process in a risk control ...
Subscriber Content
Risk & Control Matrices - RCMs
Manage Security and Privacy RCM
This document outlines risks and controls common to the "manage security and privacy" process in a risk control matrix (...
Subscriber Content
Newsletters
Managing Cybersecurity Risk
In this issue of Board Perspectives: Risk Oversight, we present four considerations for managing cybersecurity risk.
Subscriber Content
Blog
Risks Associated with Data Integrity and Management Best Practices
Failure to manage data integrity risk can have the following impact:Authorization, completeness, and a...
Policies & Procedures
User Authentication and Authorization Policy
The following sample policy outlines a set of policies and procedures governing user authentication and authorization an...
Subscriber Content
Policies & Procedures
Systems Development Lifecycle (SDLC) and Change Management Policy
This sample outlines a set of policies and procedures designed to provide an orderly process in which changes to a compa...
Subscriber Content
Policies & Procedures
User Malicious Software Policy
The purpose of this security policy is to outline the user’s responsibilities in ensuring updates and maintenance of ant...
Subscriber Content
Process Flows
User Access Security Process Flow
This sample process flow outlines the steps to manage user access changes to company IT systems.
Subscriber Content