The following 175 items are listed by Content Data.
Risk & Control Matrices - RCMs
Manage Security and Privacy: Manage Security Configurations RCM
This document outlines risks and controls common to managing security configurations during the security and privacy man...
Subscriber Content
Benchmarking Tools
Enterprise Security Key Performance Indicators (KPIs)
The purpose of this tool is to encourage dialog and help an organization assess the state of its network security. Areas...
Subscriber Content
Audit Programs
Enterprise Resource Planning Security Audit Work Program
In this work program sample, we list general best-practice steps for the enterprise resource planning security process.
Subscriber Content
Articles
Preparing for a Dynamic Post-Pandemic Fraud Landscape
The five strategies described in this article can help organizations strengthen their fraud prevention practices and avo...
Subscriber Content
Benchmarking Tools
Privacy Program Leading Practices
This tool features several leading practices to consider when establishing a privacy program.
Subscriber Content
Articles
The Three C’s of a Quality Cloud Audit
This article outlines Protiviti's comprehensive cloud audit approach, which is based on leading practices and frameworks...
Subscriber Content
Articles
How Firms Can Tackle Technology Risk Blind Spots to Build Resilience
Protiviti’s Ewen Ferguson and Hirun Tantirigama identify common critical technology risks and illustrate what organizati...
Subscriber Content
Policies & Procedures
Network Access Control Devices Policy
The purpose of this sample policy is to ensure that all company network devices and firewalls are properly identified an...
Subscriber Content
Articles
Gone Phishing: Elaborate Scams Are on the Rise, Are You Smart Enough to Recognize Them?
Protiviti Managing Director Michael Lyons shares a personal experience with, and an in-depth analysis of, a sophisticate...
Subscriber Content
Articles
Importance of Internal Controls for Cybersecurity
Audit Analytics examines the increase in cybersecurity breaches disclosed by public companies since 2011.
Subscriber Content
Policies & Procedures
Encryption Key Policy
This tool contains two sample policies that establish guidelines for use of encryption to secure company information ass...
Subscriber Content
Memos
IT Network Security Scope Memo
The purpose of this memo is to document the assumptions and decision criteria used in scoping the documentation efforts ...
Subscriber Content