Do you think your IT security is ready to meet the challenges that your organization will face in 2014? If your answer is no, you're not alone - the results of Protiviti's latest IT Audit Benchmarking Survey indicate that when it comes to IT and cybersecurity, many organizations need to make improvements to their IT audit coverage.
In November 2013, the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) will formally release long-anticipated updates to ISO/IEC 27001 and 27002. The last time these standards were updated was in 2005.
Changes to a company’s information technology (IT) environment, both information systems and the underlying platforms, are a source of significant operational risk for every organization. To protect its IT investment and reduce operating risk, robust change management processes are critical. The need for a positive control environment and a very unforgiving attitude regarding unauthorized IT changes by management cannot be overemphasized. Insufficiently tested IT changes is an unacceptable practice.
Add a Comment: