Changes to a company’s information technology (IT) environment, both information systems and the underlying platforms, are a source of significant operational risk for every organization. To protect its IT investment and reduce operating risk, robust change management processes are critical. The need for a positive control environment and a very unforgiving attitude regarding unauthorized IT changes by management cannot be overemphasized. Insufficiently tested IT changes is an unacceptable practice.
Information technology is critical to the long-term success of most organizations. It is a key driver for the cost of operations, and cost of operations tends to be a vital component of overall profitability. It facilitates the introduction of new business initiatives, as well as the ongoing improvement of current processes, and allows the management team to monitor and report on performance. IT enables business operations through connectivity, information processing, business intelligence and the like. Lastly, and especially important to this audience, IT can contribute greatly to a company’s system of internal control.
Protiviti has published the second edition of its popular booklet, Guide to the Sarbanes-Oxley Act: IT Risks and Controls.
This publication is the definitive resource guide on IT risks and control issues related to compliance with SOX Section 404. This is a 45 page booklet covering an array of SOX-related topics in a questions and answers format.
Everybody is talking about IT Strategy lately. As IT managers you’re faced with considerable pressure to communicate a comprehensive strategy and also show a clear road to improving the business value of your activities. IT strategy management is often met with yawns by CEOs and other executives, yet it can advance or undermine every move a company makes. In one-sided communication models like this, it’s often the case that only problems are properly recognized or attributed to your team.
What is Data Integrity?
Data integrity is the assurance that information can only be accessed or modified by those authorized to access the system. Measures taken to ensure integrity include controlling the physical environment of networked terminals and servers, restricting access to data, and maintaining rigorous authentication practices. Data integrity can also be threatened by environmental hazards, such as heat, dust, and electrical surges.
Add a Comment: