The point of the article, of course, was that people must focus their attention in the correct places when considering what would most influence their quality of life. That same exact issue exists within organizations where the board and management must ensure that they build and sustain the long-term health of the company.
Topics: Enterprise Risk Management, Internal Audit, Audit Committee & Board, IT Infrastructure
In November 2013, the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) will formally release long-anticipated updates to ISO/IEC 27001 and 27002. The last time these standards were updated was in 2005.
Topics: IT Audit, Governance, Risk & Compliance, IT Governance, IT Infrastructure
Changes to a company’s information technology (IT) environment, both information systems and the underlying platforms, are a source of significant operational risk for every organization. To protect its IT investment and reduce operating risk, robust change management processes are critical. The need for a positive control environment and a very unforgiving attitude regarding unauthorized IT changes by management cannot be overemphasized. Insufficiently tested IT changes is an unacceptable practice.
Topics: IT Audit, IT Governance, IT Infrastructure, IT Strategy
The "Holy Grail" for IT has always been to be closely aligned with business efforts. For years, business has encouraged IT to focus on delivering business priorities. At the same time, IT has tried to be an integral part of business planning and align IT efforts and investments with business priorities. Ultimately, effective IT alignment really does require the ongoing and engaged involvement of all key participants.
Topics: Project Management, IT Infrastructure, IT Strategy, Change Management
Many businesses today exchange goods, services, information and knowledge using network-enabled technologies. Within such business, the proper protection of confidential information is essential to achieve the desired benefits and mitigate the associated risks. Failure to adequately restrict access to critical business information from outsiders (intruders) may result in unauthorized knowledge and use of confidential information by inappropriate parties.
Topics: IT Audit, Governance, Risk & Compliance, IT Infrastructure, IT Security, IT Risk, Performance Management/Measurement
Data integrity is the assurance that information can only be accessed or modified by those authorized to access the system. Measures taken to ensure integrity include controlling the physical environment of networked terminals and servers, restricting access to data, and maintaining rigorous authentication practices. Data integrity can also be threatened by environmental hazards, such as heat, dust and electrical surges.
Topics: IT Audit, IT Infrastructure, Cloud Computing, IT Risk, IT Controls, Data Security, Data Analytics, Performance Management/Measurement, Customer Satisfaction
Are You Familiar With Robotic Process Automation?
Robotic process automation (RPA) has been gaining traction as an efficient way to automate labor-intensive and repetitive tasks across a variety of business functions, including finance, accounting, technology, legal, HR, and, increasingly, audit and compliance.
Topics: IT Governance, IT Infrastructure, IT Strategy, IT Risk, Energy & Utilities Industry, Performance Management/Measurement, Robotic Process Automation
Performance is defined as the throughput of business transactions compared to user needs, expectations or requirements. IT performance risk is the risk that a company’s IT infrastructure will be unable to perform at required levels due to inferior internal operating practices, technology and/or external relationships that threaten the demand for the organization's products or services.
Topics: IT Audit, IT Infrastructure, IT Risk, Change Management, Performance Management/Measurement
What is design risk? To “design” is to create, fashion, execute or construct according to plan. The term design as used here refers to the entire scope of a project. A business system design is a collection of design documents and supporting materials which define the system functionality that supports one or more business processes and in the process, creates, retrieves, updates and deletes data.
Topics: IT Audit, IT Governance, IT Infrastructure, IT Strategy, IT Risk, IT Controls, Performance Management/Measurement
Transaction authenticity can be defined as the authentication of a party’s (individual, organization) identity, to ensure that pending transactions and contractual agreements are legal and enforceable.
Topics: IT Audit, IT Infrastructure, Cloud Computing, IT Risk, IT Controls, Performance Management/Measurement
KnowledgeLeader, provided by Protiviti, is the premier resource for internal audit and risk management professionals.
With over 1,400 customizable tools and 1,300 articles by industry experts, we offer the most comprehensive service on the market.
For more information:
