Search results
Jump to navigation
Jump to search
- '''DS 5.7 Protection of Security Technology '''<br> Ensure that important security-related technology is made resistant to tampering and security documentation is not disclosed ...3 KB (377 words) - 18:52, 4 May 2006
- ==Sample End User Computing and Technology Policy== ...tablishing specific standards on appropriate business use of the Company's information and telecommunications systems and equipment. ...4 KB (507 words) - 14:58, 21 January 2014
- ...g rules. Also, if fraud occurs and your organization has not completed the audit requirements, financial and legal responsibility will be placed more heavil [[Category:Information technology management|Governance]] ...2 KB (235 words) - 09:48, 23 October 2012
- ==FFIEC Information Technology Examination Handbook Executive Summary== ...ve effort of the FFIEC’s five member agencies, has replaced the 1996 FFIEC Information Systems Examination Handbook (1996 Handbook). ...15 KB (2,060 words) - 17:47, 15 June 2007
- ...ns that currently have a [[SAS 70]] service auditor’s examination (“SAS 70 audit”) performed, some changes will be required to effectively reporting under t ...res that all user organizations and their auditors have access to the same information and in many cases this will satisfy the user auditor's requirements.<br> ...10 KB (1,457 words) - 21:20, 21 August 2012
- ...ine the nature of the impact— positive, negative or both—and maintain this information.<br> [[Image:account-audit-flow.jpg]]<br> ...3 KB (459 words) - 17:56, 21 June 2006
- ...requirements are met by all components. The test data should be saved for audit trail purposes and for future testing.<br> Insert remediation plan, applicability, or any information that indicates what needs to be done.<br> ...5 KB (730 words) - 19:05, 17 April 2007
- ==IT Audit Roles and Responsibilities== ...e important element of an effective internal control system is an internal audit function that includes adequate IT coverage.<br> ...28 KB (4,089 words) - 14:37, 16 April 2007
- ...most comprehensive, most beneficial, most accessible, and freely available information security guidance framework on the planet.<br> ...zation no matter what the size, shape, or form they come in. By protecting information, you protect identities, profits, reputations, and the list goes on and on. ...9 KB (1,241 words) - 20:49, 13 September 2016
- ...nt]]s, on a more frequent basis. Technology plays a key role in continuous audit activities by helping to automate the identification of exceptions or anoma ...constantly for errors, fraud, and inefficiencies. It is the most detailed audit. ...15 KB (2,212 words) - 17:29, 19 February 2015
- == Requirement 12: Maintain a policy that addresses information security. == ...ge:Key-control.jpg]][[PCI-12.3.2:|PCI-12.3.2 Authentication for use of the technology.]]<br> ...7 KB (988 words) - 19:11, 7 July 2006
- '''EVALUATION OF CONTROLS IN INFORMATION SYSTEMS (IS) QUESTIONNAIRE'''<br> ...estion. This can generally be achieved if the company involves an internal information systems auditor in the question answering process. Specific “Guidance Point ...8 KB (1,155 words) - 20:14, 25 June 2006
- ...tablishing specific standards on appropriate business use of the Company's information and telecommunications systems and equipment. Company information and telecommunications systems and equipment, including Internet, electroni ...3 KB (464 words) - 17:48, 14 January 2014
- ...r abnormal activities that may need to be addressed. Access to the logging information is in line with business requirements in terms of access rights and retenti ...ngs, and disabling of SSID broadcasts. Enable Wi-Fi Protected Access (WPA) technology for [[Encryption | encryption]] and authentication when WPA-capable.<br> ...7 KB (975 words) - 16:57, 9 April 2007
- ...is a subset discipline of [[Corporate Governance]] focused on information technology (IT) systems and their performance management and [[risk management]]. The ...bility framework to encourage desirable behavior in the use of information technology."''<br> ...12 KB (1,686 words) - 11:47, 30 May 2015
- ==Information Security Audit== ...dit. However, information security encompasses much more than IT. Auditing information security covers topics from auditing the physical security of data centers ...21 KB (3,112 words) - 16:52, 15 June 2007
- ...p" vulnerability management activities including vulnerability mitigation, information review and analysis, as well as metrics tracking and reporting.<br> ...on Company premises, or who have been granted access to and use of Company Information Assets, are covered by this standard and must comply with associated guidel ...9 KB (1,122 words) - 14:12, 1 May 2010
- ==Audit Guidance Examination Procedures== ...ion related to IT controls. These procedures will disclose the adequacy of audit coverage and to what extent, if any, the examiner may rely upon the procedu ...32 KB (4,518 words) - 17:53, 11 April 2007
- ...roviders have implemented adequate security controls to safeguard customer information. :* Ability to conduct audit coverage of security controls or obtain adequate reports of security testin ...6 KB (829 words) - 19:14, 17 April 2007
- ...ay provide invalid information, which could result in unreliable financial information and reports.<br> ...nd followed for all significant changes in applications and infrastructure technology, which addresses unit, system, integration and user-acceptance-level testin ...10 KB (1,393 words) - 14:28, 23 June 2006