Fri, Jun 2, 2023

Essential Audit and IT Security Tools for Effective Data Governance and Network Management

Tools

The following tools were published on KnowledgeLeader this week:

Privacy Audit Work Program

This tool contains two sample work programs that highlight risks to consider and general steps to take when facilitating a privacy audit. Sample steps include obtaining all company-specific security policies pertaining to the accessing, transmission and disposal of sensitive data and verifying that current awareness initiatives provide guidance related to the security policies referencing sensitive data.

Network Infrastructure Audit Work Program

This document contains three sample work programs that can be used by organizations for conducting an IT network infrastructure audit. Sample steps in these programs include creating written security policies that address individuals permitted to access the network device(s), individuals permitted to configure and update the network device(s), and logging and management practices.

IT Security Policy

This document contains four sample policies that establish guidelines an organization should follow to ensure that its IT security meets standard best practices. These policies are an important aspect of information security and are written to protect user accounts, corporate data and intellectual property owned by the company.

Data Management: Records Retention Policy

This policy helps to ensure that legal statutes regarding data retention are observed, industrial and business requirements regarding data retention are observed, and data which has survived its retention period is destroyed promptly to avoid legal and litigation exposures. The sample applies to all employees.

Access Management Policy

This tool contains four sample policies that define procedures for ensuring that access to all systems and applications is properly approved and monitored. In these samples, access must be granted using approved and established role-based security, roles are well-defined and documented, and changes to access roles must follow the approval requirements.

Debt Covenant Policy

This policy sample sets forth appropriate guidelines for monitoring and complying with debt covenants related to financing activities. According to this policy, whenever equity financing or short- or long-term debt is required to fund company operations, or whenever there are transactions, which would contingently obligate the company, corporate treasury must be contacted to arrange and/or approve all terms, conditions and financial covenants.

Publications 

KnowledgeLeader has also published several publications this week.

Big Data or Big Brother? Streetlights Versus Surveillance in San Diego's Smart City Quest

Read this conversation between Saving the City Executive Producer Ron Blatman and Protiviti’s Joe Kornik about finding a better future for American cities and the people who live in them.

A Call for Transparency Amid a Shifting Legal and Regulatory Landscape

The increasing complexity of the legal and regulatory landscape is challenging the board’s fiduciary duties of care and loyalty. In this issue of Board Perspectives, we provide actions boards can take to shore up their governance and oversight in light of emerging trends. 

Reviewing SEC Accounting and Auditing Enforcement Activities

In this article, Audit Analytics takes a closer look at records dating back to October 1999 and covers AAERs issued by the SEC. 

Recommended Resources 

This list of recommended resources from the web may be of interest to you. Click each link to learn more. 

  1. ​​Six CFO Skills Still Needed Amid Generative AI, ChatGPT
  2. Jump-Starting Finance Transformation: Changing Stakeholder Demands Requires a Response
  3. ​​​Veradigm Discloses ICFR Weakness Related to Rev Rec Software Tool

 

0 Comments