A recent breach has raised serious questions about whether boards of directors and senior management are asking the righ...

This audit report shares findings from a review of the selected processes that support the IQ4 Epic implementation proje...

This sample policy ensures that all rules and regulations related to telemarketing are complied with and nothing is done...

This risk assessment audit report outlines findings from a high-level IT risk assessment at a company.

The purpose of this sample policy is to control application development and to ensure that application development is ef...

This tool includes risk assessment questions for both IT management and executive IT management.

This sample questionnaire evaluates the effectiveness of computer operations management in an organization. Computer ope...

This audit work program includes test steps in the areas of documentation, logging, monitoring and user pool for VPN adm...

This Sarbanes-Oxley process memo informs and prepares business process control managers to engage in “walkthrough” discu...

This review focuses on the configurable application controls, application security, and segregation of duties for the ac...

This document outlines risks and controls common to the "manage IT assets" process in an RCM format.

This document outlines risks and controls common to the application control review process in a risk and control matrix ...