IT Security

The following 186 items are listed by Content Data.
Risk & Control Matrices - RCMs

Manage Security and Privacy: Manage Security Configurations RCM

This document outlines risks and controls common to managing security configurations during the security and privacy man...
Subscriber Content
Mon, Sep 27, 2021
Policies & Procedures

Information Security Management System Policy

This policy establishes the scope of a company's information security management system and characterizes the interfaces...
Subscriber Content
Mon, Sep 13, 2021
Benchmarking Tools

Enterprise Security Key Performance Indicators (KPIs)

The purpose of this tool is to encourage dialog and help an organization assess the state of its network security. Areas...
Subscriber Content
Mon, Sep 6, 2021
Policies & Procedures

Physical Security Standard Policy

The purpose of this policy is to create and maintain a physically secure environment that protects company property and ...
Subscriber Content
Mon, Sep 6, 2021
Audit Programs

Enterprise Resource Planning Security Audit Work Program

In this work program sample, we list general best-practice steps for the enterprise resource planning security process.
Subscriber Content
Mon, Aug 9, 2021
Articles

Preparing for a Dynamic Post-Pandemic Fraud Landscape

The five strategies described in this article can help organizations strengthen their fraud prevention practices and avo...
Subscriber Content
Mon, Aug 2, 2021
Benchmarking Tools

Privacy Program Leading Practices

This tool features several leading practices to consider when establishing a privacy program.
Subscriber Content
Mon, Jul 26, 2021
Articles

How Firms Can Tackle Technology Risk Blind Spots to Build Resilience

Protiviti’s Ewen Ferguson and Hirun Tantirigama identify common critical technology risks and illustrate what organizati...
Subscriber Content
Mon, Jul 5, 2021
Policies & Procedures

Network Access Control Devices Policy

The purpose of this sample policy is to ensure that all company network devices and firewalls are properly identified an...
Subscriber Content
Mon, Jul 5, 2021
Articles

The Three C’s of a Quality Cloud Audit

This article outlines Protiviti's comprehensive cloud audit approach, which is based on leading practices and frameworks...
Subscriber Content
Mon, Jul 5, 2021
Audit Programs

Vulnerability Assessment Audit Work Program

This audit program sample offers best-practice general steps for a vulnerability assessment audit, including key objecti...
Subscriber Content
Mon, Jul 5, 2021
Articles

Gone Phishing: Elaborate Scams Are on the Rise, Are You Smart Enough to Recognize Them?

Protiviti Managing Director Michael Lyons shares a personal experience with, and an in-depth analysis of, a sophisticate...
Subscriber Content
Mon, Jun 21, 2021