Published By: ITinvolve
Published Date: Jun 01, 2012
Demonstrating PCI compliance with policies and regulations is an IT necessity, especially when periodic audits are conducted. ITinvolve has a better approach to change management with the capability to identify official PCI systems and their associated policies and documentation thus eliminating manual processes and reducing the risk of errors and delays.
All organizations should aspire to have the people, processes, and tools necessary to effectively execute an on-going penetration testing program. Failure to do so may result in poor tool selections, testing mistakes, and faulty interpretation of results that often lead to a false sense of security putting the enterprise at risk. IT security and audit staff, along with their managers and directors, should read this paper to clarify any misunderstandings about penetrating testing - from the true purposes and goals, to important process considerations, to tools and tester selection issues, and finally to safe and effective ethical hacking approaches.
Published By: AuditBoard
Published Date: Nov 26, 2018
Aggregating and analyzing internal organizational data, external subject matter expertise, and internal control-related data should provide the internal audit team a solid understanding of how the process works, the key risks managed by the process, and how the internal audit team should spend their time and resources to carry out the process.
Published By: Tripwire
Published Date: Jul 08, 2008
The Tripwire Enterprise solution provides organizations with powerful configuration control through its configuration assessment and change auditing capabilities. In this white paper, learn how with Tripwire Enterprise, organizations can quickly achieve IT configuration integrity by proactively assessing how their current configurations measure up to specifications as given in ISO 27001. This provides immediate visibility into the state of their systems, and through automating the process, saves time and effort over a manual efforts.
While software license costs are a major expense, most companies spend very little time managing this critical and widely distributed asset until an audit occurs or a cost reduction program forces attention. This should be the year you flip from being reactive to being proactive in dealing with software asset and license management. Costs savings and peace of mind are just two of the benefits that you will realize.
In this Webcast an analyst from Frost and Sullivan will go over the results of a recently published white paper on this topic and Deloitte & Touche will discuss the benefits their customers have gained in automating their license management processes.
View this Webcast to learn how you can reclaim licenses, avoid unnecessary license costs, achieve continuous compliance, and improve risk management.
In a recent survey of CEOs by the consulting firm PWC, over half of the executives surveyed said, lack of talent meant they either cancelled/delayed a strategic initiative, were unable to pursue a market opportunity, or could not innovate effectively. A talent audit can help your organization avoid those issues and ensure that you have the right talents in the right places at the right times. Today and tomorrow.
In this how-to guide we lay out the key tactics for getting non-HR leaders to support HRs talent management agenda. We outline five big principles of persuasion followed by five big tactics specific to communicating the value of strategic talent management.
Evaluating and managing the media buying processes for advertisements Warner Bros. purchases from its six sister companies can be time consuming and complicated. Generating reports for media purchased by each of Time Warner’s 2,500 media suppliers and comparing Warner Bros.’ spend decisions with competitors creates the need for internal resources dedicated specifically to focus on it – taking time away from other activities.
Since the National Association of Insurance Commissioners (NAIC) made revisions to the Financial Reporting Model Regulation (Model Audit Rule) in June 2006, the insurance industry’s attention to the risks associated with financial reporting has been on the rise. Structured similarly to Section 404 of the SarbanesâOxley Act, the Model Audit rule places a significant burden on Câlevel executives to ensure their oversight in the internal controls for financial reporting (ICFR) process. Executives within these insurance organizations, both public and private, will be required to evaluate their internal controls in preparation for the first reports due in 2010 for the 2009 reporting period.
Published By: Accusytem
Published Date: Apr 13, 2011
Banks that have successfully implemented document imaging applications, developed comprehensive polices and diligently follow consistent procedures reap the benefits of efficiencies in loan portfolio management (even more efficiencies if the bank does enterprise-wide imaging), increased productivity, diminished loan policy and document exceptions and streamlined audit and examination processes.
The intent of this whitepaper is to explain the business requirement for physically auditing assets, to explore the bene?ts associated with conducting physical audits and to provide a step by step process for performing them.
Published By: ServiceNow
Published Date: Apr 19, 2013
Unauthorized software, painful software license compliance audits, long fulfillment times, limited visibility, unaccountability... if these issues sound familiar, you are not alone. These are real challenges faced by many IT organizations - with serious consequences if not properly addressed.
During our Software Asset Management webinar you will learn how having asset, configuration and other service management processes together in one system of record provides the control and visibility you need to overcome these challenges.
Published By: ServiceNow
Published Date: Jul 12, 2013
Organizations are faced with many auditing challenges and often find themselves defining controls in documents and spreadsheets, manually tracking audit task assignments and storing audit documentation in disparate locations. With the ServiceNow IT GRC functionality, organizations gain a central repository that contains policies, risks, controls, findings and more all in one place. It also provides a way to automate audit tasks for remediation efforts and a dashboard view to manage the entire audit process. Learn more during this upcoming webinar.
If your company is engaged in international activities, it's critical that you assess and understand the risks of non-compliance with the Foreign Corrupt Practices Act (FCPA). To avoid becoming a costly statistic, you need to design your controls accordingly.
Download this white paper from experts Joseph Howell, Cofounder and Executive Vice President at Workiva, and Brent Macey, Director of Internal Audit for Schnitzer Steel Industries, Inc. They'll discuss the major components of the FCPA, and how companies can perform the risk assessment process in an efficient manner. They'll also provide a practical guide to implement internal controls for FCPA at an international level.
How are some companies decreasing audit fees in the face of pressure to increase them? In this follow-up report to the 2015 Audit Fee Survey, Financial Executives Research Foundation interviewed several senior-level financial executives and audit partners. These interviews revealed best practices in mitigating increases in audit fees and how to work more efficiently and effectively with auditors.
Access this report to learn the reasons for increased audit fees and the impact of PCAOB inspections. You'll also discover how to review current audit focus areas, improve internal controls, automate processes, and review audit hours and fees.
All organizations should aspire to have the people, processes, and tools necessary to effectively execute an on-going penetration testing program. Failure to do so may result in poor tool selections, testing mistakes, and faulty interpretation of results that often lead to a false sense of security putting the enterprise at risk. IT security and audit staff, along with their managers and directors, should read this paper to clarify and misunderstandings about penetrating testing - from the true purposes and goals, to important process considerations, to tools and tester selection issues, and finally to safe and effective ethical hacking approaches.