In this issue of Board Perspectives: Risk Oversight, we make suggestions for boards to consider as they enhance their ri...

This work program will assist audit teams with identifying risks and related controls for logical security administratio...

Design and implement your organization’s internal controls with the COSO internal control framework included in this gui...

In this issue of Board Perspectives: Risk Oversight, we present four considerations for managing cybersecurity risk.

This issue of Board Perspectives: Risk Oversight discusses 10 examples of social business risks every company should mon...

In this booklet, we provide guidance to Section 404 compliance project teams on the consideration of information technol...

This sample outlines a set of policies and procedures governing access to production systems and applications, and the d...

The purpose of this policy is to define the roles, activities, and responsibilities of administrators with regard to acc...

The following sample policy outlines a set of policies and procedures governing user authentication and authorization an...

This sample outlines a set of policies and procedures designed to provide an orderly process in which changes to a compa...

The purpose of this security policy is to outline the user’s responsibilities in ensuring updates and maintenance of ant...

The objective of this audit work program is to evaluate a business’s ability to detect unauthorized system access attemp...