IT Risk

The following 255 items are listed by Content Data.
Audit Programs

Firewall Audit Work Program

This tool contains four sample work programs that provide general steps organizations can use for conducting a firewall ...
Subscriber Content
Mon, Sep 19, 2022
Methodologies & Models

IT General Controls Capability Maturity Model (CMM)

This capability maturity model can be used to measure the maturity of an organization’s IT general controls and to assis...
Subscriber Content
Mon, Sep 12, 2022
Methodologies & Models

IT Support Service Desk Capability Maturity Model (CMM)

This capability maturity model can be used to measure the maturity of an organization’s IT support service desk manageme...
Subscriber Content
Mon, Sep 5, 2022
Policies & Procedures

Information Technology (IT) Security Policy

This document contains three sample policies that establish guidelines an organization should follow to ensure that its ...
Subscriber Content
Mon, Aug 15, 2022
Methodologies & Models

Security Management Capability Maturity Model (CMM)

This capability maturity model can be used to measure the maturity of an organization’s security management process and ...
Subscriber Content
Mon, Aug 15, 2022
Audit Programs

Network Device Configuration Management Audit Work Program

This work program template highlights general steps an organization should follow with respect to effective network devi...
Subscriber Content
Mon, Aug 8, 2022
Methodologies & Models

Security Risk Management Capability Maturity Model (CMM)

This capability maturity model can be used to measure the maturity of an organization’s security risk management process...
Subscriber Content
Mon, Jul 11, 2022
Policies & Procedures

Firewall Administration Policy

This tool contains two policies that establish procedures and requirements to ensure the appropriate protection and cont...
Subscriber Content
Mon, Jul 4, 2022
Policies & Procedures

Security Incident Policy

This policy can be used to employ system-monitoring tools that will automatically email or page IT department personnel ...
Subscriber Content
Mon, Jun 27, 2022
Articles

Protiviti's Claire Gotham and Tyler Chase on Powering the City of the Future

As IoT grows exponentially, data platforms will become more important in ensuring that the energy needed to run a city i...
Subscriber Content
Mon, Jun 6, 2022
Policies & Procedures

Password Security Policy

This tool contains four sample policies that establish a company’s guidelines regarding secure and consistent system pas...
Subscriber Content
Mon, May 23, 2022
Policies & Procedures

IT Contingency Planning Policy

The purpose of this policy is to ensure that information system resources and business processes are protected against s...
Subscriber Content
Mon, May 16, 2022
Policies & Procedures

Virus Protection Policy

This tool contains four sample policies that define best-practice guidelines and procedures for protecting company compu...
Subscriber Content
Mon, May 16, 2022
Risk & Control Matrices - RCMs

Manage Data Center Operations: Metadata Management RCM

This document outlines risks and controls common to metadata management in a risk control matrix (RCM) format.
Subscriber Content
Mon, Feb 28, 2022
Risk & Control Matrices - RCMs

Manage Data Center Operations: Reference and Master Data Management RCM

This document outlines risks and controls common to reference and master data management in a risk control matrix (RCM) ...
Subscriber Content
Mon, Dec 20, 2021
Benchmarking Tools

Transaction Authority Risk Key Performance Indicators (KPIs)

This tool contains performance measures and questions an organization can use to enforce and ensure the validity of tran...
Subscriber Content
Mon, Dec 13, 2021
Risk & Control Matrices - RCMs

Manage Data Center Operations: Data Warehouse and Business Intelligence Management RCM

This document outlines risks and controls common to data warehouse and business intelligence management in a risk contro...
Subscriber Content
Mon, Dec 6, 2021
Policies & Procedures

Telecommunication Usage Policy

This sample policy defines guidelines and procedures organizations should follow when using telecommunications systems.
Subscriber Content
Mon, Oct 25, 2021
Policies & Procedures

IT Risk Assessment Policy

The objective of this policy is to provide a standardized approach and operating instructions for the execution of a com...
Subscriber Content
Mon, Oct 18, 2021
Policies & Procedures

Vendor Risk Management Policy

This sample policy contains guidelines and procedures employees should follow when overseeing third-party entities.
Subscriber Content
Mon, Oct 4, 2021
Audit Reports

Enterprise Resource Planning Upgrade Audit Report

Auditors can use this audit report template for conducting and documenting the results of an enterprise resource plannin...
Subscriber Content
Mon, Aug 9, 2021
Policies & Procedures

Network Access Control Devices Policy

The purpose of this sample policy is to ensure that all company network devices and firewalls are properly identified an...
Subscriber Content
Mon, Jul 5, 2021
Articles

As Organizations Transform, the Role of the Project Manager Is Changing

This article explores the evolution of project management and offers next-gen actions project managers can take to estab...
Subscriber Content
Mon, Jun 28, 2021
Job Descriptions

Chief Information Officer (CIO) Job Description

This job description sample summarizes the responsibilities, key selection criteria and general information for the role...
Subscriber Content
Mon, Jun 21, 2021
Articles

Excellence Starts at Home: Why CEOs Should Hold Functional Leaders Accountable for Serving Their Internal Customers

Protiviti Associate Director Michael Allenson explains why the internal customer experience (iCX) should be more popular...
Subscriber Content
Mon, Jun 14, 2021
Audit Programs

Intranet Audit Work Program

This work program sample highlights general steps an organization should follow when performing an intranet audit.
Subscriber Content
Mon, Jun 14, 2021
Regulatory Updates

President Biden Executive Order to Strengthen U.S. Cybersecurity

Read this Flash Report to understand the executive order's key provisions and what it may mean for your organization in ...
Subscriber Content
Mon, Jun 14, 2021
Audit Programs

Privacy Audit Work Program

This sample work program highlights risks to consider and general steps to take when facilitating a privacy audit.
Subscriber Content
Mon, Jun 7, 2021
Benchmarking Tools

Data Integrity Risk Key Performance Indicators (KPIs)

This tool contains key performance indicators and questions an organization can use to manage its data integrity process...
Subscriber Content
Mon, May 10, 2021
Benchmarking Tools

Project Management Risk Key Performance Indicators (KPIs)

This tool contains leading practices and questions companies should consider when creating their project management stra...
Subscriber Content
Mon, May 3, 2021
Benchmarking Tools

Records Management Risk Key Performance Indicators (KPIs)

This tool contains key performance indicators and questions an organization can use to evaluate its record management pr...
Subscriber Content
Mon, May 3, 2021
Benchmarking Tools

System Design Risk Key Performance Indicators (KPIs)

This tool includes key performance indicators and questions an organization should use to evaluate and manage its system...
Subscriber Content
Mon, Apr 26, 2021
Policies & Procedures

Enterprise Assessment and Monitoring Policy

The purpose of this policy is to develop a consistent method for scheduling and managing company IT security assessment ...
Subscriber Content
Mon, Apr 19, 2021
Memos

IT Network Security Scope Memo

The purpose of this memo is to document the assumptions and decision criteria used in scoping the documentation efforts ...
Subscriber Content
Mon, Apr 19, 2021
Audit Programs

Business Continuity Management Audit Work Program

This tool contains three sample work programs that provide general steps organizations can take when conducting a busine...
Subscriber Content
Mon, Apr 5, 2021
Benchmarking Tools

IT Performance Risk Key Performance Indicators (KPIs)

This tool outlines leading practices and questions for organizations to consider when evaluating IT performance.
Subscriber Content
Mon, Apr 5, 2021
Policies & Procedures

Connection to Untrusted Network Standard Policy

This sample policy documents security requirements surrounding network access between a company’s computer network and u...
Subscriber Content
Mon, Mar 8, 2021
Policies & Procedures

Data Access and User Authentication Policy

The purpose of this access management policy is to ensure that access to all company systems and applications is properl...
Subscriber Content
Mon, Mar 8, 2021
Policies & Procedures

IT Auditing and Logging Standard Policy

The purpose of this auditing and logging standard is to ensure that all company systems are auditable and that proper pr...
Subscriber Content
Mon, Feb 8, 2021
Benchmarking Reports

2021 IT Audit Benchmarking Survey

Cybersecurity, privacy, data and resilience dominate the top technology challenges for organizations, according to the a...
Subscriber Content
Mon, Jan 25, 2021
Policies & Procedures

IT and Telephony Systems Acceptable Use Policy

This sample policy outlines guidelines and procedures common to proper use of a debt manager’s IT and telephony equipmen...
Subscriber Content
Mon, Jan 25, 2021
Policies & Procedures

Mobile Device Acceptable Use Policy

This sample policy defines standards, procedures and restrictions for end users required to access corporate data from m...
Subscriber Content
Mon, Jan 11, 2021
Policies & Procedures

Spreadsheet Controls Policy

This tool contains two samples that outline policies and procedures to give guidance and ensure compliance related to fi...
Subscriber Content
Mon, Nov 9, 2020
Articles

A Different Front in the COVID-19 Outbreak: Information Security

This article explores some of the IT factors that administrative and IT health care workers must stay focused on through...
Subscriber Content
Mon, Sep 28, 2020
Audit Reports

Technical Support Function Audit Report

This sample audit report can be used by auditors for reviewing and noting opportunities for operational and control impr...
Subscriber Content
Mon, Sep 14, 2020
Guides

IT and Business Risk Alignment Guide

This tool can be used as a guide for understanding and assessing an organization’s IT and business risk alignment proces...
Subscriber Content
Mon, Aug 31, 2020
Audit Reports

IT Asset Management Audit Report

This sample audit report can be used to improve and better understand an organization's IT asset management (ITAM) proce...
Subscriber Content
Mon, Aug 31, 2020
Audit Programs

Social Engineering Audit Work Program

This sample work program provides general steps organizations should follow when performing a social engineering audit.
Subscriber Content
Mon, Aug 24, 2020
Articles

Respond and Learn: COVID-19 Disruption Provides Opportunities to Improve Operational Resilience

This article provides some insight on the leading practices to help businesses respond, recover and reemerge from the CO...
Subscriber Content
Mon, Aug 17, 2020
Checklists & Questionnaires

Spreadsheet Risk Optimization Questionnaire

This questionnaire outlines the process to identify who manages critical spreadsheets within an organization and identif...
Subscriber Content
Mon, Aug 10, 2020
Audit Reports

Corporate Treasury Review Audit Report

This document contains three sample audit reports that can be used by auditors to learn how other organizations conducte...
Subscriber Content
Mon, Aug 3, 2020
Audit Programs

IT Continuity Review Audit Work Program

This sample audit program includes steps that can be used to audit an organization’s IT continuity process.
Subscriber Content
Mon, Aug 3, 2020
Checklists & Questionnaires

Internal Audit Risk Assessment Questionnaire

This tool contains three sample internal audit risk assessment templates that provide questions organizations can use fo...
Subscriber Content
Mon, Jul 20, 2020
Checklists & Questionnaires

System Development Life Cycle Questionnaire

This tool contains two sample documents that highlight questions to consider when creating and measuring an organization...
Subscriber Content
Mon, Jul 20, 2020
Policies & Procedures

Disaster Recovery Team Policy

This policy provides guidelines and standards an organization can follow when reviewing and improving its disaster recov...
Subscriber Content
Mon, Jun 22, 2020
Audit Programs

IT General Controls Audit Work Program

This tool contains three sample work programs that provide general steps an organization should consider when evaluating...
Subscriber Content
Mon, May 25, 2020
Checklists & Questionnaires

Business Process Re-Engineering Questionnaire

This tool outlines questions to consider for measuring and restructuring organizations’ business processes.
Subscriber Content
Mon, May 4, 2020
Benchmarking Reports

A Look at Key IT Audit Issues: Six Focal Points for CAEs

This paper shares six items at the top of IT audit leaders’ growing priority lists that should resonate with CAEs, based...
Subscriber Content
Mon, Mar 16, 2020
Articles

Getting Ready for the Threat of Cyber Warfare

This article explains the recent rise in malicious cyber activity directed at U.S. industries and government agencies an...
Subscriber Content
Mon, Mar 16, 2020
Articles

Operational Resilience Supervision Moves into High Gear with Latest Consultation Papers for UK Institutions

This article describes the scope of finance firms’ compliance obligations with operational resilience and provides addit...
Subscriber Content
Mon, Feb 24, 2020
Policies & Procedures

IT Data Management Policy

This tool contains two sample policies that outline guidelines and procedures common to an organization's IT data manage...
Subscriber Content
Mon, Feb 10, 2020
Audit Reports

IT Compliance Review Report

This sample audit report can be used to review and better understand an organization’s IT compliance process.
Subscriber Content
Mon, Jan 13, 2020
Methodologies & Models

Project Management Methodology

This sample document can be used as a guide for understanding and reviewing an organization’s project management process...
Subscriber Content
Mon, Jan 13, 2020
Articles

Report: UK Regulators Urged to Hold Firms and Individuals Accountable for “Unacceptable” Number of IT Failures

This article provides a list of questions that can be used to stimulate a discussion on operational resilience at the bo...
Subscriber Content
Mon, Jan 6, 2020
Articles

AI in the Technology Industry

This article examines the issues that technology companies must navigate as they continue to invest in artificial intell...
Subscriber Content
Mon, Dec 16, 2019
Articles

The New Tech Balance: Innovation, Talent and Responsibility

This article outlines three necessary pillars of tech balance that can help tech companies thrive today and in the futur...
Subscriber Content
Mon, Nov 11, 2019
Articles

Internal Auditing Around the World, Volume 15: Dawn of the Audit Bots

This article examines some of the key characteristics of next-gen internal audit, drawing directly from the experiences ...
Subscriber Content
Mon, Nov 4, 2019
Newsletters

Responsible Privacy: Is the Board Doing Its Part?

This issue of Board Perspectives: Risk Oversight discusses some of the important points covered during Protiviti’s meeti...
Subscriber Content
Mon, Oct 28, 2019
Performer Profiles

Deutsche Telekom: Stronger Connections — Internationalizing Internal Audit

In this profile, Maria Rontogianni, group audit and group risk governance senior vice president at Deutsche Telekom, dis...
Subscriber Content
Mon, Oct 21, 2019
Articles

Leaders in Audit: How the Financial Services Industry Is Applying Next-Gen Audit Practices

This article outlines the next-generation audit efforts employed by leading financial services industry organizations lo...
Subscriber Content
Mon, Oct 14, 2019
Articles

Capitalizing on Predictive Maintenance (PdM) Benefits in Manufacturing

This article explores the operational and financial benefits of PdM and suggests ways an organization can deploy a PdM s...
Subscriber Content
Mon, Oct 7, 2019
Performer Profiles

Country Road Group and David Jones: Influencing Stakeholders via Commercial Insights

In this profile, Mark Rogan, regional head of internal audit at Country Road Group and David Jones, highlights how his t...
Subscriber Content
Mon, Oct 7, 2019
Newsletters

How Does Your Company Measure Up Against Digital Leaders?

This issue of Board Perspectives: Risk Oversight discusses five levels of digital maturity: digital skeptic, digital beg...
Subscriber Content
Mon, Sep 23, 2019
Articles

Cyber Risks Drawing Increased Scrutiny in Public Company Transition

In this article, Protiviti Managing Directors Nicholas Spinks and David Taylor explain how important it is to sharpen th...
Subscriber Content
Mon, Sep 16, 2019
Articles

Accelerating RPA Maturity: Three Ways Consumer Products and Retail Companies Can Step Up Their Game

This article explains some of the reasons consumer products and retail companies struggle to move beyond the planning an...
Subscriber Content
Mon, Sep 9, 2019
Articles

Energy and Utilities Companies Can Build an On-Ramp to the AI Fast Lane With Intelligent Automation

This article provides tips to help an organization create a road map that will lead them toward sustained innovation exc...
Subscriber Content
Mon, Sep 9, 2019
Newsletters

PreView: Protiviti's View on Emerging Risks, July 2019

In this issue of PreView, we address selected cloud-related risks, such as vendor lock-in, legal holds and cloud vendor ...
Subscriber Content
Mon, Sep 2, 2019
Articles

Programs, Policies, Principles and People Can Move ‘‘Ethical AI’’ From a Nebulous Concept to a Meaningful Practice

This article describes four key areas organizations should consider for the ethical development and use of AI.
Subscriber Content
Mon, Sep 2, 2019
Methodologies & Models

Staffing and Professional Services Risk Model

This staffing and professional services risk model focuses on risks that are inherent to the organization from the envir...
Subscriber Content
Mon, Sep 2, 2019
Articles

Who Is Watching the Bots? Part Two: Operational Challenges and Solutions

Part two of our RPA discussion addresses several operational challenges related to security, change management and busin...
Subscriber Content
Mon, Sep 2, 2019
Articles

Paving the Way for Sustainable RPA

This article explains how an organization can effectively manage the transition to sustainable long-term RPA solutions a...
Subscriber Content
Mon, Aug 26, 2019
Articles

Who Is Watching the Bots? Part One: RPA Governance

This article explains how robotic process automation (RPA) at scale requires good governance to enable success while hel...
Subscriber Content
Mon, Aug 19, 2019
Articles

Overcoming ERP Change Management Challenges: Part Two

Part one of this discussion with Protiviti’s Ronan O’Shea and Kathie Topel introduced some of the biggest challenges com...
Subscriber Content
Mon, Aug 5, 2019
Articles

Three Risks and Opportunities for Technology, Media and Telecommunications Companies

This article takes a look at three risks that leaders of technology, media and telecommunications (TMT) companies will w...
Subscriber Content
Mon, Aug 5, 2019
Articles

Bridging the Divide: Auditing Digital Risk

This article focuses on strategies organizations should incorporate to transform their digital capability and maturity, ...
Subscriber Content
Mon, Jul 29, 2019
Articles

Overcoming ERP Change Management Challenges: Part One

This article, based on a conversation with Protiviti’s Ronan O’Shea and Kathie Topel, outlines effective ERP implementat...
Subscriber Content
Mon, Jul 29, 2019
Articles

Pace of Change and Resource Allocation Continue to Challenge Companies’ Vendor Risk Management, New Survey Confirms

This article discusses the advancement an organization can achieve by enhancing its vendor risk management efforts, base...
Subscriber Content
Mon, Jul 29, 2019
Newsletters

Is Your Board Focused on the Right Risks?

This issue of Board Perspectives: Risk Oversight highlights the key points defining our road map for strengthening the b...
Subscriber Content
Mon, Jul 22, 2019
Articles

Identity and Access Management in Financial Services: Staying Ahead of the Curve

Here, Protiviti’s Carol Beaumier and Matthew Kotraba discuss security and privacy trends in financial services and sugge...
Subscriber Content
Mon, Jul 15, 2019
Checklists & Questionnaires

IT Planning Questionnaire

This sample questionnaire can be used to help organizations brainstorm how they can develop a deeper knowledge of the IT...
Subscriber Content
Mon, Jul 15, 2019
Articles

Artificial Intelligence: Can Humans Drive Ethical AI?

As AI-enabled technologies become an ingrained part of our everyday business world, it is important to step back and loo...
Subscriber Content
Mon, Jul 8, 2019
Articles

Energy and Utilities Firms Need to Prepare for a Digital Future

Protiviti Managing Directors Tyler Chase and Evan Campbell offer advice on how to recognize and take stock of the powerf...
Subscriber Content
Mon, Jul 8, 2019
Articles

Corporate Social Responsibility: Are Tech Firms Doing Enough?

In this podcast transcript, Protiviti leaders Gordon Tucker, Jim DeLoach and Matt Moore discuss corporate social respons...
Subscriber Content
Mon, Jul 1, 2019
Audit Reports

IT Strategy Gap Assessment Report

Strategic alignment between business goals and drivers and IT's goals and initiatives is a critical area for most organi...
Subscriber Content
Mon, Jul 1, 2019
Articles

Leadership Succession Continues to Challenge Consumer Products and Services Companies

In this article, Protiviti Managing Director Rick Childs takes a look at the risk issues affecting the consumer products...
Subscriber Content
Mon, Jul 1, 2019
Articles

Ignoring Naysayers, Blockchain Forges Ahead in Bid to Restore Trust in Business and Government

This article from Protiviti’s Ed Page and Kevin Gray explores the possibilities of blockchain, providing guidance on dev...
Subscriber Content
Mon, Jun 24, 2019
Articles

Making RPA Sustainable

Adhering to the three basic principles described in this article will help enterprises ensure that they can achieve and ...
Subscriber Content
Mon, Jun 24, 2019
Articles

Cyber Risk Assessment: Moving Past the ‘‘Heat Map Trap’’

In this article, Protiviti Associate Director Vince Dasta offers a clear path to implementing a risk assessment program ...
Subscriber Content
Mon, Jun 17, 2019
Checklists & Questionnaires

IT Capacity and Scalability Risk Questionnaire

This questionnaire outlines business risks and leading practices for both capacity and scalability in the IT business en...
Subscriber Content
Mon, Jun 17, 2019
Articles

Top Risks 2019: Anxiety Grows Over ‘‘Born Digital’’ Competitors

In this article, Protiviti Managing Director Jonathan Wyatt explains what organizations need to do to obtain a true digi...
Subscriber Content
Mon, Jun 17, 2019
Articles

A Clear and Broad View of Digital Transformation Can Create Long-Term Value for Manufacturing Firms

This article explains how manufacturing businesses can apply RPA, AI, machine learning and other technologies to specifi...
Subscriber Content
Mon, Jun 10, 2019
Checklists & Questionnaires

IT Selection and Integration Risk Questionnaire

IT integration is a process in which separately produced components or subsystems are combined and problems in their int...
Subscriber Content
Mon, Jun 10, 2019
Newsletters

The Future Auditor Goes Digital

This issue of The Bulletin discusses the future auditor’s journey to a next-generation function.
Subscriber Content
Mon, Jun 10, 2019
Newsletters

Getting More from Internal Audit in the Digital Age

This issue of Board Perspectives: Risk Oversight focuses on two questions: Is internal audit adjusting quickly enough to...
Subscriber Content
Mon, Jun 3, 2019
Articles

Planning to Go Public in 2019? How to Get and Stay IPO-Ready Through the Government Shutdowns and Other Market Conditions

If your organization is considering a public offering in 2019, we recommend you review this article to learn the fundame...
Subscriber Content
Mon, May 27, 2019
Articles

Emerging Technology Companies: Create Your Game Plan Now for Going Public

This article suggests a few questions that emerging technology companies may want to weigh as they formulate their game ...
Subscriber Content
Mon, May 20, 2019
Articles

Getting Operational Resilience Right

This article outlines six key actions firms should be taking to support and evolve their approach to operational resilie...
Subscriber Content
Mon, May 20, 2019
Articles

Leveraging Technology to Ensure Sustainability of Privacy

This article explores some of the considerations organizations are making to refine processes and become more efficient ...
Subscriber Content
Mon, May 20, 2019
Requests for Proposals - RFPs

Request for Qualifications: IT Professional Services Qualified Vendor List

This is a sample request for qualified IT services to help create an IT vendor list for multiple-year projects. The info...
Subscriber Content
Mon, May 20, 2019
Articles

Armed with Artificial Intelligence, Hackers and the Guardians of IT Square Off on a New Digital Battleground

This article explores the virtual ‘‘battle of the bots’’ between cyber thugs and those tasked with blocking their invasi...
Subscriber Content
Mon, May 13, 2019
Articles

Digital Readiness, Talent Retention Top Executive Concerns in 2019, Survey Reveals

This article highlights some of the most intriguing results and insights from this year’s Executive Perspectives on Top ...
Subscriber Content
Mon, May 6, 2019
Articles

Enhancing Security Strategy for Cloud-Based Technology

This article includes strategies for addressing cloud risk; the importance of architectural decisions; next steps organi...
Subscriber Content
Mon, May 6, 2019
Articles

Next-Generation Internal Auditing: Addressing Risk in the Midst of Rapid Change

At the 2018 SIFMA Internal Audit Society Annual Conference, Protiviti sponsored a breakout session of future-minded inte...
Subscriber Content
Mon, Apr 29, 2019
Articles

The Responsible Tech Firm Series Part 4: Corporate Social Responsibility

Protiviti has published a four-part series on key considerations for the responsible technology firm of the future. This...
Subscriber Content
Mon, Apr 29, 2019
Articles

Hamstrung by Technology: What Organizations Can Do Now to Address Technical Debt

Ed Page, a managing director with Protiviti’s Technology Strategy practice, provides his insights on the growing risk of...
Subscriber Content
Mon, Apr 22, 2019
Articles

Why Organizations Should Consider a Cybersecurity Program Office

In this article, Protiviti Managing Directors Cal Slemp and Andrew Retrum explain how establishing a cybersecurity progr...
Subscriber Content
Mon, Apr 22, 2019
Articles

Cybersecurity in the Technology Industry

In this white paper, Protiviti examines how technology firms assess the implementation of their cybersecurity programs a...
Subscriber Content
Mon, Apr 15, 2019
Articles

Trends in Cybersecurity Breach Disclosures

In this article, Audit Analytics summarizes some of the notable trends and statistics found in its Trends in Cybersecuri...
Subscriber Content
Mon, Apr 8, 2019
Articles

Building Bot Boundaries: RPA Controls in SOX Systems

This article examines some of the SOX compliance challenges that may result from an RPA implementation and how to avoid ...
Subscriber Content
Mon, Apr 1, 2019
Articles

Quantifying Cyber Risk: Takeaways From FAIRCON18

This article shares some of the key takeaways from the speakers and panel discussions at the FAIR Institute’s FAIRCON18 ...
Subscriber Content
Mon, Apr 1, 2019
Newsletters

Sharpening the Focus on Cybersecurity

This issue of Board Perspectives: Risk Oversight takes a fresh look at the often-discussed topic of cybersecurity, offer...
Subscriber Content
Mon, Apr 1, 2019
Articles

Trends in Tech: What Emerging Technology Firms Must Keep an Eye On

This article takes a look at three emerging tech trends that were hot topics for discussion at the 2018 TechCrunch Disru...
Subscriber Content
Mon, Apr 1, 2019
Articles

Cloud Solutions in Healthcare Should Not Be Shunned, and Here’s Why

Many healthcare organizations resist innovations that could help them adapt more easily to today’s demands by patients a...
Subscriber Content
Mon, Mar 25, 2019
Newsletters

Making Management Risk Committees Effective

This issue of Board Perspectives: Risk Oversight provides six suggestions for forming and operating management risk comm...
Subscriber Content
Mon, Mar 25, 2019
Articles

The Responsible Tech Firm Series, Part 3: Preparing for the Regulatory Wave

Protiviti Managing Directors Gordon Tucker and Matthew Moore add to the insights offered in Part Three of Protiviti’s re...
Subscriber Content
Mon, Mar 25, 2019
Articles

Success Factor: The People Side of Digital Transformation

Everybody knows that organizations are primarily made of people. Yet too often, the people side of digital transformatio...
Subscriber Content
Mon, Mar 18, 2019
Articles

Creating Business Value Through Effective Third-Party Risk Management Auditing

This article outlines some of the notable observations and takeaways from the 2018 IIA Financial Services Exchange confe...
Subscriber Content
Mon, Mar 11, 2019
Articles

Deploying Robots Upstream: How to Evaluate the Opportunities and Make the Business Case

This article explores how exploration and production companies within the oil and gas industry can use RPA by demonstrat...
Subscriber Content
Mon, Mar 11, 2019
Newsletters

The Top Risks for 2019

This issue summarizes five key takeaways from the 2019 Executive Perspectives on Top Risks survey and ranks the highest-...
Subscriber Content
Mon, Jan 28, 2019
Articles

Companies Must Commit to Mastering the Basics to Strengthen Their Cybersecurity Posture

This article examines some of the reasons consumer products and services companies are still making slow progress in the...
Subscriber Content
Mon, Jan 14, 2019
Articles

Is Your Company Approaching Digital Transformation in the Right Way?

Protiviti Digital Leader Jonathan Wyatt explains the difference between a true transformation and what he calls a ‘‘digi...
Subscriber Content
Mon, Jan 14, 2019
Articles

IT Governance in the Age of Digitalization

In the age of digitalization, a “strong” model of IT governance increasingly means that companies must be even more focu...
Subscriber Content
Mon, Jan 7, 2019
Audit Reports

IT Governance Review Report

Objectives of this sample IT governance report include gaining a high-level understanding of the organization's IT gover...
Subscriber Content
Mon, Jan 7, 2019
Benchmarking Reports

Executive Perspectives on Top Risks in 2019: Consumer Products and Services Industry Group Results

With ongoing industry disruption and many baby boomers retiring in the foreseeable future, consumer products and service...
Subscriber Content
Mon, Dec 31, 2018
Articles

Robotic Process Automation in Oil and Gas: An Overlooked Opportunity That Can Boost Profits Today

Oil and gas companies have fallen behind other industries in the adoption of robotic process automation, or RPA. Before ...
Subscriber Content
Mon, Dec 31, 2018
Audit Reports

Business Continuity/Disaster Recovery Program Assessment Report

This audit report sample focuses on whether an appropriate enterprise-wide governance structure is in place to manage th...
Subscriber Content
Mon, Dec 17, 2018
Articles

Why Internal Auditors Must Care About Blockchain

This article lists several unique technical risks that exist for blockchain, as well as discussion around how internal a...
Subscriber Content
Mon, Dec 17, 2018
Articles

CAQ’s New Cybersecurity Risk Management Oversight Tool: A Protiviti Analysis

This article examines the CAQ's new cybersecurity risk oversight tool and suggests how it might best be applied by board...
Subscriber Content
Mon, Dec 10, 2018
Benchmarking Reports

Executive Perspectives on Top Risks in 2019

This report contains extensive analysis of key insights on top risk concerns across several different dimensions, includ...
Subscriber Content
Mon, Dec 10, 2018
Articles

Time for Technology Companies to Commit to Women in Leadership Roles

A recent study found that companies with a 30 percent female executive team can realize as many as six percentage points...
Subscriber Content
Mon, Dec 10, 2018
Checklists & Questionnaires

Information Technology (IT) General Controls Questionnaire

This tool provides questions to consider when assessing a company’s information technology (IT) controls.
Subscriber Content
Mon, Dec 3, 2018
Articles

Internal Audit Capabilities and Needs: Great “Tech-Spectations”

Protiviti’s 2018 Internal Audit Capabilities and Needs Survey revealed that internal auditors need to evolve their analy...
Subscriber Content
Mon, Dec 3, 2018
Newsletters

Is Technical Debt Limiting Your Company’s Competitiveness?

This article presents options to address technical debt and create an organization’s overall road map that is tailored t...
Subscriber Content
Mon, Dec 3, 2018
Articles

Reality Check: Global Risks, Unexpected Opportunities on the Rise

This article explores some of the top risks impacting the World Economic Forum’s (WEF) five global risk categories – eco...
Subscriber Content
Mon, Dec 3, 2018
Checklists & Questionnaires

General Threat Questionnaire

This sample checklist can be used for risk assessment to identify failure scenarios and the likelihood and severity of d...
Subscriber Content
Mon, Nov 19, 2018
Articles

Making Fintech Fit — Banks Weigh Risks, Rewards of Fintech

Forward-thinking banks are acquiring and partnering with fintech firms to survive and thrive in an increasingly tech-ena...
Subscriber Content
Mon, Nov 12, 2018
Audit Reports

IT Risks and Controls Review Report

The objective of this audit report is to reduce the volume of controls across applications, infrastructure and IT proces...
Subscriber Content
Mon, Nov 5, 2018
Articles

Women in Cybersecurity: A Vital Subset of the Women in Tech Movement

Women have played and continue to play a remarkable role as inventors, programmers, problem-solvers and strategy-setters...
Subscriber Content
Mon, Nov 5, 2018
Articles

Five Common Identity and Access Management Pitfalls

This paper discusses five common identity and access management (IAM) pitfalls organizations run into today: lack of an ...
Subscriber Content
Mon, Oct 29, 2018
Articles

Going Digital? Make Data Strategy a Priority

This article provides guidance on what organizations should do in order to plan and implement a data strategy and also i...
Subscriber Content
Mon, Oct 29, 2018
Articles

Integration Prioritization Model for Identity Access Management

Protiviti recommends a simple identity access management (IAM) prioritization model based on risk, impact and friction. ...
Subscriber Content
Mon, Oct 29, 2018
Articles

Regulation at the Speed of Innovation: Developing an Adaptive Risk Strategy for Agile and DevOps Environments

DevOps—a concatenation of development and operations—is a fast and flexible approach to developing and delivering softwa...
Subscriber Content
Mon, Oct 29, 2018
Articles

AI and the Digital Future of the Insurance Industry

In this article, Protiviti’s Tyrone Canaday takes a dive into three areas that are undergoing the greatest change as a r...
Subscriber Content
Mon, Oct 15, 2018
Articles

The Responsible Technology Firm of the Future: Corporate Social Responsibility

This article, part four of Protiviti’s four-part series, explores ideas to enhance corporate social responsibility by in...
Subscriber Content
Mon, Oct 15, 2018
Articles

Market Volatility: Is Your IPO Ready to Go?

In this article, Protiviti’s Chris Wright explores some of the things IPO-bound companies should consider right now.
Subscriber Content
Mon, Oct 8, 2018
Articles

The Responsible Technology Firm of the Future: Market Forces

This article, part three of Protiviti’s four-part series, presents suggestions for maximizing the company’s innovative p...
Subscriber Content
Mon, Oct 8, 2018
Audit Reports

Business Continuity Software Research Report

This report assesses various business continuity software solution providers in the global market with the purpose of en...
Subscriber Content
Mon, Oct 1, 2018
Protiviti Booklets

Guide to Public Company Transformation

This guidance, now in its fourth edition, is designed to serve as a convenient and user-friendly resource that executive...
Subscriber Content
Mon, Sep 24, 2018
Articles

The Responsible Technology Firm of the Future: Part 1 of 4

This article provides a summary of and additional insights on Part 1 of Protiviti’s Responsible Technology series, which...
Subscriber Content
Mon, Sep 24, 2018
Checklists & Questionnaires

Internal Security Questionnaire

This tool provides questions for audit committees to consider when assessing internal security risks.
Subscriber Content
Mon, Sep 17, 2018
Audit Reports

IT General Controls Assessment Report

This sample report provides findings from a current IT general control framework review at a company.
Subscriber Content
Mon, Sep 10, 2018
Articles

The Responsible Technology Firm of the Future: A Rapidly Changing and Unpredictable Landscape

This article, part one in a four-part series, focuses on the changing landscape that is altering the conversation at the...
Subscriber Content
Mon, Sep 10, 2018
Articles

From Tried and True to Something New: The Energy and Utilities Industry Wrestles With Disruptive Innovation

In this article, Protiviti’s Tyler Chase explores how the energy and utilities industry is handling the risks associated...
Subscriber Content
Mon, Sep 3, 2018
Articles

Security Advisory: Meltdown and Spectre – Processor Flaws Expose Networks to New Class of Vulnerabilities

In this article, Protiviti’s Andrew Retrum describes two problematic computer hardware vulnerabilities—Meltdown and Spec...
Subscriber Content
Mon, Aug 20, 2018
Articles

Five Ways Technology, Media and Communications Companies Are Using RPA and AI to Save Money and Improve the Customer Experience

This article explores five emerging AI and RPA applications Protiviti is watching within the technology, media and commu...
Subscriber Content
Mon, Aug 6, 2018
Articles

Navigating Changing Dynamics of First Line Risk and Control Functions

In this article, we share Protiviti’s perspective in line with results from a recent survey of business risk and control...
Subscriber Content
Mon, Aug 6, 2018
Articles

Tech-tonic Shift: PreView Examines Seismic Risks Wrought by Technology

This article provides a synopsis of technology topics covered in a recent issue of Protiviti’s PreView newsletter, inclu...
Subscriber Content
Mon, Aug 6, 2018
Articles

Avoiding “IoT Inertia” in the Oil and Gas Sector Requires an IoT Strategy

This article covers the topic of “Internet of Things (IoT) Inertia” and explains how companies may struggle without a vi...
Subscriber Content
Mon, Jul 30, 2018
Performer Profiles

Accenture PLC: A Mission to Continuously Rotate to “the New”

Over the past six years, Accenture PLC has been working to accelerate its digital transformation so that it can more exp...
Subscriber Content
Mon, Jul 16, 2018
Audit Reports

SAP Change Management Review Audit Report

This sample audit report provides management with an assessment of its current state and associated SAP change managemen...
Subscriber Content
Mon, Jul 9, 2018
Articles

Cyber Risk Management Is Everyone’s Job, and Compliance Must Play Its Role

Global regulators are going to be looking for an “all lines of defense” approach when they assess an organization’s cybe...
Subscriber Content
Mon, Jul 2, 2018
Articles

Meaningful Cybersecurity Reporting: Measurement That Matters

Leadership is looking for metrics and insights to face today’s cybersecurity concerns. At the end of 2017, Protiviti spo...
Subscriber Content
Mon, Jun 11, 2018
Articles

AI in AML, Consumer Protection Developments Interview

This interview features Christine Bucy of Protiviti’s Risk and Compliance practice and Steven Stachowicz to discuss the ...
Subscriber Content
Mon, Jun 4, 2018
Protiviti Booklets

Internal Auditing Around the World: Volume 14

In Volume XIV of Protiviti’s Internal Auditing Around the World, we take a closer look at internal auditors’ challenges ...
Subscriber Content
Mon, Jun 4, 2018
Checklists & Questionnaires

General IT Controls Review: Disaster Recovery Questionnaire

This tool provides best practice questions to consider for a company’s disaster recovery plan.
Subscriber Content
Mon, May 7, 2018
Articles

Security Advisory: Hackers Target Remote Email Access

As organizations look for workable ways to accommodate an increasingly mobile work force with remote access to email, ha...
Subscriber Content
Mon, May 7, 2018
Benchmarking Reports

2018 Security Threat Report

Protiviti has compiled and quantified the vulnerability and threat discoveries from more than 500 in-depth security scan...
Subscriber Content
Mon, Apr 30, 2018
Articles

New IT Security Awareness Learning Library Is Designed to Help Workers Become Frontline Cyber Defenders for Their Employers

Employee training can go a long way toward improving an organization’s overall security posture. With that in mind, Prot...
Subscriber Content
Mon, Apr 23, 2018
Newsletters

The Cyber Risk Oversight Challenge

Every board today faces the challenge of overseeing the investment of finite protection resources in an ever-changing cy...
Subscriber Content
Mon, Apr 23, 2018
Benchmarking Reports

2018 IT Audit Benchmarking Survey

The results of the latest global IT Audit Benchmarking Study from ISACA and Protiviti paint a vivid picture of the ways ...
Subscriber Content
Mon, Apr 16, 2018
Articles

Agile Risk Management – Reinventing RCSAs

This paper covers Protiviti’s perspective on establishing and sustaining leading practices for risk identification and a...
Subscriber Content
Mon, Apr 16, 2018
Articles

In Vendor Risk Management, Cybersecurity, Data Governance and Broadening the Board’s Perspective Are Key Goals

More than half of respondents to the 2017 Vendor Risk Management Survey said they are extremely likely or somewhat likel...
Subscriber Content
Mon, Apr 9, 2018
Articles

Wealth 2022: Wealth and Asset Management Firms Need to Get the Trust Equation Right When Going Digital

This article summarizes some of the key points made at a Protiviti media breakfast in London talking about the impact of...
Subscriber Content
Mon, Apr 9, 2018
Articles

Digitalization Expands Audit Scope Into New Territory

Organizations across industries are racing to migrate analog approaches to customers, products, services and operating m...
Subscriber Content
Mon, Apr 2, 2018
Newsletters

Is Your Strategy Focused on Digital?

In this edition, Protiviti discusses four important activities for organizations to consider as they contemplate what di...
Subscriber Content
Mon, Jan 1, 2018
Checklists & Questionnaires

Information Security Risk Assessment Questionnaire

This IT risk assessment questionnaire is designed to assist with reviewing and documenting the risk profile of your orga...
Subscriber Content
Mon, Dec 18, 2017
Newsletters

How Long Does It Take to Implement a Patch?

A recent breach has raised serious questions about whether boards of directors and senior management are asking the righ...
Subscriber Content
Mon, Dec 4, 2017
Policies & Procedures

Information Technology Policy: Role-Based User Management

This sample policy ensures that there are additional controls in place to detect errors and safeguard company computers ...
Subscriber Content
Mon, Dec 4, 2017
Audit Reports

IT Risk Assessment Audit Report

This risk assessment audit report outlines findings from a high-level IT risk assessment at a company.
Subscriber Content
Mon, Oct 23, 2017
Checklists & Questionnaires

Risk Assessment Questionnaire

This questionnaire collects responses for a risk assessment as preparation for annual budgeting and business planning ef...
Subscriber Content
Mon, Sep 18, 2017
Checklists & Questionnaires

IT Risk Assessment Questionnaire

This tool includes risk assessment questions for both IT management and executive IT management.
Subscriber Content
Mon, Sep 4, 2017
Policies & Procedures

IT Network Access Policy

This sample policy outlines guidelines for granting, modifying and disabling network user access to a company’s network ...
Subscriber Content
Mon, Aug 14, 2017
Audit Reports

Cybersecurity Audit Report

This audit report presents the results of vulnerability assessments and penetration testing performed on an organization...
Subscriber Content
Mon, Jul 31, 2017
Methodologies & Models

Protiviti Risk Model

The Protiviti Risk Model is a comprehensive organizing framework for defining and understanding potential business risks...
Subscriber Content
Mon, Jul 31, 2017
Policies & Procedures

Internet and Email Acceptable Use Policy

This sample policy helps company employees optimize their use of the internet, protect confidential information, preserv...
Subscriber Content
Mon, Jul 24, 2017
Guides

Enterprise Risk Assessment Methodology for Internal Audit Plan Development Guide

This guide presents a detailed approach to enterprise risk assessment methodology for internal audit plan development.
Subscriber Content
Mon, Jul 17, 2017
Guides

Internal Audit’s Role in Cybersecurity Guide

This guide covers the definition of cybersecurity, types of threats and security methods, and internal audit’s role.
Subscriber Content
Mon, May 29, 2017
Benchmarking Tools

External Access Risk Key Performance Indicators (KPIs)

This tool outlines the business risks associated with inappropriate access to systems, data or information and suggests ...
Subscriber Content
Mon, May 22, 2017
Newsletters

Improving Your Company’s Risk Assessment Process

This issue of Board Perspectives summarizes 10 practices that will help management and directors maximize the value deri...
Subscriber Content
Mon, Apr 24, 2017
Newsletters

Overseeing the Organization’s Branding

This issue of Board Perspectives considers the role the board should play in overseeing management’s stewardship of the ...
Subscriber Content
Mon, Feb 27, 2017
Policies & Procedures

User Information Security Policy

This sample policy provides guidelines for securing user information.
Subscriber Content
Mon, Feb 20, 2017
Newsletters

The Most Important Risks for 2017

This issue of Board Perspectives discusses the top 10 risks for 2017 as identified in research conducted by North Caroli...
Subscriber Content
Mon, Jan 30, 2017
Policies & Procedures

Infrastructure Policy: Incident Response

This policy establishes the guidelines for preventing, detecting and responding to intrusions and unauthorized access to...
Subscriber Content
Mon, Dec 19, 2016
Policies & Procedures

Help Desk Infrastructure Policy

This policy establishes guidelines to help assign priority levels to problems reported by end users to a company's IT de...
Subscriber Content
Mon, Dec 5, 2016
Checklists & Questionnaires

Risk Oversight and Risk Management Questionnaire

The purpose of this risk management questionnaire is to help boards and management think about how they can develop a de...
Subscriber Content
Mon, Dec 5, 2016
Risk & Control Matrices - RCMs

Manage Systems Development Lifecycle (SDLC) RCM

This document outlines risks and controls common to the “manage systems development lifecycle (SDLC)” process in a risk ...
Subscriber Content
Mon, Nov 28, 2016
Memos

Enterprise Accounting System Post-Implementation Review Memo

This review focuses on the configurable application controls, application security, and segregation of duties for the ac...
Subscriber Content
Mon, Sep 12, 2016
Memos

Scope of Application Security Memo

This memo outlines the assumptions and decision used to scope the documentation efforts around application security.
Subscriber Content
Mon, Aug 15, 2016
Risk & Control Matrices - RCMs

Manage Service RCM

This document outlines risks and controls common to the "manage service" process in a risk and control matrix (RCM) form...
Subscriber Content
Mon, Aug 8, 2016
Newsletters

The Future Auditor Revisited

This issue of The Bulletin provides an update on the future auditor and its implications to internal audit’s value propo...
Subscriber Content
Mon, Aug 8, 2016
Audit Programs

Siebel/Oracle Information Security Audit Work Program

This audit program outlines procedures to evaluate six system control objectives.
Subscriber Content
Mon, Jun 27, 2016
Audit Programs

RACF Mainframe Controls Review Audit Work Program

This audit work program outlines detailed steps to review the controls for an RACF mainframe.
Subscriber Content
Mon, Jun 6, 2016
Newsletters

Emerging Risks: Looking Around the Corner

This article summarizes practical principles for recognizing emerging risks.
Subscriber Content
Mon, May 23, 2016
Memos

Data Breach Notification Memo

This memo's purpose is to notify an individual regarding the possibility of a personal information breach and explain th...
Subscriber Content
Mon, May 2, 2016
Newsletters

The Most Important Risks for 2016

This issue of Board Perspectives summarizes the top risks for 2016 as identified by North Carolina State University’s ER...
Subscriber Content
Mon, Apr 11, 2016
Audit Programs

HR System Pre-Implementation Audit Work Program

This audit program focuses on testing human resources system controls during the pre-implementation phase.
Subscriber Content
Mon, Feb 29, 2016
Checklists & Questionnaires

Setting the Audit Committee Agenda Questionnaire

Good business leaders are aware that the world is changing–dramatically. This questionnaire is for executive management,...
Subscriber Content
Mon, Feb 15, 2016
Newsletters

Setting the 2016 Audit Committee Agenda

Interesting challenges are in store for audit committees in the coming year and in this issue of The Bulletin, we delive...
Subscriber Content
Mon, Dec 21, 2015
Newsletters

Accounting for Revenue Recognition: A New Era

In this issue of The Bulletin, we discuss several important topics related to the the Financial Accounting Standards Boa...
Subscriber Content
Mon, Nov 23, 2015
Audit Programs

Security Management Audit Work Program

This document outlines steps to audit an organization’s security management process.
Subscriber Content
Mon, Aug 31, 2015
Newsletters

Does Your Organization Face Change With Confidence?

In this issue of The Bulletin, we discuss how facing change with confidence is crucial in a rapidly shifting business en...
Subscriber Content
Mon, Jul 27, 2015
Risk & Control Matrices - RCMs

Deploy and Maintain Solutions RCM

This document outlines risks and controls common to the "deploy and maintain solutions" process in a risk control matrix...
Subscriber Content
Mon, Jun 1, 2015
Audit Programs

IT Data Management Audit Work Program

This document outlines steps to audit an organization’s data management process and includes a self-assessment questionn...
Subscriber Content
Mon, May 25, 2015
Newsletters

Briefing the Board on IT Matters

In this issue of Board Perspectives: Risk Oversight, we outline three contexts for conducting IT briefings with the boar...
Subscriber Content
Mon, May 11, 2015
Audit Programs

IT Operations Management Audit Work Program

This document outlines steps to audit an organization’s IT operations management process.
Subscriber Content
Mon, May 4, 2015
Newsletters

Managing Cyber Threats with Confidence

This issue of Board Perspectives: Risk Oversight articulates why it’s important to focus on protecting an organization’s...
Subscriber Content
Mon, Apr 13, 2015
Audit Programs

IT Application Management Audit Work Program

This sample IT application management audit work program is designed around key risk indicators of potential problems.
Subscriber Content
Mon, Apr 6, 2015
Newsletters

Positioning Compliance for Effectiveness

In this issue of Board Perspectives: Risk Oversight, we explore the different views regarding the responsibilities expec...
Subscriber Content
Mon, Mar 9, 2015
Newsletters

The Most Important Risks for 2015

This issue of Board Perspectives: Risk Oversight outlines the top 10 risks for 2015, which reflect marked differences co...
Subscriber Content
Mon, Feb 23, 2015
Protiviti Booklets

Internal Auditing Around the World: Volume 10

In this booklet, we share accounts from some of the world’s leading organizations’ internal audit executives that show t...
Subscriber Content
Tue, Jul 8, 2014
Guides

IT Asset Management Guide

This guide focuses on improvements organizations can make to effectively perform their IT asset management process.
Subscriber Content
Mon, Jun 23, 2014
Guides

IT Controls and Governance Guide

This guide highlights challenges that may disrupt IT governance and provides a roadmap for activating an effective IT go...
Subscriber Content
Mon, Jun 16, 2014
Newsletters

Oversight of IT Risk Management

In this issue of Board Perspectives: Risk Oversight, we make suggestions for boards to consider as they enhance their ri...
Subscriber Content
Mon, Mar 10, 2014
Audit Programs

System Management Risk Assessment and Control Audit Work Program

This work program will assist audit teams with identifying risks and related controls for logical security administratio...
Subscriber Content
Mon, Mar 3, 2014
Newsletters

Managing Cybersecurity Risk

In this issue of Board Perspectives: Risk Oversight, we present four considerations for managing cybersecurity risk.
Subscriber Content
Mon, Jun 10, 2013
Newsletters

Social Business: What it Means to Your Risk Profile

This issue of Board Perspectives: Risk Oversight discusses 10 examples of social business risks every company should mon...
Subscriber Content
Mon, May 6, 2013
Audit Programs

Information Security Audit Work Program

This work program is intended to provide an internal audit team with guidance and direction when evaluating information ...
Subscriber Content
Mon, Mar 25, 2013
Policies & Procedures

Third-Party Access Policy

The purpose of this policy is to define security policies that apply to temporaries, contractors, consultants, and third...
Subscriber Content
Mon, May 28, 2012
Policies & Procedures

User Malicious Software Policy

The purpose of this security policy is to outline the user’s responsibilities in ensuring updates and maintenance of ant...
Subscriber Content
Mon, May 28, 2012
Newsletters

Social Media: What It Means to Your Risk Profile

In this issue of Board Perspectives: Risk Oversight, we reveal 10 examples of business risks to consider associated with...
Subscriber Content
Mon, Feb 6, 2012
Policies & Procedures

Instant Messaging Policy

This policy outlines a set of procedures for the proper use of instant messaging by company employees.
Subscriber Content
Mon, Jan 16, 2012
Newsletters

Ten Questions the Board Should Ask

This issue of Board Perspectives: Risk Oversight provides 10 key questions for boards to consider as they plan their 201...
Subscriber Content
Mon, Dec 5, 2011
Policies & Procedures

Website Privacy Policy

This sample can be used to create an information privacy policy for a company website.
Subscriber Content
Mon, Oct 3, 2011
Newsletters

Risk Management: A Look Back and a Look Forward

In this issue of The Bulletin, we look at how risk management has evolved over the past 25 years and some of the lessons...
Subscriber Content
Mon, Apr 11, 2011
Newsletters

Setting the 2011 Audit Committee Agenda

This issue of The Bulletin provides observations for consideration by boards of directors and their audit committees as ...
Subscriber Content
Mon, Jan 17, 2011
Protiviti Booklets

Internal Auditing Around the World: Volume 6

In this booklet, we profile nine international companies that value technology-based audit and data analysis techniques ...
Subscriber Content
Mon, Jun 28, 2010
Blog

Consider Different Approaches When It Comes to Cybersecurity

Cybercrime is now considered a top risk to most enterprises. Many organizations seek to build security by a...
Fri, Jun 28, 2019
Blog

External Access Risk: Key Factors You Need to Know

Many businesses today exchange goods, services, information and knowledge using network-enabled technologi...
Tue, Feb 18, 2020
Blog

Guide to Records Management

Technology has greatly expanded the methods of creating, editing, maintaining, transmitting and retrieving ...
Thu, Jun 28, 2018
Blog

The Three Components of a Successful Systems Design

What is design risk? To “design” is to create, fashion, execute or construct according to plan. The term de...
Wed, Jun 6, 2018
Blog

What Are the Benefits and Risks Associated With Data Integrity?

Data integrity is the assurance that information can only be accessed or modified by those authorized to a...
Tue, Jan 14, 2020
Blog

What Is IT Risk and How Should You Manage It?

What Is IT Risk? Information technology (IT) risk is any potential threat to business data, critical syste...
Thu, Sep 15, 2022
Blog

What is Transaction Authenticity?

What Is Transaction Authenticity? "Transaction authenticity" can be defined as the authentication of a par...
Thu, Feb 15, 2018
Blog

What You Need to Build Remarkable Partnerships With the IT Organization

The strength of the partnership between IT audit and the IT organization is a significant differentiator in...
Fri, Mar 27, 2020
Blog

What You Need to Know About Robotic Process Automation

Are You Familiar With Robotic Process Automation? Robotic process automation (RPA) has been gaining tracti...
Thu, Jun 20, 2019