This week`s resource selections originate from a monthly internal audit column I write for Jim Kaplan, for going on more than three years now.

 

Each month in Jim’s internal audit newsletter (http://www.auditnet.org/) I highlight leading audit and security resources to assist auditors and security practitioners.

 

Have another great week.

 

Dan Swanson

 

Disaster Recovery (DR) and Business Continuity Planning (BCP) resources

This web page provides resources and articles on the subject of DR and BCP that you can use for reviews and planning for audits in this area. http://www.auditnet.org/drp.htm

 

Auditing IT Initiatives “Thought Leadership” - Particularly Useful When an IT Project Failure is NOT An Option!

Some key questions to consider:

- Does the proposed IT solution work & will it meet the needs of the organization?

- Does the security aspect of the IT solution work?

- Will the privacy of the organization’s information be maintained?

- Will the staff know how to perform “productively” and accurately?

- Have we done everything necessary to be prepared?

- Are we ready to implement and how do you know it'll work?

Some leading resources to assist your “readiness” assessment effort are available here.

http://www.auditnet.org/articles/DSIA200702.htm

 

Auditing for Fraud “Thought Leadership” – Because bad things are happening

Some companies have significantly lower levels of misappropriation of assets and are less susceptible to fraudulent financial reporting than others. Why? Because they aggressively take steps to prevent and detect fraud, end of story (it’s that simple). At these exemplary companies, management is responsible for designing and implementing systems and procedures for the prevention and detection of fraud—and, along with the board of directors, for ensuring a culture and environment that promotes honesty and ethical behavior.
http://www.auditnet.org/articles/DSIA200703.htm

 

Security Management resources

A variety of information security management resources have been gathered at this one web page
http://www.auditnet.org/SecurityMgmt.htm

 

Auditing Risk Management is strongly recommended

Some resources to assist your risk management efforts are available at this one web page.

http://www.auditnet.org/articles/DSIA200701.htm
 
Auditing security using the PCI standard and related guidance – (Because personal information must be protected)
We need to protect personal information much more than ever before and extensive help from the PCI Security Standards Council and numerous other organizations does exist.
http://www.auditnet.org/articles/DSIA200704.htm
Share on LinkedIn Share with Google+ Comment on this article