Posted by: Robert Davis
Assurance Services, Control Self-assessment, CSA, IAP, Illegal Acts, Information Asset Protection, Information Security Management, Internal Control Review, Irregularities
For most entities, information and related technologies compliance management is critical to survival as well as success. As with other organizational programs, security compliance does not occur through managerial intent transmissions from a remote planet in some distant galaxy far, far away. Typically, an entity’s oversight committee and subordinate management periodically evaluate the effectiveness of an information assets protection (IAP) program’s responsiveness to recommendations, control and monitoring activities as well as the ability to prevent or detect irregular and illegal acts. Consequently, information security managers should continually seek to improve IAP controls.