May 27, 2011 9:33 PM
Posted by: Robert Davis
Conduct Code,
Due Care,
Due Diligence,
Employment Practices,
Information Assets Protection,
Misappropriation of Assets,
Safeguarding AssuranceRequiring periodic confirmation by employees of their safeguarding responsibilities will not only reinforce IT security policies, but potentially deter individuals...
May 24, 2011 7:49 PM
Posted by: Robert Davis
Conduct Code,
Due Care,
Due Diligence,
Employment Practices,
Information Assets Protection,
Misappropriation of Assets,
Safeguarding AssuranceFormal, documented entity-centric job (position) descriptions should exist for each entity employee that clearly conveys duties, prohibitions, and reporting relationships. Typically, position descriptions are prepared based on job analyses --...
May 20, 2011 9:54 PM
Posted by: Robert Davis
Conduct Code,
Due Care,
Due Diligence,
Employment Practices,
Information Assets Protection,
Misappropriation of Assets,
Safeguarding AssuranceStepwise, due care infers activity responsibility; whereby due diligence infers activity continuality. Often considered the ‘prudent person’ rule for professionals, discerning individuals...
May 17, 2011 9:18 PM
Posted by: Robert Davis
Conduct Code,
Due Care,
Due Diligence,
Employment Practices,
Information Assets Protection,
Misappropriation of Assets,
Safeguarding AssuranceUsually, it is easier to purchase an automated solution addressing IT control practices than to change an entity’s culture. Nevertheless; even the most secure system will not achieve a significant degree of protection if utilized by “
May 13, 2011 8:48 PM
Posted by: Robert Davis
Conduct Code,
Due Care,
Due Diligence,
Employment Practices,
Information Assets Protection,
Misappropriation of AssetsThe threat of insiders to data should not be underestimated. If an entity is to be successful in preventing security breaches, it must have effective policies that minimize the chance of hiring or promoting individuals with low levels of honesty, especially for positions of trust. Supporting this...
May 10, 2011 7:56 PM
Posted by: Robert Davis
Conduct Code,
Due Care,
Due Diligence,
Employment Practices,
Information Assets Protection,
Misappropriation of AssetsStakeholders expect managerial personnel to run the entity in accordance with accepted business practices, while maintaining compliance with applicable laws and regulations. An appropriate managerial tone should be established and...
May 6, 2011 10:09 PM
Posted by: Robert Davis
Conduct Code,
Due Care,
Due Diligence,
Employment Practices,
Information Assets Protection,
Misappropriation of AssetsBased on extensive research by various knowledge leaders, the greatest harm or disruption to IT-based information services emanates from intentional or unintentional actions of internally employed individuals. Frequently, information systems experience disruption, damage, loss or other adverse...
