IT Governance, Risk, and Compliance:

Safeguarding Assurance

1

May 31, 2011  8:17 PM

Effective Employment Practices for Protecting IT – Part VIII



Posted by: Robert Davis
Conduct Code, Due Care, Due Diligence, Employment Practices, Information Assets Protection, Misappropriation of Assets, Safeguarding Assurance

Technology is an enabler, not a solution, for deploying and executing a sound information assets protection (IAP) strategy. Responsibility for executing IAP should be shared across the entity, making all employees accountable as part of a well...

May 27, 2011  9:33 PM

Effective Employment Practices for Protecting IT – Part VII



Posted by: Robert Davis
Conduct Code, Due Care, Due Diligence, Employment Practices, Information Assets Protection, Misappropriation of Assets, Safeguarding Assurance

Requiring periodic confirmation by employees of their safeguarding responsibilities will not only reinforce IT security policies, but potentially deter individuals...


May 24, 2011  7:49 PM

Effective Employment Practices for Protecting IT – Part VI



Posted by: Robert Davis
Conduct Code, Due Care, Due Diligence, Employment Practices, Information Assets Protection, Misappropriation of Assets, Safeguarding Assurance

Formal, documented entity-centric job (position) descriptions should exist for each entity employee that clearly conveys duties, prohibitions, and reporting relationships. Typically, position descriptions are prepared based on job analyses --...


May 20, 2011  9:54 PM

Effective Employment Practices for Protecting IT – Part V



Posted by: Robert Davis
Conduct Code, Due Care, Due Diligence, Employment Practices, Information Assets Protection, Misappropriation of Assets, Safeguarding Assurance

Stepwise, due care infers activity responsibility; whereby due diligence infers activity continuality. Often considered the ‘prudent person’ rule for professionals, discerning individuals...


May 17, 2011  9:18 PM

Effective Employment Practices for Protecting IT – Part IV



Posted by: Robert Davis
Conduct Code, Due Care, Due Diligence, Employment Practices, Information Assets Protection, Misappropriation of Assets, Safeguarding Assurance

Usually, it is easier to purchase an automated solution addressing IT control practices than to change an entity’s culture. Nevertheless; even the most secure system will not achieve a significant degree of protection if utilized by “


1

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: