Welcome to Power Generators



Shedding light on information technology risks: IT auditing does not hinge solely on highly specialized reviews. Effective tech-related risk manageme

DUE TO INCREASED connectivity in the workplace, the average internal auditor receives considerably more exposure to IT systems than in the past, Technology plays a fundamental role in the way modern organizations function, and it has become integrated to the degree that virtually every type of audit requires at least some consideration of IT issues. Whereas technology was once considered the domain of specialized IT auditors, it is now the concern of all auditors, including audit generalists.

Although some technology areas still require the attention of IT audit specialists, several risks stemming from IT intersect almost every auditor's path. The modern auditor's purview, for example, encompasses areas such as access control, network security, data integrity, asset management, and software acquisition and development, each of which constitutes a mission-critical element of the organization's success. All auditors need to be aware of the risks associated with these areas to help their organizations review vital systems and ensure the enterprise runs smoothly.

ACCESS CONTROL

Security surveys conducted during the last decade have consistently shown that a large number of information security breaches originate from inside the organization. The Computer Security Institute's most recent "Computer Crime and Security Survey," for example, shows that 45 percent of U.S. organizations polled reported unauthorized access by insiders. In addition, financial fraud and theft of proprietary information--"opportunity crimes" that security experts say require access to company systems and insider knowledge--ranked as the most costly types of computer crime.

0 Comments:

Post a Comment

Subscribe to Post Comments [Atom]

<< Home