Service Organization Control Reporting
Article:
Today, it is common for entities to outsource business tasks or functions to service organizations, even those that are core to an entity’s operations. Although user entities may rely on a service organization to perform outsourced tasks or functions, the user entity still...
Published on March 04, 2013
Service Organization Control Reports
Webcast:
The purpose of this 2 hour video webcast is to provide better understanding on how the replacement of SAS 70 reports by three new reporting options affects their risks and assurance concerns.
Published on April 30, 2012
COSO Proposed Internal Control - Integrated Framework
Exposure Draft:
The Committee of Sponsoring Organizations of the Treadway Commission (COSO) has now proposed an updated framework and issued an exposure draft for public comments through March 31, 2012
Published on March 06, 2013
Privacy / Data Protection
Overview:
Privacy encompasses the rights and obligations of individuals and organizations with respect to the collection, use, disclosure, and retention of personal information
Published on April 04, 2013
Big Builders White Paper
White Paper:
This is a toolkit designed to help organizations evaluate the true costs and benefits associated with a typical business intelligence (BI) implementation
Published on October 10, 2012
SOC 2 and SOC - 8 Steps to Success
Article:
This article introduces an eight-step approach for organizations undertaking a SOC 2SM and/or SOC 3SM report for the first time
Published on November 14, 2012
Ten Steps Businesses Can Take to Protect Personal Information
Presentation:
Learn the ten steps businesses and organizations can take to protect personal information (PI), including not collecting more PI than needed, restricting access, disposing of sensitive information appropriately, understanding privacy laws, and more
Published on April 25, 2013
Data Management and Data Retention
Presentation:
This presentation provides an overview of the factors that organizations should consider
Published on September 19, 2012
Business Intelligence for Middle Market Organizations
Presentation:
Learn about the additional information risks involved when BI technologies are utilized for decision support.
Published on November 21, 2012
Enterprise Risk Management Resources
Article:
Enterprise risk management expands on internal control function, providing a more robust and extensive focus on the subject of risk management.
Published on April 02, 2013
Auditing Risk - A Practical Method Using the InfoSec Triangle
Article:
This article offers a logical methodology to determine audit risk within an organization including a 360-degree observation of the InfoSec Triangle
Published on February 26, 2013
The Inside View of Information Security Management
Article:
In this article, three CPA,CITPs discuss how information security can be better managed within an organization
Published on February 05, 2013
A Decision-Makers Guide
Framework:
Contextual framework for discussing mobile & remote computing technologies and how organizations can derive significant value from them. Includes basic information needed to begin a mobile & remote computing initiative
Published on January 06, 2010
GTAG 2 - Change & Patch Management Controls Critical for Organizational Success
Guide:
This guidance helps CAEs ask the right questions of IT organizations to assess its change management capability and the overall level of process risk to determine if a more detailed process review may be necessary
Published on November 21, 2012
Managing Risks by Obtaining a Service Auditors Report
Brochure:
The AICPA discusses the business risks of outsourcing tasks and functions to service organizations and how practitioners should prepare an audit report
Published on March 06, 2013