IT Controls

The following 188 items are listed by Content Data.
Policies & Procedures

IT Equipment and Information Control Policy

This policy sample establishes guidelines and procedures common to effective company equipment and system information pr...
Subscriber Content
Mon, Dec 20, 2021
Methodologies & Models

Identity Access Management Capability Maturity Model (CMM)

This capability maturity model can be used to measure the maturity of an organization’s business continuity management p...
Subscriber Content
Mon, Dec 13, 2021
Policies & Procedures

Systems Audit Logging and Monitoring Policy

This sample policy is designed to help organizations define and comply with system audit logging and monitoring requirem...
Subscriber Content
Mon, Dec 13, 2021
Benchmarking Tools

Transaction Authority Risk Key Performance Indicators (KPIs)

This tool contains performance measures and questions an organization can use to enforce and ensure the validity of tran...
Subscriber Content
Mon, Dec 13, 2021
Audit Programs

Application Security Review and Testing Audit Work Program

This tool includes two sample audit programs that provide steps organizations can take to facilitate an application secu...
Subscriber Content
Mon, Nov 8, 2021
Policies & Procedures

Separation of Duties Policy

In this sample policy, we outline the standards for applying separation of duties to protect a company’s information ass...
Subscriber Content
Mon, Nov 1, 2021
Audit Programs

Data Conversion Audit Work Program

This tool contains two sample audit programs that provide steps organizations can take to perform a data conversion audi...
Subscriber Content
Mon, Oct 25, 2021
Policies & Procedures

Telecommunication Usage Policy

This sample policy defines guidelines and procedures organizations should follow when using telecommunications systems.
Subscriber Content
Mon, Oct 25, 2021
Policies & Procedures

IT Risk Assessment Policy

The objective of this policy is to provide a standardized approach and operating instructions for the execution of a com...
Subscriber Content
Mon, Oct 18, 2021
Policies & Procedures

Information Security Management System Policy

This policy establishes the scope of a company's information security management system and characterizes the interfaces...
Subscriber Content
Mon, Sep 13, 2021
Policies & Procedures

Physical Security Standard Policy

The purpose of this policy is to create and maintain a physically secure environment that protects company property and ...
Subscriber Content
Mon, Sep 6, 2021
Audit Programs

Enterprise Resource Planning Security Audit Work Program

In this work program sample, we list general best-practice steps for the enterprise resource planning security process.
Subscriber Content
Mon, Aug 9, 2021