Download Free The Information Security Governance (ISG) Assessment Tool and Information Security Framework.

This tools covers:
1. Information Technology Security Framework
2. Information Technology Security Environment - A Framework
- Regulation: Federal mandate (FM), state mandate (SM), HIPAA, FERPA, GLB, SOX
- ISO Standard: ISO reference number for audit compliance
3. Risk Assessment Calculations
4. Scoring Tools

Top Five IT Outsourcing Benefit:
1. Increasing the level of service and thus reducing potential gaps in coverage

2. Increasing the expertise of the operators or analysts

3. Increasing the pace of a project by providing additional resources

The Computer Fraud and Abuse Act (CFAA) was passed by the US Congress in 1986. The CFAA applies to cases of computer-related crimes that are relevant to federal as opposed to state law. It doesn’t just target hackers, but also any interstate criminal activity that involves computers, such as money laundering or illegal gambling (though this is generally prosecuted under other statutes). The CFAA differs from the UK Computer Misuse Act in one important way: like many US laws it contains the concept of conspiracy.

The CFAA contains the following offences:
- Knowingly accessing a computer without authorization in order to obtain national security data;
- Accessing a computer without authorization;
- Knowingly accessing a protected computer with the intent to defraud and thereby obtaining anything of value;
- Knowingly causing the transmission of a program, information, code, or command that causes damage or intentionally accessing a computer without authorization and, as a result of such conduct, causing damage;

So what is the Accounting basic responsibility in a company? here is some of the function that usually handled by Accounting:

Payroll:
The total wages and salaries earned by every employee every pay period, which are called gross wages or gross earnings, have to be calculated. Based on detailed private information in personnel files and earnings-to-date information, the correct amounts of income tax, social security tax, and several other deductions from gross wages have to be determined.

Cash collections:
All cash received from sales and from all other sources has to be carefully identified and recorded, not only in the cash account but also in the appropriate account for the source of the cash received. The accounting department makes sure that the cash is deposited in the appropriate checking accounts of the business and that an adequate amount of coin and currency is kept on hand for making change for customers. Accountants balance the checkbook of the business and control who has access to incoming cash receipts. (In larger organizations, the treasurer may be responsible for some of these cash flow and cashhandling functions.

Download Free Acceptable Use Policy Template

1 Overview

[Company Name] provides computer devices, networks, and other electronic information systems to meet missions, goals, and initiatives and must manage them responsibly to maintain the confidentiality, integrity, and availability of its information assets. This policy requires the users of information assets to comply with company policies and protects the company against damaging legal issues.

Download Free Information Security Plan

Roles and Responsibilities

Agency Director: Responsible for information security in the agency, for reducing risk exposure, and for ensuring the agency's activities do not introduce undue risk to the enterprise. The director also is responsible for ensuring compliance with state enterprise security policies, standards, and security initiatives, and with state and federal regulations.

Download Free Corporate Information Security Policy Template

Purpose
The purpose of this policy is to protect from all threats, whether internal or external, deliberate or accidental, the information assets of:
{The Organization};
Customers;
Suppliers;

Download Free Database Server Disaster Recovery Plan Presentation

Sample of Database Server Disaster Event:
- Data are deleted from a critical application table
- Perform point-in-time recovery to time of problem
- A network hardware failure prevents a database server from being accessed over network
- Wait for hardware to be replaced
- Fail over to warm standby
- Fail over to hot standby
- 2 drives fail in a RAID-5 disk array

Type of Information Technology Audit Project and Statement of Auditing Standards (SAS)

Audit or Attestation Project

Report: Produce Opinion
Style: Also known as channel 1 engagement
Standard: SSAE 10
Common Scope:
- Data analytic reviews
- Commission agreement reviews
- Webtrust engagements
- Systrust engagements
- Financial projections
- Compliance reviews

Consulting, or Advisory Services

Report: No Opinion, Consulting Style
Style: Also known as channel 2 engagement
Common Scope:
- Systems implementations
- Enterprise resource planning implementation
- Security reviews
- Database application reviews
- IT infrastructure and improvements needed engagement
- Project management
- IT Internal audit services

Control Self-Assessment or CSA benefits are:

1. CSA allows managers and work teams directly involved in business units, functions or processes to participate in assessing the organization's risk management and control processes.

2. CSA can cover objectives, risks, controls and processes.

3. CSA help Auditor for focusing audit work on high risk, unusual areas; and to forge greater collaboration with operating managers and work teams.