General Controls Review The general controls review is analogous to the traditional information technology audit. It addresses all aspects of the internal control and risk management related to IT resources, of which information security is a subset. Business issues "Employees have system access privileges well beyond their normal job function." "Our business has grown significantly, but our internal controls have not matured with the business." "Employees routinely add hardware or software to our network without permission." "We often find “rogue” wireless access points installed on our trusted network without management permission." "Simple power outages result in expensive downtime." "Our development staff routinely alter source code in our live environment, often resulting in difficult reconcilement problems." "Employees leave our company, but often still have access to our email and file servers." LarsonAllen's response Our experts assess your security posture and control environment holistically, including, but not limited to: Policies, procedures, and training Systems security administration Physical security administration (building perimeter and data center) Systems development controls Data backup and recovery Disaster recovery planning

Name: Email:   What do you consider the biggest security threat for 2008?   Data leakage through USB ports   Targeted phishing attacks   Unpatched insider threats   Wireless vulnerabilities   Social engineering

Share this with a friend   

About us - Careers - Contact us - Media - EFFECT - Site map - Home

Disclaimer - Web site terms of use - Privacy policy - Copyright policy
© 2000-2008 LarsonAllen^® LLP  Equal Opportunity/Affirmative Action Employer
This site is best viewed with 5.0+ browsers at a resolution of 1024 x 768. To download a more recent version of your browser, click below.
Internet Explorer   Firefox