Want more money to spend on your enterprise's information security programs? Deloitte's Mike Brown and Amry Junaideen say IT security managers must show their non-IT bosses how the lack of IT security would adversely affect their operations.
Since the summer of 2009, financial institutions and their corporate customers have been defrauded by increased incidents of account takeover. These incidents have pitted banks and customers against one another in court, and they were a key impetus behind the release of the new FFIEC Authentication Guidance. So, how...
An enterprise risk management (ERM) program is more than a collection of organizational functions. ERM integrates all risk efforts under one set of common definitions, process framework, and system solutions. Join a banking/security leader to hear how she developed and grew her institution's ERM program, including...
Software applications are the lifeblood of every organization, and today's #1 IT security threat is vulnerabilities in these applications. Complexity, interconnection and criticality of source code have resulted in a dangerous proliferation of vulnerabilities and risks.
Register for this session to learn:
How...
Layered security is one of the core tenets of the new FFIEC Authentication Guidance - and it's perhaps the most effective strategy for detecting and preventing banking fraud schemes. But what are some of today's most mature approaches to layered security, and how are banking institutions employing them to detect and...
Documenting procedures for the State Department's custom-made, continuous-monitoring tool known as iPost will help ensure that the data collected are appropriately used to protect the agency's global IT system, a GAO audit says.
The non-standardized collection device is responsible for 13 percent of the biometric records maintained by DOD, representing some 630,000 DoD records that cannot be searched automatically against FBI's database of about 94 million records.
Auditors find that the SEC's IT office documented and incorporated National Institute of Standards and Technology patch requirements in its policies and procedures but that guidance wasn't always followed.
No one knows risk better than the internal auditor, and so no individual has a better opportunity to add risk management value to organizations, says Richard Chambers, president of the Institute of Internal Auditors.
Richard Chambers, President of the Institute of Internal Auditors (IIA) has three words of advice for organizations, executives and auditors looking to improve the role of internal audit: "Follow the risk."
In an exclusive interview, Chambers discusses:
Impact of the economic recession on internal audit;
How...
In terms of information security, what is the state of auditing as we end 2009 - and what are the trends foreseen for 2010?
Warren Stippich Jr., Practice Leader of the Chicago Business Advisory Services Group of Grant Thornton LLP, discusses:
Audit trends;
Where organizations are most vulnerable;
How audit...
In terms of information security, what is the state of auditing as we end 2009 - and what are the trends foreseen for 2010?
Warren Stippich Jr., Practice Leader of the Chicago Business Advisory Services Group of Grant Thornton LLP, discusses:
Audit trends;
Where organizations are most vulnerable;
How audit...
Organizations and security controls have changed, so senior management and regulators now demanding more of internal auditors.
Beyond financial and control issues, internal auditors now are being asked to assess the effectiveness of an organization's enterprise risk management program, says Warren W. Stippich, Jr....
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.in, you agree to our use of cookies.