CSQA: KC 9 - Internal Control and Security

2006 CSQA Body of Knowledge
Knowledge Category 9

Internal Control and Security

Privacy laws and increased accessibility to data have necessitated increased security. Accounting scandals and governmental regulation such as the Sarbanes-Oxley Act have placed increased importance on building and maintaining adequate systems of internal control. The quality assurance function can contribute to meeting those objectives by assuring that IT has adequate processes governing internal control and security.

Principles and Concepts of Internal Control

Internal Control and Security Vocabulary and Concepts
Preventive, Detective and Corrective Controls

Risk and Internal Control Models

COSO Enterprise Risk Management (ERM) Model
COSO Internal Control Framework Model
CobiT Model (Control Objectives for Information and related Technology Model)

Building Internal Controls

Perform Risk Assessment

Building Adequate Security

Where Vulnerabilities in Security Occur
Establishing a Security Baseline
Security Awareness Training
Security Practices

CSQA

KC 9 - Internal Control and Security - CONTENTS

0 Comments:

Next Knowledge Categories

About Me