Auditor Evaluation and Reporting on Cybersecurity Risks

Mapping Intimacies ◽

10.4018/978-1-6684-3698-1.ch002 ◽

2022 ◽

pp. 19-38

Author(s):

Jeffrey S. Zanzig ◽

Guillermo A. Francia III

Keyword(s):

Computer Security ◽

Management Program ◽

Internet Security ◽

Audit Committees ◽

Certified Public Accountants ◽

Security Risks ◽

Internal Auditors ◽

Security Issues ◽

Proper Training ◽

Risk Management Program

Tremendous improvements in information networking capabilities have brought with them increased security risks resulting from the deterioration of the ability of a physical layer of computer security to protect an organization's information system. As a result, audit committees have had to deal with new security issues as well as the need to understand the cyber perpetrator and ensure the proper training of employees to consider cybersecurity risks. Standard setters including the Institute of Internal Auditors and the American Institute of Certified Public Accountants have issued guidance about lines of defense and reporting on an entity's cybersecurity risk management program and controls, respectively. Each of these topics is considered along with how cybersecurity guidance from COBIT, the National Institute of Standards and Technology, and the Center for Internet Security can be mapped into five cyber infrastructure domains to provide an approach to evaluate a system of cybersecurity.

Download Full-text

Auditor Evaluation and Reporting on Cybersecurity Risks

Encyclopedia of Organizational Knowledge, Administration, and Technology - Advances in Logistics, Operations, and Management Science ◽

10.4018/978-1-7998-3473-1.ch082 ◽

2021 ◽

pp. 1194-1211

Author(s):

Jeffrey S. Zanzig ◽

Guillermo A. Francia III

Keyword(s):

Computer Security ◽

Management Program ◽

Internet Security ◽

Audit Committees ◽

Certified Public Accountants ◽

Security Risks ◽

Internal Auditors ◽

Security Issues ◽

Proper Training ◽

Risk Management Program

Download Full-text

Compliance program of the organization

10.12737/textbook_5ba3bb33842875.14064221 ◽

2018 ◽

Author(s):

Вера Черепанова ◽

Vera Cherepanova

Keyword(s):

Best Practices ◽

Board Of Directors ◽

Management Program ◽

Regulatory Requirements ◽

Internal Auditors ◽

The World ◽

The Board Of Directors ◽

Risk Management Program ◽

Compliance Program ◽

Corporate Lawyers

A relatively young business area of compliance is rapidly gaining importance all over the world. An effective compliance risk management program can bring many benefits to an organization of any size, including increased overall productivity. This practical guide demonstrates step by step how to prevent, detect and respond to violations of business ethics and compliance, taking into account key international and Russian regulatory requirements, trends in their implementation, as well as the best practices of well-known corporations. The book is addressed to compliance managers, corporate lawyers, internal auditors, managers, members of the Board of Directors, as well as students of legal and economic areas and specialties.

Download Full-text

Wi-Fi Adoption and Security in Hong Kong

International Business Research ◽

10.5539/ibr.v10n8p129 ◽

2017 ◽

Vol 10 (8) ◽

pp. 129

Author(s):

Ken Kin-Kiu Fong ◽

Stanley Kam Sing Wong

Keyword(s):

Hong Kong ◽

Mobile Phone ◽

Electronic Devices ◽

Cost Effective ◽

Internet Security ◽

Security Risk ◽

Security Risks ◽

Security Issues ◽

Video And Audio ◽

Comprehensive Study

The benefit of using WiFi for Internet connection is obvious: cost-effective and powerful. WiFi gives us the flexibility and convenience of not being tied to a fixed location. Nowadays, more and more electronic devices and gadgets, such as mobile phones, cameras, gaming devices, TV and entertainment equipment, are WiFi enabled. WiFi also enables your devices to share files instantly. WiFi broadcasting devices, such as Chromecast, give you extra convenience by allowing you to stream video and audio contents from your mobile phone to your TV using WiFi connection. However, this kind of flexibility and convenience comes with a cost. Sharing files, streaming contents or even accessing the Internet via WiFi means signals are being transmitted and they can be captured by anyone with a computer or mobile phone installed with appropriate software. Therefore, it is important to let WiFi users know their security risks and how to minimize them. Educating WiFi users to reduce the WiFi security risk is one of our on-going missions. Basing on empirically collected data, this paper is report of a comprehensive study on the use of WiFi and WiFi networking and the knowledge of WiFi users of the risks and security issues involved in using WiFi in Hong Kong. Findings of the study highlight the WiFi security knowledge gaps of the users in Hong Kong so that stakeholders can take action to improve Internet security by eliminating the security gaps identified.

Download Full-text

The Railroad Fatigue Risk Management Program at the Federal Railroad Administration: Past, Present and Future

PsycEXTRA Dataset ◽

10.1037/e736312011-001 ◽

2006 ◽

Keyword(s):

Risk Management ◽

Management Program ◽

Risk Management Program

Download Full-text

Prevention of Armed Attacks at Schools as a Part of Emergency Situations Didactics

Lifelong Learning ◽

10.11118/lifele2015050395 ◽

2015 ◽

Vol 5 (3) ◽

pp. 95-112

Author(s):

Miroslava Kovaříková

Keyword(s):

European Union ◽

School Management ◽

The European Union ◽

Security Risks ◽

Emergency Plans ◽

Security Issues ◽

Emergency Situations ◽

European Union Countries ◽

Perception Of Security ◽

Technical And Organizational Measures

This article deals with the issue of security management and its following application in education. The article focuses on the topic of armed attacks at schools. Based on a research probe aimed at teachers which focused on perception of security risks, there are chosen areas to which Central emergency system services should react. Further, knowledge of technical and organizational measures of emergency plans in the organization and the level of attention paid to this issue by the school management were investigated. In the text there are also international models of solutions of this issue introduced. The contribution also brings outline of how is the issue solved in the European Union countries, in particular in the Kingdom of Spain. Experience with the solution of security issues of schools in Latin America are also mentioned. In the conclusion the summary of measures for improvement of security at schools is presented.

Download Full-text

Securing Cloud Data using RSA Algorithm

International Journal of Recent Contributions from Engineering Science & IT (iJES) ◽

10.3991/ijes.v6i4.9910 ◽

2018 ◽

Vol 6 (4) ◽

pp. 96

Author(s):

Md Equebal Hussain ◽

Mohammad Rashid Hussain

Keyword(s):

Storage Capacity ◽

Internet Security ◽

Third Party ◽

Combined Method ◽

Cloud Data ◽

Security Issues ◽

Rsa Algorithm ◽

Private Key ◽

Important Concern ◽

Encryption Algorithms

security is one of the most important concern on cloud computing therefore institutions are hesitating to host their data over cloud. Not all data can be afforded to move on the cloud (example accounts data). The main purpose of moving data over cloud is to reduce cost (infrastructure and maintenance), faster performance, easy upgrade, storage capacity but at the same time security is major concern because cloud is not private but maintained by third party over the internet, security issues like privacy, confidentiality, authorization (what you are allowed to do), authentication (who you are) and accounting (what you actually do) will be encountered. Variety of encryption algorithms required for higher level of security. In this paper we try to provide solution for better security by proposing a combined method of key exchange algorithm with encryption technique. Data stored in cloud can be protected from hackers using proposed solution because even if transmitted key is hacked of no use without user’s private key.

Download Full-text

The environment, security and regional cooperation in Central Asia

Communist and Post-Communist Studies ◽

10.1016/j.postcomstud.2007.03.004 ◽

2007 ◽

Vol 40 (2) ◽

pp. 191-208 ◽

Cited By ~ 6

Author(s):

Douglas L. Tookey

Keyword(s):

Central Asia ◽

International Organizations ◽

Regional Cooperation ◽

Environmental Security ◽

Security Risks ◽

Security Issues ◽

Working Together ◽

Short And Long Term ◽

Recent Attention

Environmental challenges, resulting from either a scarcity of natural resources or environmental degradation, may contribute to security risks in Central Asia. An encouraging sign is the recent attention of the governments of Central Asia, civil society groups and international organizations to these environmental security issues. Their efforts indicate that by working together to prevent conflicts caused by environmental problems, cooperation among the countries of Central Asia may expand. Both short and long-term obstacles must be overcome if these groups are to ensure that environmental stresses do not lead to security concerns.

Download Full-text

Slope Movement Inspection Using Axial Strain Data Across Multiple Lines and Repeat Inspections

Volume 1: Pipeline and Facilities Integrity ◽

10.1115/ipc2020-9288 ◽

2020 ◽

Author(s):

Mohamed ElSeify ◽

Sylvain Cornu ◽

Raymond Karé ◽

Ali Fathi ◽

John Richmond

Keyword(s):

Axial Strain ◽

Management Program ◽

Additional Tool ◽

Landslide Event ◽

Strain Data ◽

Risk Management Program ◽

Geohazard Risk ◽

Strain Responses ◽

Repeated Runs

Abstract Axial strain inspection using the AXISS™ is an established tool in the pipeline operator’s toolbox to assess pipeline geotechnical threats and other strain related events. Consequently, there is a large database of axial strain data for several different pipelines operating in different environments and from multiple inspections at the same geographical locations. The Cheecham slope, located south east of Fort McMurray, Alberta, is a known geohazard site crossed by six individual pipelines. The lines were constructed between 1999 and 2013 and have a size range of 10” to 36”. Five out of the six lines, 12” to 36”, have been inspected using the axial strain tool. The pipelines inspected cover a range of characteristics including, different vintages, pipe diameters and positions in the ROW. These differences, and the ILI runs provide an insight into the effect of a landslide event on the strain response of these pipelines. Axial strain measurement of the multiple pipelines in the Cheecham slope’s ROW allows: i) a direct comparison between lines ii) evaluation of the strain profile across the slope iii) assessment of the magnitude of the axial strain in terms of pipe characteristics e.g. pipe vintage and mechanical properties. More importantly, the axial strain data may provide an additional tool to assess the effectiveness of strain mitigation steps carried out over the years. An increase in the frequency of axial strain ILI runs resulted in additional data being available and more importantly data from run to run inspections spread over months or sometime years. A single run captures the strain at the time of inspection but run to run inspections provide an additional comparative tool to evaluate and monitor pipeline movement. Two out of the five lines inspected have run to run axial strain data. This paper takes the Cheecham slope as a case study to discuss the benefits of run comparison of ILI axial strain data either by comparing strain values of repeated runs for a single line or by the cross comparison of strain responses of different lines in the same ROW. The paper aims to demonstrate how run to run analysis of ILI axial strain data can be implemented as part of geohazard risk management program to asses strain risk profiles of these locations and to assess the effectiveness of strain mitigation programs previously undertaken by operators.

Download Full-text

FEATURES OF ACCOUNTING AND ANALYTICAL SUPPORT FOR ENTREPRENEURIAL RISK MANAGEMENT

International scientific journal Internauka Series Economical Sciences ◽

10.25313/2520-2294-2021-12-7813 ◽

2021 ◽

Author(s):

Ruslan Skrynkovskyy ◽

◽

Oleh Kramar ◽

Khrystyna Zamula ◽

Vasyl Khmyz ◽

...

Keyword(s):

Risk Management ◽

Management Program ◽

Negative Consequences ◽

Development Trends ◽

Stage Of Development ◽

Risk Management Program ◽

Industry Affiliation ◽

Business Entities ◽

Entrepreneurial Activities ◽

The Impact

The article reveals the features of accounting and analytical support for entrepreneurial risk management. It was found that entrepreneurial risk is a certain act as a result of which the business entity may suffer losses. It is proved that entrepreneurial risks should be classified according to the specifics of origin, the specifics of the legal settlement, the specifics of industry affiliation, the specifics of the consequences, the specifics of the duration of the impact of entrepreneurial risk, the specifics of the expression of will, the specifics of the form, the specifics of the level of typicality, the specifics of the level of validity, the specifics of the possibility of assessing and resolving the impact, the specifics of the possibility of insuring entrepreneurial risks, the specifics of the occurrence of entrepreneurial risks by sources of origin, the specifics of the scale of the impact, the specifics of the level of losses and the specifics of character. It is established that the process of entrepreneurial risk management is the process of managing the activities of the business entity as a whole and its individual parts, and takes into account the management of not only existing risks but also potential entrepreneurial risks in space and time, that may occur in the future during entrepreneurial activities. It is determined that the process of entrepreneurial risk management should take into account the stage of preparation and implementation of appropriate measures to reduce the risk as a result of making erroneous decisions by business entities, the stage of reducing the impact of possible negative consequences that may occur, especially, if the entity operates in unexpected changes and alarming development trends, as well the stage of development and implementation of the Declaration on Risk Management and the Risk Management Program. It is established that the important information on which it is possible to estimate possibility of occurrence of entrepreneurial risks, is the accounting reporting. In the perspective of further research, it is recommended to study entrepreneurial risks in Ukraine in the context of such aspects as causes, consequences and management.

Download Full-text