Download Presentation - Plante Moran

More documents

Recommendations

Info

Case Study - Risk Assessment Objective: C ontrols provide reasonable assurance that physical access to computer equipment, storage media, and program documentation is restricted to authorized personnel. What Can Go Wrong: Relevance Probability: Impact: Daily Weekly Monthly Quarterly Annually No Inmpact Nuisance Significant Crisis Key Controls 1. Encrypted Mobiles devices / USB drives 2. C ard controlled data center access 3. Receptionist during business hours 1. C omputer equipment (including mobile devices) lost or stollen. 2. D ata storage U SB drives lost or stollen 3. U nauthorized access to data center 4. 5. Designed Effectively Operating Effectively Test Results Yes Partially Exceptions Noted Yes Yes No exceptions noted Yes Yes No exceptions noted Conclusion Meets / Does Not Meet Risks O bjectives 20
Case Study - Risk Assessment Objective: What Can Go Wrong: Relevance Key Controls Probability: Impact: Daily Weekly Monthly Quarterly Annually No Inmpact Nuisance Significant Crisis Designed Effectively Operating Effectively Test Results Conclusion Meets / Does Not Meet Risks O bjectives 21
Page 1 and 2: Service Organizations Control (SOC)
Page 3 and 4: Introduction Many companies functio
Page 5 and 6: Service Organizations that need a S
Page 7 and 8: Benefits to User Organization User
Page 9 and 10: Reasons for New Standard Clear con
Page 11 and 12: SOC - Types of Engagements Regardle
Page 13 and 14: SOC 1 Control Objective Examples IT
Page 15 and 16: SAS 70 vs. SSAE 16 Report Date Plan
Page 17 and 18: Preparing for a SOC Review (cont.)
Page 19: Preparing for a SOC Review (cont.)
Page 23 and 24: During the SOC Review Types of Test
Page 25 and 26: Reporting Types of Opinions Unqual
Page 27 and 28: Management Assertion (additional re
Page 29 and 30: SOC Seals & Logos There are three

Download Presentation - Plante Moran

Create successful ePaper yourself

Delete template?

Save as template?