美国伊利诺斯州绍姆堡 — Auditors face an onslaught of new technologies, systems 和 regulations to incorporate into assessments. New audit programs from global technology association ISACA give auditors additional frameworks for toolkits to provide 保证 for blockchain, cloud access 安全 brokers (CASBs) 和 the EU GDPR.
的 区块链准备审核程序 helps organizations manage the preparation for using blockchain technology--the underlying distributed network system often associated with the decentralized cryptocurrency, bitcoin--found in applications across myriad industries. 涵盖区块链的各个方面, 从是否有, 治理, 发展, 安全, 交易和共识, this program guides auditors in identifying 和 developing key policies, procedures 和 controls to mitigate risk 和 streamline processes prior to a blockchain implementation 和 includes a blockchain technology audit preparation program worksheet. By using this program, auditors gain tools to:
- Provide management with an assessment of whether their proposed blockchain technology control environment is adequately designed 和 operationally effective
- Identify potential blockchain risks which could result in reputational 和/or material financial impact
- Provide management with a holistic perspective on blockchain technology that considers both technical 和 non-technical factors.
To assist IT auditors assess the effectiveness of CASB solutions, ISACA releases the Cloud Access Security Broker (CASB) Audit Program. 澳门赌场官方下载s often use CASBs to manage risks, such as those associated with various deployment models, 身份管理, 以及遵守数据驱动法规. This audit program factors in several considerations auditors should keep in mind when assessing whether operational 和 compliance expectations can be met with their CASB deployment, 包括:
- Identity management of users, inclusive of privileged users 和 enhanced access groups
- Mitigation of risks associated with different deployment models
- Asset management 和 protection through 安全 initiatives such as physical 安全 和 though program management (key management 和 incident response as examples).
Following the 25 May 2018 implementation date, the EU General Data Protection Regulation (GDPR) gives EU residents control over their personal data wherever this data may reside, st和ardizing regulation across the EU 和 the European Economic Area (EEA) as well as affecting all enterprises that process data from EU/EEA countries. 的 GDPR Audit Program for Small 和 Medium 澳门赌场官方下载s offers an audit framework to assess how effectively GDPR is governed, monitored 和 managed. 它为以下方面提供指导:
- Provide management with an assessment of GDPR policies 和 procedures 和 their operating effectiveness
- Identify control weaknesses which could result in increased use of unsanctioned GDPR solutions (和 higher likelihood that the solutions are not detected)
- Evaluate the effectiveness of the organization’s practices 和 ongoing management of GDPR.
区块链准备审核程序 is free to members or for purchase by non-members for US $49. 这两个 Cloud Access Security Broker (CASB) Audit Program 和 GDPR Audit Program for Small 和 Medium 澳门赌场官方下载s are US $25 for members 和 US $49 for non-members.
For more information on ISACA’s audit 和 保证 programs, please visit http://74mz.xjiu.net/resources/insights-and-expertise/audit-programs-and-tools.
关于ISACA
现在是 50周年 一年, ISACA® (xjiu.net) is a global association helping individuals 和 enterprises achieve the positive potential of technology. ISACA equips professionals with the knowledge, 凭证, education 和 community to advance their careers 和 transform their organizations. ISACA利用其460名成员的专业知识,000名专业人员,包括140名,000 members—in information 和 cyber 安全, 治理, 保证, 风险与创新, as well as its enterprise performance subsidiary, CMMI®研究所, to help advance innovation through technology. ISACA has a presence in more than 188 countries, including more than 220 chapters worldwide 和 offices in both the United States 和 中国.
Twitter: www.推特.com/ISACANews
LinkedIn: www.linkedin.com/company/isaca
Facebook: www.脸谱网.com/ISACAHQ
Instagram: www.instagram.com/isacanews/
联系人:
艾米丽·范·坎普,+1.847.385.7223, evcamp@xjiu.net
克里斯汀·克辛格,+1.847.660.5512, communications@xjiu.net
