Colleagues discuss strategy at a computer

This series will help you see eye to eye with your IT department as you discover the ways in which IT controls can help your organization’s finance activities. Our professionals discuss:

  • Why IT controls are important to have in place
  • Policies and procedures on the basics of IT security controls in the areas of change management, system security, and IT operations
  • The importance of knowing your IT environment
  • Diagramming your networks infrastructure

Each quarter, a new webcast will be introduced with each presentation for viewing at your convenience.

Learn with us:

*Part 1 of 4: Understanding key IT security controls

Our first session starts with an introduction of IT and internal controls. During this session, our professionals explain the background on the areas we have considered "key" for an IT control environment, they talk through the source of industry standards and best practice, and discuss where to start before evaluating the key IT controls.

View part 1, Understanding key IT security controls >

*Part 2 of 4: Change management

Properly managing changes to Information Technology (IT) is important for every single organization (no matter the size or complexity). This represents the second segment of a four part IT security controls webinar series. In this segment, our professionals provide:

  • A definition of change management
  • Review the critical elements of good change management processes
  • Provide examples of the effects of bad change management

As a result, we hope you will be able to better understand the benefits of having an effective change management process and the risks associated with an ineffective change management process.

View part 2, Change management >

*Part 3 of 4: System security

Appropriately managing access to IT systems is a critical first layer of defense. This webinar represents the third segment of a four-part IT security controls webinar series. In this segment, our professionals provide an explanation of authentication and password controls. In addition, they walkthrough appropriate controls surrounding user account management including setting up users within a system, modifying their access, terminating their access and reviewing access rights within the systems on a regular basis. The presentation will conclude with the importance of monitoring for access violations. Throughout this session, viewers will begin to understand the importance of "least privilege" and "segregation of duties" when it comes to users within an IT system.

View part 3, System security >

*Part 4 of 4: IT operational controls

Our last webinar in this series provides an explanation of the IT area – IT Operations. This session covers the IT control areas of data backups, physical security, use of external service providers and batch (automated) job scheduling/processing. All of these controls are critical in the operation of an effective IT environment. Most companies have most of the elements of these four areas in place; however, many companies do not fully implement these controls with regards to SSAE16 formal reviews and proactive backup restoration testing for example. During this session, you will learn about the fuller extent of implementing these operational controls.

View part 4: IT operational controls >

*CPE credit will not be provided with this series. Each segment will be 30-45 minutes in length.

This webinar series is for YOU if:

  • You have obtained a material weakness or significant deficiency from your audit firm in the area of IT security controls and you want to better understand and resolve the issue(s)
  • You want to better understand how to protect your data/systems in the event of a disaster
  • You want to be able to "speak" IT with your technology group
  • You want to identify areas of potential fraud related to technology control gaps
  • You want to learn how you can better protect sensitive information in your databases
  • You want to be more confident that the data in your financial systems are secure from internal and external threats
Next up

What customer experience are you providing?