- Ensure that senior management will support the security policy.
- Consider using a security policy template or other authoritative guideline.
- Include consequences for noncompliance.
- Thoroughly review applicable laws.
- Use clear and concise ideas to communicate the security policy.
- Require a regular review process.
- Review all internal controls for any appropriate modification, including all audit reports since the previous review.
- Test the system.
- Use the security policy as an opportunity to establish an ongoing security-training program.
Tuesday, June 1, 2010
Improve your firm's data security
Worried about data security? An article in the Journal of Accountancy by Ron Box, CPA/CITP/CFF, CISSP provides a handy list of data security best practices. To read the article click on this link. Firm Up Your Data Security
Labels:
Business Advice
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment