Solution Set

This research will enable IT Leaders to get the executive support needed to adopt IT governance with the objective of improving performance measures, accountabilities, and decision-making in the areas of IT financial management, risk management,...

Learn how to document IT process in preparation for audits and how to engage and communicate with auditors before the next IT audit.

Tool

Info-Tech's SharePoint Annual Audit Template will help you conduct an annual assessment of the existing SharePoint environment.

Tool

This License Inventory template can facilitate license tracking in time of audit, and can be used as part of the due diligence process in creating formal documentation of licensed assets.

Tool

Multi-site enterprises are commonly managing environments with different types of voice and data connectivity, often sourced from multiple service providers. Use this tool to inventory telecom services, physical assets, monthly invoices, as well...

Note

Enterprise Resource Planning (ERP) exists in every enterprise. It is often a low priority for IT managers until changes to the business make a very real, and very expensive, project. The real cost of a failed ERP initiative is IT careers.

Note

Telecom Expense Management (TEM) is a set of IT practices that organizations should not ignore; TEM can reduce telecom costs by 10% without affecting telecom service levels. Understand the benefits of optimizing telecom expenses and implement...

Solution Set

This solution set will help organizations understand where to focus their telecom cost reduction efforts and how to develop a practice for ongoing telecom expense management.

Template/Policy

Capturing and assembling site-by-site voice and data connectivity in a central repository will put the enterprise in the best position to review overall capacity and identify any costly exceptions. Use this template to get a start on information...

Tool

Use the Contract Management Tool to track location, status, and expiry dates of ongoing contracts. The tool provides advance warning of checkpoint dates for timely contract renewal decisions.

With only eight convictions since its inception in 1996, the Health Insurance Portability and Accountability Act (HIPAA) is a failure. Too little oversight and too much uncertainty surround HIPAA and cloud the real issues at hand.

Podcast

Telephony expenses can certainly add up if IT does not adopt a cost-conscious strategy. By learning to negotiate with telecom providers and optimizing mobile device use, IT can significantly impact the bottom line. Adopting a tactical telecom...

Note

The server room is the data and information nerve center of any small enterprise. Use this fully editable policy template to establish appropriate standards, procedures, and restrictions for access to the enterprise's server room.

Note

The data center is the information and data nerve center of any enterprise. Use this fully editable policy template to establish appropriate standards, procedures, and restrictions for accessing the enterprise's data center.

Premium Resource

In enterprises where compliance is a known cost of doing business and auditing is a predictable task, a pre-emptive approach to compliance can reduce the cost of compliance projects down the line, and leave the enterprise well-prepared for...

Template/Policy

All companies require a well written patch management policy to ensure that IT systems function optimally and that vulnerabilities are mitigated. Use this template to create your own customized policy.

Data privacy is a pressing and growing concern for all enterprises. Small enterprises should segregate duties and tasks at the operational level to create an IT environment based on security best practices like least privilege.

Growing concerns over Internet privacy, the security of online content, and the protection of intellectual capital mean that organizations must be extra diligent in keeping their Web sites legal. Conduct a legal audit of the organization's Web...

Tool

Internet privacy, intellectual property and the security of online information collected have become a growing legal concern affecting organization's Web sites. Organizations need to be aware of laws and regulations surrounding these issues, and...

Human-based deception is one of the most dangerous forms of social engineering. Awareness about this type of attack and its various forms will help make an enterprise more secure. Use this note to learn about the common forms of human-based...

Technology-based deception is the most common form of social engineering. Awareness of this type of attack and its various forms will help make an enterprise more secure. Use this note to learn about the common forms of technology-based...

HIPAA security audits are finally here. To help guide IT leaders, Info-Tech interviewed five healthcare clients about how they're implementing HIPAA security measures. Learn from these experiences and take prioritized, practical steps that...

Small to mid-sized enterprises (SMEs) can implement IT controls for governance, compliance, and improved security, all without breaking the bank. Concentrate on the most essential controls first to achieve SME compliance goals.

Beneficial though the IT Information Library (ITIL) may be for improving service management, compliance is not its core function. Explore the potential of more suitable frameworks such as Control Objectives for Information and related Technology...

Sufficient levels of Enterprise Resource Planning (ERP) security are lacking in many ERP implementations. This can cause severe financial losses due to fraud and non-compliance. Mitigate these risks through effective security processes, staff...

Auditing the efficiency of help desk operations should be a standard practice in any IT organization. Performing an audit, evaluating performance, and diagnosing problems are essential to ensure efficient relationships with end users and...

Database auditing gives IT the ability to see who accessed information, what data was accessed, when it was accessed, and through which means the data was accessed. Arm the IT department with the proper tools to protect corporate information assets.

Tool

Enterprises that must comply with Sarbanes-Oxley (SOX) need tools to help them test their own controls internally before external auditors arrive for the yearly audit. This worksheet will help publicly-traded enterprises ? as well as private...

Small to mid-sized enterprises (SMEs) can benefit from implementing control objectives for governance, compliance, and improved security. The Securities and Exchange Commission's (SEC) recent Sarbanes-Oxley (SOX) announcement puts an end to...

Tool

In order to protect the server room against all manner of threats, IT must audit current practices. Use the audit results to strengthen security and increase reliability for this all-important asset.