Transcription

IIA News – Archiv – ITJuli 2017Ein ISMS ist ein Risikomanagementsystem für A Complementary Approach to Cybersecurity and Cyber Risk itionen in Risikomanagement und n für Unternehmen und 7ff20e502be2542b5a4bb2afbad07/Datensicherheit für kleine e in 10 data breaches discovered in 2016 had gone undetected for more than a n-a-year/CAE Action Steps in Response to Recent s.aspx?utm campaign Online Exclusive&utm medium social&utm postdate 05%2F23%2F17&utm source twitterResearch report: Data ytics-5-4-17-v4.pdfJuni 2017Cyber cyber-insecurity/Why Are People Part of the Cybersecurity e-cybersecurityequation/?utm content buffer3fb0d&utm medium social&utm source twitter.com&utm campaign buffer

One in 10 data breaches discovered in 2016 had gone undetected for more than a n-a-year/EY recommends six immediate steps for organizations to protect themselves and reduceimpact of ransomware of-ransomwareattacks?utm campaign 56b1083fd4dbac5126021431&utm content 5919da9b94a3265c360010a3&utm medium smarpshare&utm source linkedinData analytics – weighing the ta-analytics--weighing-the-benefitsDas Einmaleins nachhaltiger informationssicherheit/?utm source dialog-Mail&utm medium EMail&utm content HP%3A Pressemeldung ITSicherheitsmanagement&utm campaign 2017-05-02 Sondernewsletter ISO 27001ISMS Implementation Guide entation-guide-released-gary-hinson?trk vfeed&lipi urn%3Ali%3Apage%3Ad flagship3 feed%3BJAEuMWTC%2Fi0%2Fkg3ze3IDzA%3D%3DMai 2017Unstructured data was a big target for attacks last year: port/391942?utm campaign News&utm medium social&utm postdate 03%2F31%2F17&utm source twitterAuditors see increased demand for data tors-see-increased-demand-for-data-analyticsThe security awareness ress-cascade-gary-hinsonFrom Input to Insight: Detecting Tone Through Machine tone-through-machine-learningOvercoming the cyber-security skills gap: experience vs lifications/article/645355/Data Analytics: Is it time to take the first step?

https://www.iia.org.uk/dataanalyticsData analytics – weighing the ta-analytics--weighing-the-benefitsStatistics On Small Business Cybersecurity: You Are At mallbusinesses-cybersecurity/Praxisbuch ISO/IEC 27001http://www.hanserfachbuch.de/buch/Praxisbuch ISO IEC 27001/9783446451391?et cid 36&et lid 55April 2017Online fraudsters’ preferred tools and techniques /online-fraudsters-tools-trade/Big data and technology can boost the quality of /57754150.cms?from mdrRisiken in Zeiten des digitalen 1b63e9dabb15c8c5e51f0c76927f2/?utm source dlvr.it&utm medium facebookOvercoming the barriers to adopting data ercoming-barriers-adopting-data-analyticsCyber security Board /cyber-security-board-briefing/From Input to Insight: Detecting Tone Through Machine tone-through-machine-learning16 questions CXOs should ask before starting an IoT xos-should-ask-before-starting-an-iot-project/5 ways to strengthen cyberrisk d/1328003März 2017Highlights from the Cisco 2017 Annual Cybersecurity Report

m-the-cisco-2017-annual-cybersecurityreport/Cyber security not just tech risk, but business siness-issueWas bedeutet IT-Compliance für eutet-compliance-fuer-unternehmen-a578464/?utm source www.compliance-manager.netHerausforderung ndingpage/herausforderung-cyberschutz?source stanl&r 86658463798368&lid 646798Februar 2017ECIIA and FERMA collaborate in cyber risk initiativeThe group’s key objective is risk-initiative/EU to test banks’ cyber t-banks-cyber-security/?utm campaign emaildailysentinel&utm source 2017-0221&utm medium email&utm medium email&sslid M7GwMDGyNDW0tDA3BQA&sseid MzEyNbM0NDS2BAA&jobid d54a0f6b-0f3c-4e3a-aa3f-c88406edb40aData analytics: The key to Risk-based fault/files/uploads/documents/data analytics the key to risk-based auditing.pdfKompromittierte Systeme rtyEmailDCIDetectingCompromisedSystemsDACH022017 sDACH012017LP.htmlJanuar 2017Best Practices for Cyber Security: The Ethics and Compliance Practice-for-Cyber-Security Download.htmlDezember 2016Weltweiter Anstieg von Finanz-Malware

86c5fe47/Technology: The key to a better audit echnology-key-better-audit-experienceThe changing role of internal audit and use of rsecurity curity-planNovember 2016ISMS: Kompetenz, Awareness, neue 7b8a586ab4f3650f6b2b9db/IT-Compliance: „Nice to have or must tm source compliance-manager.netG7 releases cyber security guidelines for financial utm source Email&utm medium Macro&utm campaign S01&utm content 201610-17&kmi utm source lexisnexis&utm medium email&utm campaign Compliance Praxis Newsletter 7720161121 11&utm content 276211063Jetzt vorbestellen im LexisNexis Onlineshop%21&sc src email 993098&sc lid 39515050&sc uid CPlhaUVsyz&sc llid 1033Four Critical Elements of a Cybersecurity Programhttp://downloads.ipservices.com/zoho/Four Elements Cybersecurity.pdf?utm source ZohoCampaigns&utm campaign Introduction to Cybersecurity - All Lists 2016-1027 1&utm medium emailOktober 2016White Paper: CAATs gegen Ineffizienz und Fraudhttp://forum.auditfactory.de/a.php?sid j8xx.4866a2,f 5,u ae6fa1dc624427346fce7b4fe2b3ad7d,n j8xx.4866a2,p 1,artref 289908,l tq5v4.1a3r65pSo werden industrielle Kontrollsysteme sicher

lsystemesicher,3323105?tap 20cfb40af734f0a834168d71ab5532e6&utm source IT%20Security&utm medium email&utm campaign newsletter&r 665608622661917&lid 586267&pm ln 20Neue Datenschutz-Grundverordnung der EU laut Experten ohne ohne-Wirkung-3332607.html?utm source compliance-manager.netNew Cybersecurity GTAG nes-ofDefense.aspxSeptember 2016BKA-Bundeslagebild 2015: Risiko efa35cd0baccf35f0cd05/New Smart Device GTAG August 2016Getting ready for the European Cyber Security Month -ecsmRole of Audit in CISO’s ernal-audit-cybersecurity.pdfJuli 2016Critical IT policies you should have in ave-in-place.htmlSix Decisions you must make to prepare for a security 05/4xdkp5Berechtigungen und Zugriffsrechte – Risiken richtig managen

?tap 20cfb40af734f0a834168d71ab5532e6&utm source IT%20Security&utm medium email&utm campaign newsletter&r 665604526261910&lid 545620&pm ln 20Fundamentals of Information Risk Management g.aspxIT-Revision, IT-Audit und 58028077Juni 2016White Paper: Choosing the Right Technology to Optimize Your Internal ControlManagement ing-the-right-technology02182016.html?publication 0425-oceg&utm campaign -right-technology-whitepaper&utm medium email&utm source ocegCompanies Failing to Use Technology to Fight icMai 2016Comelec hacking: A lesson on urity and the role of internal audit – An urgent call to ticles/cybersecurity-internal-auditrole.html?id us:2el:3dp:iiaorggl:eng:adv:050216Turn Data Audits Into Your Best Ally Against Future e OCEG 2016 GRC Technology Strategy Survey y/?utm source OCEG%20Members&utm campaign 8f48ed5c57Key%20Resources%20May%2010th%202016&utm medium email&utm term 0 2afb06e6d3-8f48ed5c57-91140970April 2016Passwort-Sicherheit: Jeder fünfte Mitarbeiter würde Login-Daten verkaufen

-691434/ISACA Outlines Five Steps to Planning an Effective IS Audit ditprogram/O-ISM3 Risk k/click?u cdfce23a324dfd6355f340958&id 3bc6b0da57&e 785def65f8Security Metricshttp://www.ism3.com/?q node/18The Evolving Era of Big Datahttp://info.acl.com/bigdata.html?utm source Display&utm medium IIA&utm campaign acl-voltage-big-data-e-book-final-09-3015&utm content ebook&mrkto source NA OA 2016-04 IIA-Smartbrief-BigData EBMärz 2016Data Analytics and the Future of Internal 1980.cfm?Februar 2016Quickinfo "IT-Sicherheitsmanagement. Ein /search/FastSearch.action?search &refineSearch true&q e3L05NLErO0INQQIlcoFgFEAAADTa8qZsAAAA&qTerm LMtMTS KLgMIV5bwM3EhyFQB7AZOYvwAAAA&utm source dialog-Mail&utm medium E-Mail&utm content FL%3A ITSicherheitsmanagement %28Einleitung%29&utm campaign 2016-02-16 Quickinfo ITSicherheitsmanagementJanuar 2016Internal audit and cyber nternal-audit-and-cyber-risk/Die schlechtesten Passwörter 2015

http://www.compliance-manager.net/?nl redirect -passworter-2015/Dezember 2015How Technology is Shaping Internal UpFWVhSZk90aXJ0UDg/view?pref 2&pli 1November 2015New York Stock Exchange cybersecurity guide recommends ISO /uploads/2015/09/Cybersecurity9780996498203-no marks.pdfThe top four cyber crime trends of r-cyber-crime-trends-of-2015/Entwicklung Ihrer IT-Organisation zur Reduzierung von mkt tok tober 2015IT Security in SMEs: Guidelines published by UNICRISecurity yber-crime/unicri-report-security-sme.htmlA CAE’s First Cyber Security Internal cyber-security-internal-audit/September 2015Cisco Midyear Security Report Reveals Sophisticated e-content?type webcontent&articleId 1705761Risikofaktor cae250b336cfa4bd/

August 2015Cyber security for internal 4aa1h3n31ck1m8evlry?email true&a 1&p 49088778&t 28194286Internal Audit’s Key Role in Cyber paredness.aspxJuli 2015IT Compliance for Dummieshttp://auditnet-org.tradepub.com/free/w qa68/prgm.cgi?a 1Juni 2015Zukunft der IT-Sicherheit: Was Experten en?source stanl&r 86458253318362&lid /3020cb22e4524bc2c696c1618f333d9b/Mai 2015Risikofaktor 4a472820a8f75/Sicherheitskultur und 0f51d7a5bb7b70783424e94462/Global State of Information Security Survey: 2015 results by industryhttp://www.pwc.com/gsiss2015April 2015Security Awareness – Informationssicherheit muss sichtbar werden

eness/95bf64c4b6b0b0f6faa188c30c95ad75/Big Data: Glorifizierung und data-erstmal-aufklaren/?source email-de-newscenternewsletter-20150408&lf1 8161264107c432024405782a39585067Prozessoptimierung mit digitaler awdt/978-3-503-15736-5März 2015big data @ -work/b3c384bdfa9d2edff42be44d83cfff41/Survey: Audit Execs’ Cyber-Fears Run fears-run-deep#.VQXVRu90zDdRevision von IT-Verfahren in öffentlichen /978-3-503-15845-4Februar 2015Top Fraud Predictions for 2015: Technology will shape the fight — ACFE echnology-will-shape-the-fightBusiness Continuity Management – Risikokultur ance im loud-zeitalter,3102579Januar 2015Internal audit and the lg4ip1ck1m8evlry?email true&a 1&p 48219412&t 28194286Data theft as much an internal threat as it is external

# federated 1Learn the 4 Steps to Closing the Audit Technology 24229IT-Audit – Grundlagen - Prüfungsprozess - Best /978-3-503-15845-4Dezember 2014Unlocking the Value of Audit Analytics – Risk Based tsNew Issue of Tone at the Top: Cybersecurity: They’re In. Now at.aspxNovember 2014IT Governance: So organisieren Sie Ihre IT ober 2014Auditing IT initiatives is now a required audit aiabulletin/rgxgw2uz2bo1ck1m8evlry?a 1&p 47892372&t 21926635Working smarter: getting the most from IT audit resources and abulletin/1mre1utyviv1ck1m8evlry?a 1&p 47892372&t 21926635Business Continuity Management Key to Handling ity-Management-Practice-Guide.aspx

September 2014IT-Risiko versus /it-risiko-versus-it-sicherheit/BCM basierend auf der ISO ierend-auf-der-iso-22301/Transparenz durch digitale awdt/978-3-503-15675-7Cybersecurity: What Every Board Must ors.aspxJuli 2014Big data and internal bulletin/tzy77130m74ih5k2r2b7pj?a 1&p 47672247&t 22049285Juni 2014CISA and ISACA Standards Used in New Audit he sorry state of ?source CSONLE nlt securityleader 2014-05-26#tk.rss dataprotectionMai 2014Cloud Controls cm/Mittelstand unterschätzt tmlWo die Informationssicherheit 85f3e2ce33885b5/

April 2014Wirtschaftskriminalität: Verbrechen & Verbrecher aufspüren zwischen Bits er/wirtschaftskriminalitaet- b 4478013.htmlMärz 2014Die Geister, die ich rief nuar 2014How to Build an IT Audit k %2Egde 107948 member 5815162491394600960#%21Aided by Data Analytics, Internal Auditors Dig -analytics-internal-auditors-dig-deep/Technology risks are beyond most firms' IT audit tiesDezember 20132013 IT Audit Benchmarking Surveyhttp://www.protiviti.com/ITauditsurvey?mkt tok November 2013Tone at the Top Newsletter - 7 Tips for Governing Social e-at-the-Top.aspxOktober 2013Oracle hat Auditing-Lücke geschlossen

diting-Luecke-geschlossen1956684.html?from-mobi 1Why IT Process Maturity essMaturityWPUnternehmen unterschätzen IT-Sicherheitsrisiken durch ehemalige ilsunternehmen unterschaetzen it sicherheitsrisiken durch ehemalige mitarbeiter.htmlDie zehn größten gazin/die zehn groessten security irrtuemer.htmlIT-Sicherheit im Fokus: European Cyber Security Monthhttp://cybersecuritymonth.euFull overview of cyber security auditing eptember 2013New Issue of Tone at the Top: Big Data: Collect It, Respect pxCyber-Kriminelle gehen beim Datenklau kreativ 303dc40eccd3e53/August 2013Using technology to build a robust audit o-Management mit f60ec322d3f508c97ba/Big Data – Systeme und /978-3-503-14401-3Juli 2013Cyber-Risiken nicht auf dem Risikomanagement-Radar

34f71d7bf002e474e5c9152/IT-Risiko-Management mit f60ec322d3f508c97ba/Juni 2013Interne Revision und Informationssicherheit - erheit-grundlagen.htmlMai 2013Applikationskontrolle im plikationskontrolle im unternehmen.htmlApril 2013IT ist Chefsache: Erfolgsrezepte für das "digitale Unternehmen", Accenture TechnologyVision 2013: The Latest IT Trends and 2013.aspxCompliance ist out: Deloitte – Die center/security/2906086/?r 5626033215619163&lid 233156&pm ln 35ISO 22301 Business Continuity Standard in Plain nstrennung in ERP-Systemenhttp://www.springer.com/springer vieweg/it %26 informatik/grundlagen/book/978-3-658000363?utm medium newsletter&utm campaign GMT19016 1&utm source email&wt mc email.newsletter.GMT19016 1März 2013Neues Sicherheitsportal gegen t

Februar 2013Common Sense Guide to Mitigating Insider ie fünf wichtigsten Vorteile von Application on-control-and-how-to-achievethem?source stanl&r 262512316656866&lid 223666GTAG 4 – Management of IT Audit, 2nd ing.aspxJanuar 2013Verbesserung der Datenqualität ist kein Selbstzweckhttps://www.risknet.de/index.php?id 806&rid t 199&mid 414&aC edd8fcfb&jumpurl 1Sicherheitsrisiken 2013http://nl6.sitepackage.de/link/36939 contentmanager.de/275e968546f8622e4Forensische 3b65e7e29c83b3b4b7/Dezember 2012Österreichs IKT-Sicherheitsstrategie forciert ISO 01.aspxBS 10500:2011 – Specification for an anti-bribery management system id 000000000030238856&utm source MSNEWS-RISK-0-00VOL1211&utm medium et mail&utm content 2505921&utm campaign MS-NEWS-RISK-000VOL-1211&utm term bs10500ABUTTNovember 2012Das richtige Risikomanagement im ource nl

Oktober 2012Norton Cybercrime Report 2012http://nl6.sitepackage.de/link/30363 contentmanager.de/275e968546f8622e4Big Data: Strategic Risks and iles/Crowe-HorwathGlobal/tabbed ortunities%20White%20Paper RISK13905.pdfSeptember 2012Ultimate Guide to Auditing and Securing Procure-to-Pay Controls in ide-Expenditure.pdfKeeping black swans at bay: Auditing id resh 1Managing Risks of Cloud Computing the Focus of COSO’s Latest Thought Leadershiphttp://www.mmsend3.com/link.cfm?r 261248477&sid 20415993&m 2245006&u IIA &j 11251192&s ght-Leadership.aspxThe Human Side of Audit gust 2012Cyber Security: Status Quo, Ausblick und Herausforderungen für Österreich ineiner vernetzten rt.at-jahresbericht-2012.pdfCOBIT 5 - Die 10 Wahrheiten über COBIT owledge/cobit-5 wahrheitenGTAG 17: Auditing IT G17.aspx

IIA Releases Practice Guidance to Help Practitioners Tackle Privacy Issues in theWorld of Global Connectivity and Information vity-and-Informat.aspxForensische Datenanalyse - Dolose Handlungen im Unternehmen erkennen awdt/978-3-503-13847-0Compliance in digitaler Prüfung und Revision: Technische Möglichkeiten – .98w6awdt/978-3-503-14137-1Juli 2012Web-Security-Report 2012http://w3.computerwoche.de/red.php?r 961518018156836&lid 180813&ln 15Managing Risks of Cloud Computing the Focus of COSO’s Latest Thought ase%20June%202012%20Final.pdfZehn Wahrheiten zu COBIT e/2516461/?r 1616083253619111&lid 183531Juni 2012Vorbereitet oder nicht? Wie Unternehmen ihre IT-Sicherheit einschätzenhttp://w3.cio.de/red.php?r 561587732183654&lid 177215&ln 9Zu wenig Kontrollen - Woran Endgeräte-Verschlüsselung y/2676149/?r 6616074265619194&lid 174659Szenarioanalysen und Stresstests bei Mobile Computing - Das mobile -mobilerisiko/6b1039cb8740ef47128cda21d7b73715/Was steckt hinter der ISO 22301:2012?https://www.risknet.de/index.php?id 781&rid t 199&mid 390&aC edd8fcfb&jumpurl 2Mai 2012

A Ten Step Guide to Implementing SAP’s New Security ewsecurity-recommendations/Datensicherheit für kleine und mittelständische x.cfm?cid 38&pkdownloads 5115&source stanl&r 661517010956846&lid 170094Softwaretests gefährden softwareinfrastruktur/2503943/?r 4616073238619186&lid 173388SAP Audit Guide for Financial guide.htmlApril 2012Studie: Tausende eingebetteter Systeme ungeschützt im

anstieg-von-finanz-malware/8