Filter

Audit and Assurance (A&A)

Conduct independent audit and assurance assessments according to relevant standards at least annually.


Login

Audit and Assurance (A&A)

Perform independent audit and assurance assessments according to risk-based plans and policies.


Login

Audit and Assurance (A&A)

Verify compliance with all relevant standards, regulations, legal/contractual, and statutory requirements applicable to the audit.


Login

Audit and Assurance (A&A)

Define and implement an Audit Management process to support audit planning, risk analysis, security control assessment, conclusion, remediation schedules, report generation, and review of past reports and supporting evidence.


Login

Audit and Assurance (A&A)

Level N/A

Establish, document, approve, communicate, apply, evaluate and maintain a risk-based corrective action plan to remediate audit findings, review and report remediation status to relevant stakeholders.


Login

Application and Interface Security (AIS)

Establish, document, approve, communicate, apply, evaluate and maintain policies and procedures for application security to provide guidance to the appropriate planning, delivery and support of the organization's application security capabilities. Review and update the policies and procedures at least annually.


Login

Application and Interface Security (AIS)

Establish, document and maintain baseline requirements for securing different applications.


Login

Application and Interface Security (AIS)

Define and implement technical and operational metrics in alignment with business objectives, security requirements, and compliance obligations.


Login

Application and Interface Security (AIS)

Define and implement a SDLC process for application design, development, deployment, and operation in accordance with security requirements defined by the organization.


Login

Application and Interface Security (AIS)

Implement a testing strategy, including criteria for acceptance of new information systems, upgrades and new versions, which provides application security assurance and maintains compliance while enabling organizational speed of delivery goals. Automate when applicable and possible.


Login