Information security management is expected to have a powerful influence over business, according to the 18th Annual Top Technology Initiatives Survey of the American Institute of Certified Public Accountants (AICPA). According to a press release issued by the AICPA, information security was identified for the fifth consecutive year as the technology issue expected to have the greatest effect in the upcoming year. More than 1,500 participants completed the survey.
"Organizations continue to make large-scale IT-related investments and, while the rewards can be significant, the potential for financial loss or harm to reputation due to a security problem is a growing concern," said Everett C. Johnson, CPA, International President of ISACA, a recognized worldwide leader in IT governance, control security and assurance. "Businesses are realizing that control and value are achieved by focusing on what IT enables the business to achieve, rather than on the technology itself. As the survey indicates, there is a clear need for management, auditors, and IT professionals to ensure that the appropriate security and governance processes are in place."
Steve Lineberry, CISA, CISM, NSA-IAM, IEM, IS audit manager with KraftCPAs agrees, "As businesses increasingly rely on technology for information storage and retrieval, they must increase their efforts to heighten security. Good business sense dictates that you take steps to mitigate security risk and protect the company's clients, employees and reputation. This process begins with risk assessment."
Steve advises, "Information security is definitely an area where external testing in prudent. Few small to mid-sized companies have IS auditors in house, and even those that do, may be too close to the situation to diagnosis problems. While some IS security issues require a big fix, we see numerous security problems that can be addressed easily and inexpensively. You just have to know what to look for."
As the survey indicates, new technology issues continue to arise, requiring continual assessment and intervention. Identity and Access Management, jumped from sixth place in 2006 to second place in 2007. Privacy Management also nudged its way up from fifth to fourth place, while four new initiatives made their debut in this year's top 10.
The top 10 most important technology initiatives are as follows:
- Information security management
- Identity and access management
- Conforming to assurance and compliance standards
- Privacy management
- Disaster recovery planning and business continuity management
- IT governance
- Securing and controlling information distribution (new to the list)
- Mobile and remote computing (new to the list)
- Electronic archiving and data retention (new to the list)
- Document content and knowledge management (new to the list)
For definitions of each initiative and more information on the top 10 list, visit www.aicpa.org/infotech. KraftCPAs is uniquely qualified to assist businesses and other organizations with information security issues. Our team includes:
- management-level CPAs
- certified information system auditors
- certified information security manager
- certified information technology professionals
KraftCPAs is backed by the professionals of our wholly owned affiliate, Kraft Technology Group (KTG). Together with KTG, we can provide the technology expertise and business knowledge needed to assess information security and make cost-effective recommendations for improvements. Putting the Kraft team to work for you means you'll have IT professionals who understand banking -- not just technology. We strive to recommend solutions that can help protect your assets without breaking the bank.
Click here to download a PDF of this article.
