Strategies and Trends for Information Technology Leaders
The Biggest difference between SAS70 and SOC2/3 One of the biggest differences between an old SAS70 report and a new SOC 2/3 report is that management of the service organization cannot decide which controls they will test. Service organizations can select which criteria to evaluate (security, availability, confidentiality, processing integrity or privacy), but they must…
by Caroline Lowden, director of Internal Audit for Cbeyond Cloud computing is providing many businesses with a cost-effective, low-maintenance approach to store and maintain customer data. Eliminating on-site servers frees up resources and money allowing businesses to invest in additional products without hindering their workflow or sacrificing security. More cloud, more regulation This increased reliance…
Not so long ago, the IT world was only about the technology. But as more CIOs appeared on the scene, companies began to realize that IT had to be better managed and had to align more closely with business objectives. Thus IT governance gained ground. Now things are being elevated up another notch. IT governance…
A cross-functional team with representatives from IT, Finance, and Legal should be involved in the acquisition of mission-critical software as a service (SaaS) applications. SaaS is a software distribution model in which applications are hosted by a vendor or service provider and made available to customers over a network, typically the Internet or VPN. Better…