This site uses cookies to store information on your computer. Some are essential to make our site work; others help us improve the user experience. By using the site, you consent to the placement of these cookies. Read our privacy policy to learn more.

Information security & privacy

About this topic

These learning resources are designed to help you - whether working in a business or firm - establish and maintain proficiency in the areas of information and data management and analysis; IT risk and assurance services, including service organization controls (SOC) reporting; and information security and privacy, including the growing issue of cybersecurity.

How small businesses can keep data secure

This article suggests ways for organizations with limited IT budgets to keep their data secure.

Article Information security & privacy Foundational

Viewing cyber-security through a COSO lens

This article explores a COSO report which discusses how the 2013 internal control framework can help organisations evaluate and manage cyber-risks.

Article Internal control Foundational

How to mitigate vendor risk in a cybersecurity environment

This article discusses what CPAs need to know when vetting vendors’ security practices.

Article Information security & privacy Foundational

Identity Theft Resources

This page provides information and resources related to identity theft.

Article Information security & privacy Foundational

Disaster and Business Continuity Planning

This article provides an overview of the steps an organization should follow to prepare a disaster recovery plan.

Article Information security & privacy Foundational

FTC Identity Theft Resources for Businesses

This page presents identify theft resources identified by the FTC

Article Information security & privacy Foundational

Segregation of Duties

This article discusses modeling segregation of duties, the management of access controls, and more.

Article IT controls Foundational

Outsourcing and Privacy

This article discusses the 10 critical questions management should ask about outsourcing and discusses specific privacy concerns associated with outsourcing.

Article Information security & privacy Foundational