Download Free Department Of The Treasury Handbook For Automated Information Systems Security And Risk Management Book in PDF and EPUB Free Download. You can read online Department Of The Treasury Handbook For Automated Information Systems Security And Risk Management and write the review.

The Dept. of the Treasury relies heavily on information systems -- & on the public¿s trust in its work. Information security is therefore critical to Treasury operations. In support of its annual audit of the govt.¿s financial statements, the author assessed the effectiveness of: (1) Treasury¿s information security controls in protecting the confidentiality, integrity, & availability of the department¿s systems & data; & (2) Treasury¿s implementation of its departmentwide information security program. In assessing the adequacy of Treasury¿s information security program, the author focused on the effectiveness of its departmentwide policies & processes, rather than on bureau-specific directives & guidance. Includes recommendations. Charts & tables.
Issued pursuant to Treasury directive 81-41, "Information Systems Risk Management Program."
FISCAM presents a methodology for performing info. system (IS) control audits of governmental entities in accordance with professional standards. FISCAM is designed to be used on financial and performance audits and attestation engagements. The methodology in the FISCAM incorp. the following: (1) A top-down, risk-based approach that considers materiality and significance in determining audit procedures; (2) Evaluation of entitywide controls and their effect on audit risk; (3) Evaluation of general controls and their pervasive impact on bus. process controls; (4) Evaluation of security mgmt. at all levels; (5) Control hierarchy to evaluate IS control weaknesses; (6) Groupings of control categories consistent with the nature of the risk. Illus.