Identity and access management

ISACA Introduces New Audit Programs on IAM & Ransomware Readiness

by Business Wire
ISACA

The rapid increase of remote access due to remote and hybrid work arrangements requires increased organizational risk management. At the same time, organizations must be prepared for ransomware attacks as threat actors focus on generating revenue streams by extorting users and organizations of all sizes. These drivers have led to ISACA creating two new audit programs on identity and access management (IAM) and ransomware readiness to better prepare audit professionals for the current landscape.

ISACA’s Identity and Access Management Audit Program provides specific testing and evaluation criteria to assist auditors in assessing the adequacy of safeguards in place to mitigate IAM risk.

IAM processes need to be implemented for all enterprises, but the level of automation within the processes will vary on organizational size and maturity. The audit program outlines common risk related to IAM that auditors should keep in mind, including:

  • Excessive access to systems and data
  • Weak authentication
  • Disclosure of user credentials

ISACA’s Ransomware Readiness Audit Programhighlights potential business impacts of poor ransomware readiness, including:

  • Loss of staff productivity
  • Missing performance targets
  • Loss of consumer and stakeholder confidence in the safety of their data
  • Increased rate of attacks in the future

When developing an enterprise ransomware policy and planning for appropriate investments in attack countermeasures, the enterprise’s risk tolerance and its ability to withstand a business disruption must be considered. The audit program provides foundational information, practical guidance and approaches to preparing for and recovering from a ransomware-related incident addressing the following key areas:

  • Governance
  • Information protection processes and procedures
  • Technical safeguards
  • Human safeguards

Both audit programs are free for ISACA members and US$49 for nonmembers. The Identity and Access Management Audit Program can be accessed at https://store.isaca.org/s/store#/store/browse/detail/a2S4w000005Grc7EAC and the Ransomware Readiness Audit Program can be accessed at https://store.isaca.org/s/store#/store/browse/detail/a2S4w000005uz6vEAA. Additional audit programs and tools from ISACA can be found at https://www.isaca.org/resources/insights-and-expertise/audit-programs-and-tools.

Visit AITechPark for cutting-edge Tech Trends around AI, ML, Cybersecurity, along with AITech News, and timely updates from industry professionals!

Business Wire is a trusted source for news organizations, journalists, investment professionals and regulatory authorities, delivering news directly into editorial systems and leading online news sources via its multi-patented NX Network. Business Wire has 18 newsrooms worldwide to meet the needs of communications professionals and news media.

Related posts

Radiant Logic expands leadership team with two new executives

Business Wire

Avatier Corporation is celebrating its 25th anniversary

PR Newswire

Radiant Logic is an award winner in two categories from CDM

Business Wire