Blog

With all the various frameworks available to accounting prof…

With all the various frameworks available to accounting professionals it is important to know frameworks have different audiences, subject matter, and uses.  Knowing the similarities and differences among frameworks helps the professional choose the right framework for a given situation. Given the descriptions on the left, identify the appropriate framework on the right.  A framework may be used more than once or not at all.

Your firm has been hired to help map a client’s control acti…

Your firm has been hired to help map a client’s control activities to the appropriate National Institute of Standards and Technology (NIST) Control Family in the NIST 800-53 framework.  The client’s control is that the IT Department periodically scans the network for vulnerabilities.  This control best matches the description of which of the following NIST 800-53 Control Families?

A local company has approached you to help them determine th…

A local company has approached you to help them determine their progress/maturity toward improving their overall IT security posture.  During your interviews with company personnel you learn that the company has individuals responsible for managing and protecting the IT infrastructure along with multiple departments with differing risk profiles.  This company also stores and processes sensitive data for its clients and can withstand only short interruptions in service.  Because of the sensitivity of the data it stores and processes any breach of the company’s network would be a major concern as it may lead to a loss of public confidence. The Center for Internet Security (CIS) Implementation Group (IG) that mostly closely matches your client’s environment is [implementationgroup].