Internal Control Considerations for Information System Changes and Patches-Reference-Cited by-同舟云学术

Internal Control Considerations for Information System Changes and Patches

Published:2014 Issue: Volume: Page:161-179
ISSN:2327-3275
Container-title:Advances in Business Information Systems and Analytics
language:
Short-container-title:

Author:

Zanzig Jeffrey S.¹,Francia III Guillermo A.¹,Francia Xavier P.¹

Affiliation:

1. Jacksonville State University, USA

Abstract

The dependence of businesses on properly functioning information systems to allow organizational personnel and outside investors to make important decisions has never been more pronounced. Information systems are constantly evolving due to operational and security requirements. These changes to information systems involve a risk that they could occur in a way that results in improper processing of information and/or security issues. The purpose of this chapter is to consider related guidance provided in a Global Technology Audit Guide (GTAG) from The Institute of Internal Auditors in conjunction with current change and patch management literature in order to assist internal auditors and organizational personnel in better understanding a process that leads to efficient and effective information system changes. The authors describe how internal auditors and information technology professionals can work together with organization management to form a mature approach in addressing both major information system changes and patches.

Publisher

IGI Global

Reference28 articles.

1. Buckley, S. (2011, September). IT change management. Internal Auditor. Retrieved from http://www.theiia.org/intAuditor/itaudit/2011-articles/it-change-management/

2. Cavusoglu, H., Cavusoglu, H., & Zhang, J. (2004). Economics of security patch management. Paper presented at the Annual Workshop on the Economics of Information Security. Retrieved November 14, 2012, from http://ns2.honlab.dc.hu/~mfelegyhazi/courses/BMEVIHIAV15/readings/06_Cavasoglu2006security_patch.pdf

3. Chan, J. (2004). Essentials of patch management policy and practice. Retrieved January 20, 2013, from http://www.patchmanagement.org/pmessentials.asp

4. Cisco Systems. (2003). Cisco IT case study. Retrieved from http://www.cisco.com/web/about/ciscoitatwork/downloads/ciscoitatwork/pdf/Cisco_IT_Case_Study_App_Change_Management.pdf

Cited by 3 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Assurance for Change Management With COBIT 2019 and CMMC Maturity Frameworks;Advances in Business Information Systems and Analytics;2022

2. Practical Guidance in Achieving Successful Change Management in Information System Environments;New Perspectives on Information Systems Modeling and Design;2019

3. A Consensus of Thought in Applying Change Management to Information System Environments;International Journal of Information System Modeling and Design;2015-10