Auditors, customers, regulators, and countless others want good IT controls.
No one defines it the same way, though. So where are small-to-medium sized businesses supposed to start?
This primer takes your through twelve basics you can do to start implementing IT control.
It's a long and complex area but starting off with the basics will get you a long way for little, or no, cost.
Our partner organisation, Pebl1, offers audit and compliance on demand. In their recent white-paper, they outline these as the basics you should look at:
- Someone senior takes responsibility.
- You have an IT plan
- You have an IT risk register
- You install security patches.
- You back up data and systems.
- You use complex passwords.
- You use MFA.
- You have plans to respond incidents.
- You document system changes.
- Your users test system changes.
- You record service requests and incidents.
- You monitor IT services.
Do you want to check your IT controls are up to scratch for free? Just go to Pebl1 here and follow the prompts to get a free report.