About
部门领导和管理人员负责 建立“自上而下的基调” and 分配合适的工作人员 确保网络安全内部控制得到发展, tested, updated and that all staff are routinely trained to prevent operational disruption and data or financial losses due to a cyber incident.
Government financial and operational audits now evaluate data reliability and cybersecurity internal controls as a standard part of normal government operations.
企业安全标准现在作为一个部门的一部分 Internal Controls 并且在组织的各个层面都有合规责任.
来自高层的声音——网络安全是重中之重
网络安全合规性不仅仅是“IT”或技术功能, 而是一系列的控制, operations, 适用于部门内各级员工的程序和培训.
Leadership and managers are responsible to establishing a strong tone from the top that identifies that cybersecurity internal controls are part of the foundation of all operations and are a top organization priority.
指派关键人员确保网络安全合规
作为网络安全准备的一部分, leadership and managers must assign appropriate staff at all levels of the organization to ensure compliance with required cybersecurity and data protection internal Controls.
网络安全内部控制需要包括IT在内的整个组织的协作, HR, Legal, Policy, Fiscal, Budget, Payroll, 项目和运营人员,并扩展到任何承包商或第三方支持运营.