Volume 3
Volume 3, Number 16 |
June 11, 2010 |
Abstract: Information technology and securing information assets are growing concerns for organizations, especially those within the financial services industry. As a result, information technology (IT) audits are increasingly integral to ensuring that adequate information security controls are in place over data and information systems. Despite the growing importance of information security within the financial services industry there appears to be a lack of empirical data on the effects of conducting an IT audit and implementing recommendations as a result of audit findings. This study seeks to 1) report on a recent IT General Computer Controls Audit conducted at one financial services institution, and 2) to investigate whether the decision to strengthen the knowledge management (KM) process between the institution’s Human Resources and Information Technology departments will result in fewer policy violations, thus creating a more effective information security environment. The conclusion shows that IT audits can be beneficial to organizations that rely on standard information security controls and that a knowledge management approach to implementing network access controls can significantly lower the risk of unauthorized access to corporate resources.
Keywords: IT audit, knowledge management, access controls, network access, dormant accounts
Download this issue: JISAR.3(16).Kim.pdf (Adobe PDF, 13 pages, 564 K bytes)
Preview the contents: Kim.j.txt (ASCII txt, 33 K bytes)
Recommended Citation: Kim and Nelson (2010). The Results of Implementing a Knowledge Management Initiative to Enhance Network Access Controls. Journal of Information Systems Applied Research, 3 (16). http://jisar.org/3/16/. ISSN: 1946-1836. (A preliminary version appears in The Proceedings of CONISAR 2009: §3523..)