ICAEW.com works better with JavaScript enabled.

Information security publications

Technical publications from the IT Faculty are written for business people, not 'techies', and are aimed at helping members make better use of their IT in their businesses and those of their clients.

The IT Faculty provides these publications as a part of its member service. Subjects are selected to be of most use to accountants in their work and are subject to a rigorous review process through the IT Faculty Technical Committee.

Audit insights: cyber security 2015

Cyber security is the work of a group of audit experts from the six largest audit firms based on their many years of experience in IT audit and assurance in the UK and internationally, and based on their current involvement in planning and delivering IT audit and assurance engagements. This 2015 report provides an update to the four flags highlighted in the first Audit insights: cyber security report, published in November 2013.

Developing a cyber resilience strategy

This is exclusive item - please log in or subscribe to view this item.

The guide summarises how technical, social and other changes are affecting the way you do business, and the new threats that result.

Information security threats and solutions

This is exclusive item - please log in or subscribe to view this item.

Information security is the branch of risk management that seeks to manage threats to organisational information. There are of course all kinds of information security risks. They all need to be assessed and businesses need to decide how to treat each one. This guide is solely concerned with the mitigation of information security risk.

Glossary of IT security terms

Clear and concise explanations are given for the most common IT security expressions, phrases, acronyms and jargon.

Security and Assurance in the Cloud

This is exclusive item - please log in or subscribe to view this item.

The purpose of this guide is to introduce you to the debate on security and assurance in the Cloud, define some of the key areas of concern and, most importantly, outline some of the current work being done to build this assurance, and thereby to reinforce Cloud as a valid business strategy for delivering information systems.