See Full Story
The Institute of Internal Auditors Research Foundation has issued a report providing strong guidance on how to assess exposure for personal technology, with a heavy focus on personal computers. The report is titled "PC Management Best Practices: A Study of the Total Cost of Ownership, Risk, Security, and Audit." It might more appropriately be called "The Internal Audit Is Back and Boy Are They Pissed Report." This report could be used to justify buying new personal computers, increasing maintenance and security staff -- and perhaps firing your IT executives.
I am a little surprised:
Wasn't the "careless" approach one of the biggest arguments for Windows and MS Office ("Anyone knows Windows", "Anyone can run a Windows network" and so on)?
In my point of view, being in control of one's computers is the very key to be protected against worms, viruses and audits.
I absolutely agree with you on this point: Any CIO who is not in control of their shop's IT puts any business at extreme risk and should be replaced.
But I am once again amazed how you managed to lose some bad words on Linux or MacOS (I was already wondering somebody hijacked your account). Good to see some things never change.