Audit and Assurance

Expand all | Collapse all

Switching to Remote work

  • 1.  Switching to Remote work

    Posted 31 Mar, 2020 14:22
    Hello everyone and hopefully you'r all safe.

    kindly I'm looking for a checklist or best practice guide to help small or medium organizations to switch to remote work from home, many of these organizations are not prepared to do it , and till today after around 3 weeks of quarantine they still not able to run their operations in efficient way.
    On the other hand , do we need to perform an IT Risk Assessment before we implement the remote working from home procedures specially that we cannot assess physically the IT environment.

    Thank you for help.

    Be safe and best regards!!!

    ------------------------------
    Tarek Abdallah
    IT Audit Manager
    ------------------------------


  • 2.  RE: Switching to Remote work

    Posted 01 Apr, 2020 03:08
    Hi Tarek,

    First of all I would highly recommend you to perform an IT Risk Assessment before implementing remote work.
    As you will certainly have captured there is a hughe rise in hacking activities linked with the current worldwide outbreak of Corona.
    So every one should be on elevated watch for cybercrime incidents, hence the advice even for companies already familiar with teleworking to renew user awareness of cybersecurity measures.
    Check the messages on ISACA with regards to impact of COVID-19 on IT.

    Check out the Network Perimeter Security Audit Assurance program and VPN Security Audit Assurance program available at ISACA.org.

    Hope this helps,

    Keep safe!

    Best Regards,
    Steven

    ------------------------------
    Steven Vermeulen
    Partner RSM IT Advisory
    ------------------------------



  • 3.  RE: Switching to Remote work

    Posted 01 Apr, 2020 06:18
    Thank You Steven.

    ------------------------------
    Tarek Abdallah
    IT Audit Manager
    ------------------------------



  • 4.  RE: Switching to Remote work

    Posted 19 Apr, 2020 07:10
    Hello, I would advice you to conduct a risk assessment and to identify what are the core business processes. It would also help to identify what areas will manage critical data so you can ensure that security measures are tight. Also it would be good to introduce tools to facilitate remote work that would be managed by the client IT department.
    Don't forget to fully focus on the training and making sure that employees are aware of their roles and responsibilities in terms of security.

    ------------------------------
    Zineb Gridda
    Senior IT Auditor
    ------------------------------