close

What Is Truth to Power?

[+] A research and advisory resource...

dedicated to bridging the gaps between governance and practice, technology and business, regulation and control, risk management and real market pressures, and your own knowledge and the knowledge of your peers.

[+] An open forum and community...

built to create a common pool of knowledge—one big brain—that lets you work more efficiently, build technology and business practices more effectively, and endure audits more effortlessly.

[+] A plexus nexus...

a neutral hub through which you can reach many valuable information nodes, resource collections, and organizations that are helping people like you already, but in fractured ways.

[+] A rebellion...

against the idea that auditors, analysts, and consultancies can control information simply through their ability to collect and distill it. T2P's goal is to unlock the vast body of knowledge, insight, and conventional wisdom that we all have, make it freely available to you, and help you digest and interpret it—without undue cost, bias, or hype.

Top Panel
WHAT IS T2P?
Top Panel

Tags:risk

Rules & Standards RSS
Results 1 - 5 of 5
Global Technology Audit Guide (GTAG) 13: Fraud Prevention and Detection in an Automated World
Issuer: IIA
Tagsauditfraudsecurityriskassessmentdataanalysis
Country Multi

As technology advances, so do schemes to commit fraud. Therefore, technology can not only be used to perpetrate fraud, but also to prevent and detect it. Using technology to implement real-time fraud prevention and detection programs will enable organizat ...

Category:Audit & Assessment
ReviewRecommendPrintVisitReportClaim
Prudential Practice Guide PPG 234 Management of Security Risk in Information and Information Technology
Issuer: APRA
Tagsaprafinancialsecurityinfosecriskaprappg
Country AU

This prudential practice guide (PPG) targets areas where APRA’s ongoing supervisory activities continue to identify weaknesses. Topics addressed include the importance of an overarching framework, systematic IT asset life-cycle management, effective monit ...

Category:Information & Operational Protection
ReviewRecommendPrintVisitReportClaim
Technical Guide: Requirements for Risk Assessment Methodologies
Issuer: The Open Group
Tagssecurityriskassessment
Country Multi

This Guide identifies and describes the key characteristics that make up any effective risk assessment methodology, thus providing a common set of criteria for evaluating any given risk assessment methodology against a clearly defined common set of essent ...

Category:Information & Operational Protection
ReviewRecommendPrintVisitReportClaim
Measuring Security Tutorial by Dan Geer
Issuer: Geer
Tagssecurityriskinfosecgeermetricsmeasurement
Country Multi

A substantive presentation describing definition, souring, application, interpretation, testing, cost effectiveness, calibration, and use of security measurement in a risk context. The presentation also provides insights on related concepts, such as st ...

Category:Measurement & Metrics
ReviewRecommendPrintVisitReportClaim
An Introduction to Factor Analysis of Information Risk (FAIR)
Issuer: RMI
Tagssecurityinfosecmetricsmeasurementrisk
Country Multi

Factor Analysis of Information Risk (FAIR) provides a framework for understanding, analyzing, and measuring information risk. The outcomes are more cost-effective information risk management, greater credibility for the information security profession, an ...

Category:Information & Operational Protection
ReviewRecommendPrintVisitReportClaim

T2P RECOMMENDS:

AuditNet logo
AuditNet is an online portal for auditors. Created and run by the venerable Jim Kaplan, the organization's mission is to develop a complete "utility" for audit-related information, products, and services.

T2P RECOMMENDS:

The BeyeNETWORK provides resources and professional community support for business intelligence, performance management, data warehousing, data integration and data quality.

T2P RECOMMENDS:

IIA Logo

The Institute of Internal Auditors (IIA) is a powerful research and guidance organization focusing on audit principles and processes for business and IT functions. IIA guidance related to information control includes the Global Technology Audit Guide (GTAG) series and the Guide to the Assessment of IT Risk (GAIT) series.