Your search keyword '"Heninger, William G."' showing total 5 results

1. Managing multiple identities: determine the best identity and access management solution for your organization.

Author

Peterson, Bryce H., Smedegaard, Paul, Heninger, William G., and Romney, Marshall B.

Subjects

Internal control (Accounting) -- Standards, Corporate governance -- Standards, Business management software -- Access control -- Standards, Business management software

Abstract

EXECUTIVE SUMMARY * Identity management addresses the difficulties encountered when one physical user has separate user IDs and passwords on multiple systems and applications. Access management addresses the challenges associated [...]

Published

2008

2. Opportunity detected: new SEC interpretive guidance and AS5 give companies and auditors a chance to make internal controls more efficient.

Author

Fogleman, Samuel L., Peterson, Bryce H., Heninger, William G., and Romney, Marshall B.

Subjects

Internal control (Accounting) -- Standards -- Methods, Risk assessment -- Methods

Abstract

EXECUTIVE SUMMARY * The crux of the SEC's interpretive guidance for management is a top-down, risk-based approach that puts risk first and foremost. Four key areas of opportunity can be [...]

Published

2007

3. Install your own wireless network: access your computer, printer and peripherals without cables.

Author

Peterson, Bryce H., Heninger, William G., Lindstrom, Craig J., and Romney, Marshall B.

Subjects

Wireless local area networks (Computer networks) -- Management, Wireless network, Wireless LAN/WAN system, Company business management

Abstract

Would you like to access the Internet, your printer and your other computers, including laptops, without stringing wires throughout your office or home? The solution is a wireless local area [...]

Published

2004

4. Managing Multiple Identities.

Author

Peterson, Bryce H., Smedegaard, Paul, Heninger, William G., and Romney, Marshall B.

Subjects

AUDITING, RISK management in business, ACCESS control, COMPLEX organizations, COMPUTER passwords, INTERORGANIZATIONAL relations, IDENTITY theft, MANAGEMENT

Abstract

* Identity management addresses the difficulties encountered when one physical user has separate user IDs and passwords on multiple systems and applications. Access management addresses the challenges associated with the specific access rights and permissions of multiple user IDs. * Large, complex organizations have the greatest potential to benefit from software-based IAM. Smaller organizations may find that performing an IAM readiness review could generate policy and process improvements that would facilitate initiatives that would allow the organization to realize benefits without implementing new software. * Internal control and corporate governance are the primary drivers of IAM solution implementations. Benefits include centralized monitoring, detection of policy exceptions and segregation of duties. Other considerations include controlling access to centralized IAM, defining and tuning rules, and integrating the IAM solution with the organization's current internal control environment. * The ideal IAM solution must effectively manage the life cycle, which runs from the creation, change and, ultimately, to the deletion of a user's multiple user IDs and associated permissions. * Integrators should be measured on cost, functionality, track record, their expertise with existing systems, and their ability to scale with you as your business changes. * Readiness criteria and maintenance should be determined prior to implementation. [ABSTRACT FROM PUBLISHER]

Published

2008

5. Opportunity Detected.

Author

Fogleman, Samuel L., Peterson, Bryce H., Heninger, William G., and Romney, Marshall B.

Subjects

AUDIT risk, INTERNAL auditing, COMPLIANCE auditing, UNITED States. Sarbanes-Oxley Act of 2002, ECONOMICS

Abstract

* The crux of the SEC's interpretive guidance for management is a top-down, risk-based approach that puts risk first and foremost. Four key areas of opportunity can be used to reduce an organization's overall SOX 404 compliance effort-risk assessment, entity-level controls, control selection and testing approach. * AS5 complements the SEC interpretive guidance to management and includes the following key points: * Risk assessment underlies the entire audit process. * Evaluation of entity-level controls can result in increasing or decreasing the testing that otherwise would be performed on controls at the process, transaction or application levels. * Auditors are specifically permitted to consider the nature, timing and extent of procedures performed in the prior year and the results of those procedures in determining the risk associated with a particular control. * The standard makes it easier to use the work of others and allows auditors to use direct assistance from other parties in performing walk-throughs. * The external auditor will no longer be required to opine on management's assessment. * The definition of a material weakness was changed to conform to FASB Statement no. 5 and the definition of a significant deficiency was changed to focus the auditor on the communication requirements rather than scoping issues. * The authors recommend a "stop-rethink-reuse" strategy for implementing the new guidance: Stop. To avoid changing simply for the sake of change, risk should be at the center of any adjustments that are made to existing compliance frameworks. Rethink. With risk at the forefront, management should consider increasing the rigor of its existing risk assessment to focus on financial reporting elements that represent a higher risk of material misstatement to the financial statements. Reuse. Once a thorough risk assessment has been performed, management should consider revisiting the existing controls portfolio, starting with the entity-level controls. Carefully designed entity-level controls can reduce the number of supporting process-level controls that need testing. INSET: Communication Continues to Be Key. [ABSTRACT FROM PUBLISHER]

Published

2007