A new study says businesses struggling with controls over IT systems should focus on a select number of “foundational controls” that can make the greatest improvement in a company’s operating and security performance as well as meet regulatory requirements.
Conducted by the Information Technology Process Institute, the study identified 21 controls that should be the target of any ongoing audit- and control-related IT spending. And top-performing companies not only implement IT controls, they have a process to enforce and manage them, says Kurt Milne, managing director of the IT Process Institute.
