(continued from page 18) According to a new survey
‡Board nominations, which of 404 European and North
will be made public to American companies by
elicit input. Boston-based information-
In addition, four standing technology (IT) research
committees consisting only of firm Yankee Group, 54 per-independent directors — the cent plan to increase secu-
Nominating and Governance, rity spending over the next
Human Resources and Com- three years, and 37 percent
pensation, Audit, and Regula- said security spending
tory Oversight and Regulatory would remain the same as
Budget committees — will be last year. Only 8 percent
created to oversee certain criti- will decrease spending. age cost the previous year,
cal functions. Major security incidents according to a 2002 survey by
For more information on the such as the MSBlast and SQL the UK Department of Trade
new NYSE governance struc- Slammer computer worms that and Industry and Pricewater-ture, visit the NYSE Web site, struck organizations worldwide houseCoopers.
www.nyse.com. —J. W in 2003 proved costly to repair. “We believe the cost of
The average cost of repairing viruses and worms is much
damage caused by a single virus greater than originally
or worm attack was UK thought,” said David Roberts,
£122,000 (US $225,809), accord- chief executive officer of The
ing to a new study by The Corporate IT Forum in a state-Corporate IT Forum, an orga- ment. “Ultimately, virtually
nization of Europe’s 140 largest every consumer and every
corporate IT users. That shareholder is paying a price
amount is four times the aver- for inadequate protection.”
FOLLOWING A RECORD
year of network attacks and
vulnerabilities, many organizations plan to increase information security spending in 2004.
According to the forum’s
survey, three-fourths of its
members’ IT departments
incurred costs for lost work
hours or data due to the
MSBlast and Welchia worms
that hit last August. Those
firms lost 365 work hours due
to the attacks. Worse still, 35
percent of organizations surveyed lost an average of 3,080
work hours during the attacks.
Outdated operating systems
may be adding to business’
security woes. IT security firm
AssetMetrix Research Labs in
Ottawa, Ontario, reports that
more than 80 percent of the
670 companies it surveyed have
at least one system running
Windows 98 or Windows 95,
which is also no longer supported by Microsoft. Moreover, Windows 95 and 98
systems make up more than
27 percent of Windows systems
in those companies, compared
ARE AT RISK
Employers pay an average of $6,295 per
employee per year for health benefits. As a
self-insured company you are at risk hiring
a health plan administrator to pay your bills.
• Does your company meet it’s fiduciary
responsibility for managing its self-insured
• I s your health plan administrator meeting their
contractual and financial obligation to you?
• I s your TPA or PBM managing your money
HDM has the experience and proven
auditing methods that reduces the risk
and cost of health benefits.
Visit Our Website at: healthaudit.com
or call at 800-859-5119, ext. 82
Ekaros Analytical Inc.
Books & Tools for Auditors
— by Richard B. Lanza with N. Jill Davies
Nearly 60 key questions and tests, provided in a customizable
menu-driven ACL or IDEA application. 128-page book and CD
includes sample data, flowcharts. Get results the same day!
“... practical solutions to everyday audit situations ...
a must have” — Jim Kaplan, AuditNet
— by C. Stephen Turnbull
A veteran fraud investigator provides detailed techniques of
data analysis, plus legal issues, fraud scenarios, interrogation
techniques, and more.
We are independent publishers focused on data analysis.
FEBRUARY 2004 INTERNAL AUDITOR