Engagement Memo—Protecting Information Systems and Data from Insider Threats

January 23, 2023 | Engagement Memos

We are initiating an audit of Amtrak’s (the company) information security practices for protecting its systems and data internally from unauthorized disclosure, modification, or compromise. Any employee or contractor who maliciously or unintentionally uses their authorized access to systems and data to do harm is an insider threat to the company. Accordingly, our objective will be to assess the effectiveness of company controls to protect its information systems and data from insider threats. We may expand our scope or modify our objective during the audit.

During the audit, we plan to interview company officials; assess related policies, documents, and procedures; and review relevant company data. We may also assess controls for selected company systems.

Tracking Number

005-2023

Report

Engagement Memo—Protecting Information Systems and Data from Insider Threats

Filter Results

Featured Reports

Amtrak can better use its customer service data to improve the customer experience

CAR INSPECTOR LOSES SENIORITY, IS REMOVED FROM SERVICE FOR WORKING OUTSIDE JOBS ON MEDICAL LEAVE

MANAGER OF CLINICAL LABORATORY SENTENCED FOR HEALTH CARE FRAUD

FIVE EMPLOYEES TERMINATED OR RESIGNED WHILE UNDER INVESTIGATION AND SIX OTHERS REPRIMANDED FOLLOWING INVESTIGATION INTO TIME AND ATTENDANCE ABUSE