IT Governance, Risk, and Compliance:

February, 2009

1

February 26, 2009  6:49 PM

Peer-to-Peer Networking – Part 1



Posted by: Robert Davis
Applications, Infrastructure, Network Access Protection, P2P, Password-Protected Share, Peer-to-Peer, Performance, Privacy, Security Risks, Share-level Security

There are a variety of networking architectures available for deployment. Potential candidates include Peer-to-Peer, Client/Server and Master/Slave. However, Peer-to-Peer (P2P) architectures present unique governance issues to the information...

Bookmark and Share     0 Comments     RSS Feed     Email a friend

February 23, 2009  9:26 PM

Legal Compliance Alignment – Part IV



Posted by: Robert Davis
FCPA, Foreign Corrupt Practices Act, GLBA, Gramm-Leach-Bliley Act, Health Insurance Portability and Accountability Act, HIPAA, IAP, Information Asset Protection, Information Security Governance, Information Security Management, ISG, ISM, Sarbanes Oxley Act, SOA, SOX

When exploring links between national and international arenas, the information security manager will discover international developments decisively impact national laws. Specifically, regional coalitions have enacted IAP related edicts that subsequently were codified in national laws and...


February 19, 2009  8:47 PM

Legal Compliance Alignment – Part III



Posted by: Robert Davis
FCPA, Foreign Corrupt Practices Act, GLBA, Gramm-Leach-Bliley Act, Health Insurance Portability and Accountability Act, HIPAA, IAP, Information Asset Protection, Information Security Governance, Information Security Management, ISG, ISM, Sarbanes Oxley Act, SOA, SOX

There are numerous global, regional as well as national laws and regulations focusing on information assets protection (IAP) requiring professional consideration. In particular, at...


February 16, 2009  8:00 PM

Legal Compliance Alignment – Part II



Posted by: Robert Davis
FCPA, Foreign Corrupt Practices Act, GLBA, Gramm-Leach-Bliley Act, Health Insurance Portability and Accountability Act, HIPAA, IAP, Information Asset Protection, Information Security Governance, Information Security Management, ISG, ISM, Sarbanes Oxley Act, SOA, SOX

Simultaneous compliance with multiple laws and regulations can create unique challenges for most entities. Selectively, potential compliance hurdles include distinct internal management groups pursuing equivalent goals; diverse audit perspectives, priorities, and requirements; as well as confusion...


February 12, 2009  10:22 PM

Legal Compliance Alignment – Part I



Posted by: Robert Davis
FCPA, Foreign Corrupt Practices Act, GLBA, Gramm-Leach-Bliley Act, Health Insurance Portability and Accountability Act, HIPAA, IAP, Information Asset Protection, Information Security Governance, Information Security Management, ISG, ISM, Sarbanes Oxley Act, SOA, SOX

Institutionalized information security governance defines the information assets safeguarding perimeter inside which an entity should operate. Whereas, legal compliance management ensures structural boundary segments are sturdy and the entity consistently fulfills its mission within externally...


February 9, 2009  8:02 PM

How Does Management Support Deploying IT Governance?



Posted by: Robert Davis
COBIT, Control Self-assessment, Framework, ISACA, ITGI, Management Information Systems, Methodology, Quality Assurance Program, Technique

Depending on your abstraction level, IT governance can be viewed as a framework, methodology, or technique. As a framework, IT governance enables a “system of controls” assisting in assuring organizational goals and objectives are achieved effectively and efficiently. As a methodology, IT...


February 5, 2009  9:38 PM

Access Control Convergence – Part 2



Posted by: Robert Davis
Access Controls, Accountability, Authentication, Authorization, Distributed Platforms, Identification, Information Asset Protection, Infrastructure, Logical Security, Physical Security

Integrated policies improving access control are needed to increase safeguarding capabilities. Furthermore, due to technological and operational diversity, it is critical to have standard processes to control access that will permit economies of scale. Potential candidates for access control...


February 2, 2009  7:38 PM

Access Control Convergence – Part 1



Posted by: Robert Davis
Access Controls, Accountability, Authentication, Authorization, Distributed Platforms, Identification, Information Asset Protection, Infrastructure, Logical Security, Physical Security

Computer technology continues to advance toward a tiered decentralized world of distributed platforms for entering, processing, and retrieving information. Technological implementations are diverse and complex; however, all IT deployments should be protected from unauthorized usage utilizing...


1

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: