IT Governance, Risk, and Compliance:

August, 2009

1

August 31, 2009  8:57 PM

Synchronizing Balanced Scorecards – Part IV



Posted by: Robert Davis
Baseline, Continuous Improvement, Delivery Value, Goals, ITG, Key Indicators, Management System, Monitoring, Service Measurement, Strategic Performance, Strategic Planning

Balanced Scorecards are considered an effective means to assist the entity's oversight committee and operational management in achieving information security,

August 27, 2009  8:16 PM

Synchronizing Balanced Scorecards – Part III



Posted by: Robert Davis
Baseline, Continuous Improvement, Delivery Value, Goals, ITG, Key Indicators, Management System, Monitoring, Service Measurement, Strategic Performance, Strategic Planning

Balanced Scorecard is a strategic planning and management system that can be utilized in for-profit and not-for-profit entities for business activities alignment to the organizational mission, communication...


August 24, 2009  7:13 PM

Synchronizing Balanced Scorecards – Part II



Posted by: Robert Davis
Baseline, Continuous Improvement, Delivery Value, Goals, ITG, Key Indicators, Monitoring, Service Measurement, Strategic Performance, Strategic Planning

Typically, measures or indicators should be selected from factors that lead to improved employee, customer, operational, and/or financial performance. Performance measures or indicators are assessable products' or services' characteristics...


August 20, 2009  7:58 PM

Synchronizing Balanced Scorecards – Part I



Posted by: Robert Davis
Baseline, Continuous Improvement, Delivery Value, Goals, ITG, Key Indicators, Monitoring, Service Measurement, Strategic Performance, Strategic Planning

With the introduction of 'Balanced Scorecard' theory, management has the option to view the entity from four perspectives and develop metrics, collect data as well as perform analyzes...


August 17, 2009  8:26 PM

Preserving Electronically Encoded Evidence – Part IV



Posted by: Robert Davis
Boot, Configuration, Data Acquisition, Electronic Discovery, Event Management, Forensic Imaging Software, Illegal Acts, Incident Handling, Incident Response, Information Security Management, Irregularities, ISM, Law Enforcement

Whether target data is in transit or at rest, it is critical that measures are in place to prevent the sought information from being destroyed, corrupted or becoming unavailable for forensic investigation. When evidence is at rest, adequate procedures should be followed to ensure evidential


August 13, 2009  9:04 PM

Preserving Electronically Encoded Evidence – Part III



Posted by: Robert Davis
Boot, Configuration, Data Acquisition, Electronic Discovery, Event Management, Forensic Imaging Software, Illegal Acts, Incident Handling, Incident Response, Information Security Management, Irregularities, ISM, Law Enforcement

Creating evidential copies through routine backup procedures will only permit replicating specific files while none of the files with delete indicators are recovered, nor the designated 'free space' between files. To remediate this limitation, a


August 10, 2009  7:59 PM

Preserving Electronically Encoded Evidence – Part II



Posted by: Robert Davis
Boot, Configuration, Data Acquisition, Electronic Discovery, Illegal Acts, Incident Handling, Incident Response, Information Security Management, Irregularities, ISM, Law Enforcement

Conditionally, if the target system is turned off, simply turning the technology on and permitting a 'boot' can introduce content changes to files directly or indirectly connected through


August 6, 2009  8:39 PM

Preserving Electronically Encoded Evidence – Part I



Posted by: Robert Davis
Electronic Discovery, Illegal Acts, Incident Handling, Incident Response, Information Security Management, Irregularities, ISM

Seeking to preserve electronically encoded evidence implies an incident or event has occurred that will require facts extrapolation for presentation as...


August 3, 2009  6:16 PM

Critical Incident Response Elements – Part IV



Posted by: Robert Davis
Contingency Management, Incident Response, Information, Management Information System, MIS, Organization, Risk Management, Security Service, Threat Management

Managing an appropriate security incident response is typically a crucial business requirement. To enable effective management, a security MIS should correlate data to intended usage to determine security failure repercussions. Considering the...


1

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: