IT Governance, Risk, and Compliance

Dec 15 2012   12:05AM GMT

eBook excerpt: Assuring Information Security – Part II



Posted by: Robert Davis
Tags:
Accountability
Acquire and Implement
Asset Management
Availability Management
COBIT Domains
Control Objectives for Information and related Technology
Deliver and Support
Due Diligence
Fiduciary Responsibility
Framework
Information Assets Protection
Information Security Governance
Information Security Management
ISG
Key Performance Indicators
Monitor and Evaluate
Plan and Organize
Risk Management
Security Frameworks
Value Delivery

Instituting and/or sustaining ISG requires comprehensive planning and organizing; robust acquisitions and implementations; effective delivery and support; as well as continuous monitoring and evaluation to address the myriad of managerial, operational, and technical issues that can thwart satisfying an entity’s mission.  Consequently, “[i]nformation security requires a balance between sound management and applied technology.”  Sound management enables assuring adequate asset safeguarding, while applied technology can introduce efficiencies for addressing potential external or internal threats.

Planning and organizing is imperative to managerial cohesiveness.  ISG usually occurs at different organizational strata, with team leaders reporting to and receiving direction from their managers, with managers reporting up to an executive, and the highest-level executive conferring with and receiving direction from the entity’s oversight committee.  Information that indicates deviation from targets will usually include recommendations for action requiring endorsement by the entity’s oversight layer.  Transparently, this approach is ineffective unless strategies, objectives and goals have first been developed and deployed within the entity’s organizational structure.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: