eBook excerpt: Assuring Information Security – Part VI
Posted by: Robert Davis
Accountability, Acquire and Implement, Adaptive Systems, Asset Management, Availability Management, COBIT, COBIT Domains, Control Environment, Control Objectives, Control Objectives for Information and related Technology, Deliver and Support, Due Diligence, Fiduciary Responsibility, Framework, Information Assets Protection, Information Security Governance, Information Security Management, ISG, Key Performance Indicators, Monitor and Evaluate, Performance Measurement, Plan and Organize, Risk Management, Strategic Alignment, Value Delivery
Dynamic homeostasis is steady state achievement by a relatively open system. This condition is the result of receiving input from outside the system that is at least equal to the sum of system output and resource expenditure. Thus, a for-profit entity must earn profits in the long run to continue as a functional concern and to grow. In fact, all organizational units are open systems to a degree because none can operate without some interaction with the surrounding environment.
Control planning allows forecasting future organizational direction and relevant influences as well as deriving the best strategy for accomplishing control objectives (considering the entity’s strengths, weaknesses and foreseeable trends). Furthermore, the control planning process translates strategy into measurable and operational plans as well as retranslating operational plans into policies, procedures, directives, standards, and rules. Management’s environmental risk assessments can determine control implementation criticality.
Comment
RSS Feed
Email a friend
