IT Governance, Risk, and Compliance

Jan 3 2013   1:35AM GMT

eBook excerpt: Assuring Information Security – Part VII

Posted by: Robert Davis
Acquire and Implement
Adaptive Systems
Asset Management
Assurance Services
Availability Management
COBIT Domains
Control Environment
Control Objectives
Control Objectives for Information and related Technology
Deliver and Support
Due Diligence
Fiduciary Responsibility
Information Assets Protection
Information Security Governance
Information Security Management
Key Performance Indicators
Monitor and Evaluate
Performance Measurement
Plan and Organize
Risk Management
Strategic Alignment
Value Delivery

Compliance demonstrates acceptance of expected behavior.  Legal compliance is an essential management fiduciary responsibility; however it is not enough to ensure an adequate control environment.  Derivatively, an entity’s established information control environment must achieve dynamic homeostasis or risk managerial chaos.  Therefore, ISG should be installed to convey managements’ control environment attitude, awareness, and actions.  In particular, ISG management should ensure an adequate IAP program is deployed.  For example, regarding potential repercussions, management’s failure to commit sufficient resources addressing IT security risks may adversely affect deployed controls by permitting improper changes to computer objects, or permitting unauthorized transaction processing negatively impacting business decisions.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: