February 17, 2013 12:02 AM
Posted by: Robert Davis
Adaptive Systems,
Assurance Services,
Attestation,
Control Evaluation,
Control System,
Due Care,
Educational Institutions,
Internal Control System,
Logical Security,
Non-profit,
Open Source,
Operating Style,
Quality Assurance Program,
Security Risks,
Trust ManagementTo provide an appropriate answer to this foundational question regarding Wikipedia an assessor must take into consideration the primary traits of reliability. Therefore, as previously stated in Wikipedia: An assessment from a user's perspective - part 1 as well as documented in
February 14, 2013 1:45 PM
Posted by: Robert Davis
Adaptive Systems,
Assurance Services,
Attestation,
Control Evaluation,
Control System,
Due Care,
Educational Institutions,
Internal Control System,
Logical Security,
Non-profit,
Open Source,
Operating Style,
Quality Assurance Program,
Security Risks,
Trust ManagementWikipedia is often been presented as a great research resource; however it is also a public forum, where any authorized user can make a declaration or an assertion. “If you find an article that provides relevant information for your research topic, you should take care to investigate the source...
February 9, 2013 5:48 PM
Posted by: Robert Davis
Adaptive Systems,
Assurance Services,
Attestation,
Control Evaluation,
Control System,
Due Care,
Educational Institutions,
Internal Control System,
Logical Security,
Non-profit,
Open Source,
Operating Style,
Quality Assurance Program,
Security Risks,
Trust ManagementAs conveyed by TechTarget.com, “Identity management (ID management) is a broad administrative area that deals with identifying individuals in a system (such as a country, a network, or an enterprise) and controlling their access to resources within that system by associating user rights and...
February 7, 2013 2:55 AM
Posted by: Robert Davis
Adaptive Systems,
Assurance Services,
Attestation,
Control Evaluation,
Control System,
Due Care,
Educational Institutions,
Internal Control System,
Logical Security,
Non-profit,
Open Source,
Operating Style,
Quality Assurance Program,
Security Risks,
Trust ManagementFollowing the framework outlined in IT Auditing: An Adaptive System, a critical aspect of an IT assessment is the identification of related risks. Though Wikipedia Project Administrators commonly disavow their Internet endeavors are based on a Social Networking System (SNS), their...
February 1, 2013 11:31 PM
Posted by: Robert Davis
Adaptive Systems,
Assurance Services,
Attestation,
Control Evaluation,
Control System,
Due Care,
Educational Institutions,
Internal Control System,
Logical Security,
Non-profit,
Open Source,
Operating Style,
Quality Assurance Program,
Trust Management
January 31, 2013 2:33 AM
Posted by: Robert Davis
Accountability,
Acquire and Implement,
Adaptive Systems,
Asset Management,
Assurance Services,
Availability Management,
COBIT,
COBIT Domains,
Control Environment,
Control Objectives,
Control Objectives for Information and related Technology,
Deliver and Support,
Due Diligence,
Fiduciary Responsibility,
Framework,
Information Assets Protection,
Information Security Governance,
Information Security Management,
ISG,
Key Performance Indicators,
Monitor and Evaluate,
Performance Measurement,
Plan and Organize,
Risk Management,
Strategic Alignment,
Value DeliveryUsually, it is easier to purchase an IT solution addressing IAP than to change a culture. However; even the most secure system will not achieve a significant degree of protection if utilized by “ill-informed, untrained, careless or indifferent personnel.” A well-structured information...
January 26, 2013 1:02 AM
Posted by: Robert Davis
Accountability,
Acquire and Implement,
Adaptive Systems,
Asset Management,
Assurance Services,
Availability Management,
COBIT,
COBIT Domains,
Control Environment,
Control Objectives,
Control Objectives for Information and related Technology,
Deliver and Support,
Due Diligence,
Fiduciary Responsibility,
Framework,
Information Assets Protection,
Information Security Governance,
Information Security Management,
ISG,
Key Performance Indicators,
Monitor and Evaluate,
Performance Measurement,
Plan and Organize,
Risk Management,
Strategic Alignment,
Value DeliveryWith respect to IAP, the information security function should:
- establish processes for provisioning user accounts
- ensure all entity positions are reviewed for sensitivity level
- document procedures for friendly and unfriendly terminations
- install...
January 24, 2013 1:54 AM
Posted by: Robert Davis
Accountability,
Acquire and Implement,
Adaptive Systems,
Asset Management,
Assurance Services,
Availability Management,
COBIT,
COBIT Domains,
Control Environment,
Control Objectives,
Control Objectives for Information and related Technology,
Deliver and Support,
Due Diligence,
Fiduciary Responsibility,
Framework,
Information Assets Protection,
Information Security Governance,
Information Security Management,
ISG,
Key Performance Indicators,
Monitor and Evaluate,
Performance Measurement,
Plan and Organize,
Risk Management,
Strategic Alignment,
Value Delivery1.3 Entity Employees
“The first line of defense from insider threats is the employees themselves.” – Software Engineering Institute (SEI)
Stakeholders expect managerial personnel to run the entity in accordance...
January 19, 2013 4:35 PM
Posted by: Robert Davis
Accountability,
Acquire and Implement,
Adaptive Systems,
Asset Management,
Assurance Services,
Availability Management,
COBIT,
COBIT Domains,
Control Environment,
Control Objectives,
Control Objectives for Information and related Technology,
Deliver and Support,
Due Diligence,
Fiduciary Responsibility,
Framework,
Information Assets Protection,
Information Security Governance,
Information Security Management,
ISG,
Key Performance Indicators,
Monitor and Evaluate,
Performance Measurement,
Plan and Organize,
Risk Management,
Strategic Alignment,
Value DeliveryIf management views an IAP program as a methodology for achieving information systems goals and objectives, the adopted processes can enable a series of assessments defining control usefulness and control deployment; while conjunctively correlating effectiveness and efficiency directly linked to...
