January 12, 2013 5:59 PM
Posted by: Robert Davis
Accountability,
Acquire and Implement,
Adaptive Systems,
Asset Management,
Assurance Services,
Availability Management,
COBIT Domains,
Control Environment,
Control Objectives,
Control Objectives for Information and related Technology,
Deliver and Support,
Due Diligence,
Fiduciary Responsibility,
Framework,
Information Assets Protection,
Information Security Governance,
Information Security Management,
ISG,
Key Performance Indicators,
Monitor and Evaluate,
Performance Measurement,
Plan and Organize,
Risk Management,
Strategic Alignment,
Value DeliveryClassically, managers are individuals assigned to and functioning at various responsibility, accountability, and authority levels. Top-level managers are usually responsible for overall entity direction, accountable to stakeholders, and have the authority to establish measurable and achievable...
January 10, 2013 3:33 AM
Posted by: Robert Davis
Accountability,
Acquire and Implement,
Adaptive Systems,
Asset Management,
Assurance Services,
Availability Management,
COBIT,
COBIT Domains,
Control Environment,
Control Objectives,
Control Objectives for Information and related Technology,
Deliver and Support,
Due Diligence,
Fiduciary Responsibility,
Framework,
Information Assets Protection,
Information Security Governance,
Information Security Management,
ISG,
Key Performance Indicators,
Monitor and Evaluate,
Performance Measurement,
Plan and Organize,
Risk Management,
Strategic Alignment,
Value DeliveryIn fulfilling addressable COBIT information criteria, an IAP program should include processes and steps for assessing tangible as well as intangible property. The distinction between tangible and intangible is the physical nature of the property. Properties having a physical existence -- such...
January 5, 2013 4:52 PM
Posted by: Robert Davis
Accountability,
Acquire and Implement,
Adaptive Systems,
Asset Management,
Assurance Services,
Availability Management,
COBIT,
COBIT Domains,
Control Environment,
Control Objectives,
Control Objectives for Information and related Technology,
Deliver and Support,
Due Diligence,
Fiduciary Responsibility,
Framework,
Information Assets Protection,
Information Security Governance,
Information Security Management,
ISG,
Key Performance Indicators,
Monitor and Evaluate,
Performance Measurement,
Plan and Organize,
Risk Management,
Strategic Alignment,
Value Delivery1.2 IAP Management
“Applying similar management practices to [i]nformation security management is unavoidable as the security environment keeps on increasing in complexity and insecurity.” – Security...
January 3, 2013 1:35 AM
Posted by: Robert Davis
Accountability,
Acquire and Implement,
Adaptive Systems,
Asset Management,
Assurance Services,
Availability Management,
COBIT,
COBIT Domains,
Control Environment,
Control Objectives,
Control Objectives for Information and related Technology,
Deliver and Support,
Due Diligence,
Fiduciary Responsibility,
Framework,
Information Assets Protection,
Information Security Governance,
Information Security Management,
ISG,
Key Performance Indicators,
Monitor and Evaluate,
Performance Measurement,
Plan and Organize,
Risk Management,
Strategic Alignment,
Value Delivery
Compliance...
February 8, 2010 7:39 PM
Posted by: Robert Davis
AA,
Applications,
Assurance Services,
Audit Assurance,
CA,
CIA,
CICA,
CISA,
CITP,
Compliance Testing,
CPA,
Evidence,
Files,
Information Technology,
Infrastructure,
IT,
IT Audit,
PM,
Programs,
Project Management,
Risk Assessment,
Risk Management,
Study,
Substantive TestingWhen providing audit assurance, auditors commonly have an opportunity to define current risks to resources and subsequently recommend remedial activities to reduce assessed risks to resources. Professionally, three generally accepted audit fieldwork standards guide auditors in the performance...
March 31, 2009 9:36 PM
Posted by: Robert Davis
Assurance Services,
Control Self-assessment,
CSA,
IAP,
ICR,
Illegal Acts,
Information Asset Protection,
Information Security Management,
Internal Control Review,
IrregularitiesArguably, data security is the most significant domain supporting information reliability. Entity oversight committees should monitor control activities for on-going relevance and effectiveness as well as responses to information security...
March 28, 2009 8:20 PM
Posted by: Robert Davis
Assurance Services,
Control Self-assessment,
CSA,
IAP,
ICR,
Illegal Acts,
Information Asset Protection,
Information Security Management,
Internal Control Review,
IrregularitiesInformation security managers should prepare for audits utilizing control self-assessments to verify compliance with laws, regulations, policies and procedures. It is always a sound idea to strategically plan annual control self-assessments....
March 24, 2009 7:11 PM
Posted by: Robert Davis
Assurance Services,
Control Self-assessment,
CSA,
IAP,
ICR,
Illegal Acts,
Information Asset Protection,
Information Security Management,
Internal Control Review,
IrregularitiesManagement needs to understand the status of the entity's IT systems to decide what safeguarding mechanisms should be deployed to meet business requirements. When IAP monitoring is built into the entity's operating activities, and process performance is reviewed on a real-time basis; control...
March 19, 2009 7:56 PM
Posted by: Robert Davis
Assurance Services,
Control Self-assessment,
CSA,
IAP,
Illegal Acts,
Information Asset Protection,
Information Security Management,
Internal Control Review,
IrregularitiesFor most entities, information and related technologies compliance management is critical to survival as well as success. As with other organizational programs, security compliance does not occur through managerial intent transmissions from a remote planet in some distant galaxy far, far away....
