Home > IT Blogs > IT Governance, Risk, and Compliance/

IT Governance, Risk, and Compliance:

CIA

123
December 30, 2009  7:03 PM

IT Audit Verification Planning: Resolving Technique Selection – Part IV



Posted by: Robert Davis
AA, Applications, Assurance Service, Audit Assurance, CI, CIA, CICA, CISA, CITP, Compliance Testing, Configuration Item, Files, Information Asset, Information Technology, Infrastructure, IT, IT Audit, PM, Program, Project Management, Risk Management, Substantive Testing, Testing Techniques

Auditing IT configurations involves performing compliance and substantive tests on a selected

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

March 16, 2009  7:01 PM

Physical Token Protection – Part IV



Posted by: Robert Davis
Availability, CIA, Confidentiality, Functionality, Identification, Information Security Management, Integrity, ISM, IT Security, Laws and Regulations, Quality, Service Level Agreement, SLA, Token, Usability

Regarding provisioning physical authentication mediums, an entity's deployed access control process should clearly define the way encoded identification is delivered to users -- within the context of promoting adequate confidentiality, integrity and availability. Specifically, the process to...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

March 12, 2009  6:41 PM

Physical Token Protection – Part III



Posted by: Robert Davis
Availability, CIA, Confidentiality, Functionality, Identification, Information Security Management, Integrity, ISM, IT Security, Laws and Regulations, Quality, Service Level Agreement, SLA, Token, Usability

As a corollary requirement, when considering physical tokens, functionality is directly related to capabilities. Consequently, physical token appropriateness should be evaluated based on the set of attributes applicable to the existing set of activities and their specific properties. In other...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

March 9, 2009  6:56 PM

Physical Token Protection – Part II



Posted by: Robert Davis
Availability, CIA, Confidentiality, Functionality, Identification, Information Security Management, Integrity, ISM, IT Security, Laws and Regulations, Service Level Agreement, SLA, Token, Usability

Information asset usability implies availability to perform requested services as well as transparency. Determining physical token usability necessitates assessing relevant and pertinent services for the access process as well as secure user delivery in a timely, correct, and consistent manner....

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

March 6, 2009  7:50 PM

Physical Token Protection – Part I



Posted by: Robert Davis
Availability, CIA, Confidentiality, Functionality, Identification, Information Security Management, Integrity, ISM, IT Security, Laws and Regulations, Token, Usability

Organizationally, information security normally is considered a program enabling and optimizing IT security services for the entity in order to satisfy business requirements, while simultaneously providing strategic and tactical IT security infrastructure management that complies with applicable...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

123