February 4, 2011 11:07 PM
Posted by: Robert Davis
Acquire and Implement,
Availability,
COBIT Domains,
Confidentiality,
Control Objectives,
Deliver and Support,
Effectiveness,
Efficiency,
Integrity,
MIS,
Monitor and Evaluate,
Plan and Organize,
Planning Committee,
Reliability,
Risk Management“An [entity's] Management Information System...
February 1, 2011 9:04 PM
Posted by: Robert Davis
Acquire and Implement,
Availability,
COBIT Domains,
Confidentiality,
Control Objectives,
Deliver and Support,
Effectiveness,
Efficiency,
Integrity,
Monitor and Evaluate,
Plan and Organize,
Planning Committee,
Reliability,
Risk ManagementReflective of ensuring effective IT control objectives, undertaking IT risk management provides the framework that enables future activity to take place in a consistent and controlled manner. ...
January 28, 2011 10:07 PM
Posted by: Robert Davis
Acquire and Implement,
Availability,
COBIT Domains,
Confidentiality,
Control Objectives,
Deliver and Support,
Effectiveness,
Efficiency,
Integrity,
Monitor and Evaluate,
Plan and Organize,
Planning Committee,
ReliabilityUsing SWOT, each IT objectives analysis team member should have conversations with at least four other individuals from the entity to solicit their situational assessment of the current state of IT controls. At a minimum, the four individuals -- queried independently by each team member involved...
January 25, 2011 9:53 PM
Posted by: Robert Davis
Acquire and Implement,
Availability,
COBIT Domains,
Confidentiality,
Control Objectives,
Deliver and Support,
Effectiveness,
Efficiency,
Integrity,
Monitor and Evaluate,
Plan and Organize,
Planning Committee,
ReliabilityCOBIT enables an entity to set clear control objectives for IT through the combining of previously discussed individual IT design and operational areas. Specifically, the eight IT managerial areas are grouped into four...
January 21, 2011 10:08 PM
Posted by: Robert Davis
Acquire and Implement,
Availability,
COBIT Domains,
Confidentiality,
Control Objectives,
Deliver and Support,
Effectiveness,
Efficiency,
Integrity,
Monitor and Evaluate,
Plan and Organize,
Planning Committee,
ReliabilityIT planning, organization, acquisition, implementation, delivery, support, monitoring, and evaluation are baseline IT subjects that embrace core managerial responsibilities as conceived by Henri Fayol. Categorically, IT related planning,...
January 18, 2011 5:52 PM
Posted by: Robert Davis
Acquire and Implement,
Availability,
COBIT Domains,
Confidentiality,
Control Objectives,
Deliver and Support,
Effectiveness,
Efficiency,
Integrity,
Monitor and Evaluate,
Plan and Organize,
Planning Committee,
ReliabilityGeneral managerial objectives, such as maintaining satisfactory performance levels, can be translated into detail IT objectives defining acceptable IT configuration characteristics. The primary purpose of these detailed IT configuration objectives is to guide IT...
January 14, 2011 7:06 PM
Posted by: Robert Davis
Availability,
Confidentiality,
Control Objectives,
Effectiveness,
Efficiency,
Integrity,
Planning Committee,
ReliabilityReducing IT related errors, mistakes, omissions, irregularities, and illegal acts should be an explicit policy of every passive or...
March 16, 2009 7:01 PM
Posted by: Robert Davis
Availability,
CIA,
Confidentiality,
Functionality,
Identification,
Information Security Management,
Integrity,
ISM,
IT Security,
Laws and Regulations,
Quality,
Service Level Agreement,
SLA,
Token,
UsabilityRegarding provisioning physical authentication mediums, an entity's deployed access control process should clearly define the way encoded identification is delivered to users -- within the context of promoting adequate confidentiality, integrity and availability. Specifically, the process to...
March 12, 2009 6:41 PM
Posted by: Robert Davis
Availability,
CIA,
Confidentiality,
Functionality,
Identification,
Information Security Management,
Integrity,
ISM,
IT Security,
Laws and Regulations,
Quality,
Service Level Agreement,
SLA,
Token,
UsabilityAs a corollary requirement, when considering physical tokens, functionality is directly related to capabilities. Consequently, physical token appropriateness should be evaluated based on the set of attributes applicable to the existing set of activities and their specific properties. In other...
