IT Governance, Risk, and Compliance:

Information Security Management


May 2, 2013  10:18 PM

Revisiting the Safeguarding of Information Assets – Part XII



Posted by: Robert Davis
Information Assets Protection, Information Security, Information Security Governance, Information Security Management, IT Controls, Security Frameworks

Complicating laws and regulations alignment are trans-border communication requirements regarding information protection and confidentiality. The potentially costly task of obtaining data delivery consent from all affected parties may be the only enabling trans-border information flow baseline....

April 28, 2013  12:08 PM

Revisiting the Safeguarding of Information Assets – Part XI



Posted by: Robert Davis
Information Assets Protection, Information Security, Information Security Governance, Information Security Management, IT Controls, Security Frameworks

As long as multiple regulatory agencies have government supported agendas, variances can exist that induce comprehensive legal compliance reviews. Primary to multiple decrees control is a thorough analysis of what is required and ensuring quality documentation supporting legal compliance efforts....


April 25, 2013  8:08 PM

Revisiting the Safeguarding of Information Assets – Part X



Posted by: Robert Davis
Information Assets Protection, Information Security, Information Security Governance, Information Security Management, IT Controls, Security Frameworks

Even when compliance requirements extend internationally, managerial responsibility to prevent and detect illegal acts continues without regard to organizational formation origin.  Given this fiduciary obligation, an entity’s management typically utilizes policies, directives, procedures,...


April 21, 2013  2:16 AM

Revisiting the Safeguarding of Information Assets – Part IX



Posted by: Robert Davis
Information Assets Protection, Information Security, Information Security Governance, Information Security Management, IT Controls, Security Frameworks

When links between national and international arenas are considered, international developments have decisively impacted national laws. Specifically; regional coalitions have enacted IAP related edicts that subsequently were codified in national laws and regulations. Procedurally, most regional...


April 19, 2013  2:35 AM

Revisiting the Safeguarding of Information Assets – Part VIII



Posted by: Robert Davis
Information Assets Protection, Information Security, Information Security Governance, Information Security Management, IT Controls, Security Frameworks

There are numerous global, regional as well as national laws and regulations focusing on IAP that require professional consideration. In particular, at the global level, the World Intellectual Property Organisation (WIPO) and World Trade Organization (WTO) have constructed legally binding...


April 14, 2013  2:49 AM

Revisiting the Safeguarding of Information Assets – Part VII



Posted by: Robert Davis
Information Assets Protection, Information Security, Information Security Governance, Information Security Management, IT Controls, Security Frameworks

Generally, determining an entity’s legal mandates exceeds the security function’s ambit. Nonetheless, overseeing applicable legally required control composition, implementation and evaluation are occupational security imperatives.  To reduce potential negative effects of cross-compliance as...


April 11, 2013  8:24 PM

Revisiting the Safeguarding of Information Assets – Part VI



Posted by: Robert Davis
Information Assets Protection, Information Security, Information Security Governance, Information Security Management, IT Controls, Security Frameworks

Regulatory agencies are generally designed to operate with minimum executive or legislative supervision. Theoretically, a commission of experts is more suitable for regulating an industry’s activities than legislative or executive oversight committees. Usually, regulatory agencies are empowered...


April 6, 2013  10:43 PM

Revisiting the Safeguarding of Information Assets – Part V



Posted by: Robert Davis
Information Assets Protection, Information Security, Information Security Governance, Information Security Management, IT Controls, Security Frameworks

Categorically, security implies protection while privacy implies confidentiality.  Laws and regulations have been enacted throughout the world addressing either or both areas as well as intellectual property and contracts.  Compliance with laws and regulations are considered essential to avoid...


April 4, 2013  2:48 PM

Revisiting the Safeguarding of Information Assets – Part IV



Posted by: Robert Davis
Information Assets Protection, Information Security, Information Security Governance, Information Security Management, IT Controls, Security Frameworks

An entity’s management should, and in several countries do, have a legal responsibility to implement an adequate internal control system for preventing, detecting, and conditionally correcting errors, mistakes, omissions, irregularities and illegal acts. Similar to the legal requirement for...


March 30, 2013  6:39 PM

Revisiting the Safeguarding of Information Assets – Part III



Posted by: Robert Davis
Information Assets Protection, Information Security, Information Security Governance, Information Security Management, IT Controls, Security Frameworks

IT safeguarding has generated considerable debate within the audit and management communities since the deployment of computers for performing transaction processing. Specifically, the merits of IT auditor involvement in financial statement audits and managements’ fiduciary ISG...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: