IT Governance, Risk, and Compliance:

Information Security Management


November 2, 2009  5:34 PM

First-Tier Governance Development – Part IV



Posted by: Robert Davis
CISM, Decision Theory, Fiduciary Responsibility, Framework, Governance Tree, Information Security Governance, Information Security Management, Information Theory, ISG, ISM, Node, Stakeholder

Organizational units exist for various reasons. Threading from the first-tier Governance Tree level, linked leaves are inextricably affected by external forces. An organizational formation's continuity depends on relevant, accurate and timely external environment information assessments to drive...

October 29, 2009  8:13 PM

First-Tier Governance Development – Part III



Posted by: Robert Davis
CISM, Decision Theory, Fiduciary Responsibility, Framework, Governance Tree, Information Security Governance, Information Security Management, Information Theory, ISG, ISM, Node, Stakeholder

Depending on an entity's technological advancement, information may be conveyed and received through visual, auditory, as well as sensation receptors that enable current or future processing of presented information for decisional application. The list of communicated expectations extends to...


October 26, 2009  7:44 PM

First-Tier Governance Development – Part II



Posted by: Robert Davis
CISM, Decision Theory, Fiduciary Responsibility, Framework, Governance Tree, Information Security Governance, Information Security Management, Information Theory, ISG, ISM, Node, Stakeholder

Information and decision theories have point convergences when conjoined with the binodal Governance Tree depicting entity relationships. Information theory practice domains include data processing systems design, organization analysis, and...


October 22, 2009  5:55 PM

First-Tier Governance Development – Part I



Posted by: Robert Davis
CISM, Fiduciary Responsibility, Framework, Governance Tree, Information Security Governance, Information Security Management, ISG, ISM, Node, Stakeholder

Organizationally, governance is the system by which entities are directed and controlled. "Potential stakeholders usually rely upon governance elements prior to...

Bookmark and Share     0 Comments     RSS Feed     Email a friend


September 17, 2009  7:15 PM

Supporting ISG Deployment – Part V



Posted by: Robert Davis
Benchmarking, Budgeting, Framework, Gap Analysis, Governance Tree, Information Security Governance, Information Security Management, Information Security Processes, Internal Control System, ISG, ISM, ITG, Maturity Modeling, Methodology, Objectives

What ever your perspective may be, the importance of effective and efficient ISG cannot be overlooked in the current global high technology environment. Considering what is at stake for most entities, when security is compromised, usually justifying


September 14, 2009  6:19 PM

Supporting ISG Deployment – Part IV



Posted by: Robert Davis
Benchmarking, Budgeting, Framework, Gap Analysis, Governance Tree, Information Security Governance, Information Security Management, Information Security Processes, Internal Control System, ISG, ISM, ITG, Maturity Modeling, Methodology, Objectives

If, however, you assume ISG provides financial and/or reputational benefits, potential stakeholders are presumed to rely upon governance elements prior to investing their time, talent, and/or money. Therefore, ascertaining the effectiveness and efficiency of entity-centric information security...


September 10, 2009  9:01 PM

Supporting ISG Deployment – Part III



Posted by: Robert Davis
Framework, Governance Tree, Information Security Governance, Information Security Management, Information Security Processes, Internal Control System, ISG, ISM, ITG, Methodology

Alternatively, if you perceive ISG as a descriptive prescription for achieving managerial objectives, the adopted ISG methodology should provide security assessments defining strategic, tactical, and operational risks. Management usually is...


September 8, 2009  6:56 PM

Supporting ISG Deployment – Part II



Posted by: Robert Davis
Framework, Governance Tree, Information Security Governance, Information Security Management, Information Security Processes, ISG, ISM, ITG, Methodology

If you envision ISG as a framework servicing entity and 'IT governance', then structurally, ISG should be implemented as an organizational program with objectives,...


September 3, 2009  8:04 PM

Supporting ISG Deployment – Part I



Posted by: Robert Davis
Framework, Governance Tree, Information Security Governance, Information Security Management, Information Security Processes, ISG, ISM, ITG, Methodology

Traversing to and aligning with potential 'Governance Tree' third-tier abstraction levels; information security governance (ISG) can be viewed as a framework, methodology, or technique. Framing ISG enables a...


August 17, 2009  8:26 PM

Preserving Electronically Encoded Evidence – Part IV



Posted by: Robert Davis
Boot, Configuration, Data Acquisition, Electronic Discovery, Event Management, Forensic Imaging Software, Illegal Acts, Incident Handling, Incident Response, Information Security Management, Irregularities, ISM, Law Enforcement

Whether target data is in transit or at rest, it is critical that measures are in place to prevent the sought information from being destroyed, corrupted or becoming unavailable for forensic investigation. When evidence is at rest, adequate procedures should be followed to ensure evidential


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: