IT Governance, Risk, and Compliance:

Information Security Management


August 13, 2009  9:04 PM

Preserving Electronically Encoded Evidence – Part III



Posted by: Robert Davis
Boot, Configuration, Data Acquisition, Electronic Discovery, Event Management, Forensic Imaging Software, Illegal Acts, Incident Handling, Incident Response, Information Security Management, Irregularities, ISM, Law Enforcement

Creating evidential copies through routine backup procedures will only permit replicating specific files while none of the files with delete indicators are recovered, nor the designated 'free space' between files. To remediate this limitation, a

August 10, 2009  7:59 PM

Preserving Electronically Encoded Evidence – Part II



Posted by: Robert Davis
Boot, Configuration, Data Acquisition, Electronic Discovery, Illegal Acts, Incident Handling, Incident Response, Information Security Management, Irregularities, ISM, Law Enforcement

Conditionally, if the target system is turned off, simply turning the technology on and permitting a 'boot' can introduce content changes to files directly or indirectly connected through


August 6, 2009  8:39 PM

Preserving Electronically Encoded Evidence – Part I



Posted by: Robert Davis
Electronic Discovery, Illegal Acts, Incident Handling, Incident Response, Information Security Management, Irregularities, ISM

Seeking to preserve electronically encoded evidence implies an incident or event has occurred that will require facts extrapolation for presentation as...


May 12, 2009  3:25 PM

Developing Objectives – Part IV



Posted by: Robert Davis
Accountability, Behavioral Management, Benchmarking, Goals, IAP, Information Asset Protection, Information Security Governance, Information Security Management, ISG, ISM, Management by Objectives, MBO, Planning Committee, Resource Allocation, Responsibility

MBO is a participative behavioral approach to managing employees. One of the primary MBO assumptions is that employees prefer to work hard once they are provided with employer expectations. Intuitively, sustaining accepted expectations...


May 7, 2009  11:14 PM

Developing Objectives – Part III



Posted by: Robert Davis
Accountability, Behavioral Management, Benchmarking, Goals, IAP, Information Asset Protection, Information Security Governance, Information Security Management, ISG, ISM, Management by Objectives, MBO, Planning Committee, Resource Allocation, Responsibility

A system for disseminating information security management objectives is considered fundamental to obtain employee commitment. One way to communicate entity-centric information security objectives is clear and concise policies. Information security...

Bookmark and Share     0 Comments     RSS Feed     Email a friend


May 4, 2009  6:32 PM

Developing Objectives – Part II



Posted by: Robert Davis
Accountability, Behavioral Management, Benchmarking, Goals, IAP, Information Asset Protection, Information Security Governance, Information Security Management, ISG, ISM, Management by Objectives, MBO, Planning Committee, Resource Allocation, Responsibility

Within behavioral management theory, entity leaders have alternative approaches available to accomplish information assets safeguarding objectives development -- including participative, consultative, free rein, and autocratic models....


April 14, 2009  1:08 AM

Measuring Performance – Part IV



Posted by: Robert Davis
CE, Control Environment, Information Security Governance, Information Security Management, ISSM, IT Security Program, ITSM, Key Performance Indicators, KPI, Safeguarding Investments, Service Delivery and Support, Service Level Agreement, Service Management, SLA

Selective measurement utility is realized when a critical few indicators permit accurate and timely information for decision-making and, by extension, appropriate information assets protection....


April 9, 2009  7:10 PM

Measuring Performance – Part III



Posted by: Robert Davis
CE, Control Environment, Information Security Governance, Information Security Management, ISSM, IT Security Program, ITSM, Key Performance Indicators, KPI, Safeguarding Investments, Service Delivery and Support, Service Level Agreement, Service Management, SLA

IT security maturity modeling can measure the established control environment and controls within processes. Typically, the defined maturity modeling scale addresses entity-centric processes from an ad hoc...


April 6, 2009  8:15 PM

Measuring Performance – Part II



Posted by: Robert Davis
Information Security Governance, Information Security Management, ISSM, IT Security Program, ITSM, Key Performance Indicators, KPI, Safeguarding Investments, Service Delivery and Support, Service Level Agreement, Service Management, SLA

Financially-related information is generated to establish cost-oriented steering towards achieving entity-centric objectives and goals. Generally, aggressive expenses administration and accurate costs redistribution improve financial resources availability. However, the IT security financial...


April 3, 2009  7:22 PM

Measuring Performance – Part I



Posted by: Robert Davis
Information Security Governance, Information Security Management, ISSM, IT Security Program, ITSM, Key Performance Indicators, KPI, Safeguarding Investments, Service Delivery and Support, Service Level Agreement, Service Management, SLA

Though IT security service management can include a plethora of indicators, adequate service value measurement is not demonstrated in the sheer number of indicators considered. Practical IT security service delivery and support utilization...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: