IT Governance, Risk, and Compliance:

Information Security Processes

1

September 17, 2009  7:15 PM

Supporting ISG Deployment – Part V



Posted by: Robert Davis
Benchmarking, Budgeting, Framework, Gap Analysis, Governance Tree, Information Security Governance, Information Security Management, Information Security Processes, Internal Control System, ISG, ISM, ITG, Maturity Modeling, Methodology, Objectives

What ever your perspective may be, the importance of effective and efficient ISG cannot be overlooked in the current global high technology environment. Considering what is at stake for most entities, when security is compromised, usually justifying

September 14, 2009  6:19 PM

Supporting ISG Deployment – Part IV



Posted by: Robert Davis
Benchmarking, Budgeting, Framework, Gap Analysis, Governance Tree, Information Security Governance, Information Security Management, Information Security Processes, Internal Control System, ISG, ISM, ITG, Maturity Modeling, Methodology, Objectives

If, however, you assume ISG provides financial and/or reputational benefits, potential stakeholders are presumed to rely upon governance elements prior to investing their time, talent, and/or money. Therefore, ascertaining the effectiveness and efficiency of entity-centric information security...


September 10, 2009  9:01 PM

Supporting ISG Deployment – Part III



Posted by: Robert Davis
Framework, Governance Tree, Information Security Governance, Information Security Management, Information Security Processes, Internal Control System, ISG, ISM, ITG, Methodology

Alternatively, if you perceive ISG as a descriptive prescription for achieving managerial objectives, the adopted ISG methodology should provide security assessments defining strategic, tactical, and operational risks. Management usually is...


September 8, 2009  6:56 PM

Supporting ISG Deployment – Part II



Posted by: Robert Davis
Framework, Governance Tree, Information Security Governance, Information Security Management, Information Security Processes, ISG, ISM, ITG, Methodology

If you envision ISG as a framework servicing entity and 'IT governance', then structurally, ISG should be implemented as an organizational program with objectives,...


September 3, 2009  8:04 PM

Supporting ISG Deployment – Part I



Posted by: Robert Davis
Framework, Governance Tree, Information Security Governance, Information Security Management, Information Security Processes, ISG, ISM, ITG, Methodology

Traversing to and aligning with potential 'Governance Tree' third-tier abstraction levels; information security governance (ISG) can be viewed as a framework, methodology, or technique. Framing ISG enables a...


April 27, 2009  6:25 PM

Measuring Delivery Value – Part IV



Posted by: Robert Davis
Continuous Process Improvement, CPI, Information Security Governance, Information Security Infrastructure Management, Information Security Processes, Information Security Service Management, ISG, ISIM, ISSM, IT Security Infrastructure, IT Security Services, Key Performance Indicators, KPI, Performance Measurement, Safeguarding Investments

Performance measurement is a control activity. Measurement techniques are the means for effective information security performance monitoring. "Selective measurement utility is realized when a critical few indicators permit accurate and timely information for decision-making and, by extension,...


April 23, 2009  6:41 PM

Measuring Delivery Value – Part III



Posted by: Robert Davis
Continuous Process Improvement, CPI, Information Security Governance, Information Security Infrastructure Management, Information Security Processes, Information Security Service Management, ISG, ISIM, ISSM, IT Security Infrastructure, IT Security Services, Performance Measurement, Safeguarding Investments

Information security service management can include financial and non-financial indicators to enable performance assessments. However, selected indicators must represent a mathematically measurable quality. An adopted KPI should have an...


April 20, 2009  7:42 PM

Measuring Delivery Value – Part II



Posted by: Robert Davis
Continuous Process Improvement, CPI, Information Security Governance, Information Security Infrastructure Management, Information Security Processes, Information Security Service Management, ISG, ISIM, ISSM, IT Security Infrastructure, IT Security Services, Safeguarding Investments

Procedurally, once information security management has analyzed the entity-centric mission, identified stakeholders, and defined objectives; goals must be established with appropriate performance indicators for status assessments. "Practical information security service delivery and support...


April 17, 2009  5:56 PM

Measuring Delivery Value – Part I



Posted by: Robert Davis
Continuous Process Improvement, CPI, Information Security Governance, Information Security Infrastructure Management, Information Security Processes, Information Security Service Management, ISG, ISIM, ISSM, IT Security Infrastructure, IT Security Services

Considering adamant demands for continuous process improvements, focus on overall information protection and delivery value in terms of enabled services has become a managerial necessity. Information Security Service Management is a set of...


1

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: