IT Governance, Risk, and Compliance:

Infrastructure


December 3, 2009  9:07 PM

Safeguarding Assets is an IT Project Management Issue – Part IV



Posted by: Robert Davis
Applications, Asset, Implementation, Information Technology, Infrastructure, IT, Project Management, Risk Management, SDLC, System Development Life Cycle, Systems Analysis, Systems Design, Value Delivery

Systems and infrastructure design effects the controls relied on by an entity’s management, therefore, effecting control processes. Because systems and infrastructure are critical to an entity’s success, control processes should be designed...

November 30, 2009  7:22 PM

Safeguarding Assets is an IT Project Management Issue – Part III



Posted by: Robert Davis
Applications, Asset, IDLC, Implementation, Information Technology, Infrastructure, Infrastructure Development Life Cycle, IT, Project Management, Risk Management, SDLC, System Development Life Cycle, Systems Analysis, Systems Design, Value Delivery

An adequate IT infrastructure permits the continuance and growth of technology-based systems. Considering the Control Objectives for Information and related Technology (


November 25, 2009  7:59 PM

Safeguarding Assets is an IT Project Management Issue – Part II



Posted by: Robert Davis
Applications, Asset, Implementation, Information System, Information Technology, Infrastructure, IT, Project Management, Risk Management, SDLC, System Development Life Cycle, Systems Analysis, Systems Design, Value Delivery

As a foundational definition; a system is an assembly of procedures, processes, methods, and/or techniques united by regulated interaction conventions to form an organized whole in support of the entity’s objectives. A key term to this definition is “


November 23, 2009  6:26 PM

Safeguarding Assets is an IT Project Management Issue – Part I



Posted by: Robert Davis
Applications, Asset, Implementation, Information Technology, Infrastructure, IT, Project Management, Risk Management

Technology-based systems and infrastructure do not occur accidentally. They come into being only after appropriate planning, comprehensive...


July 6, 2009  7:02 PM

Trans-border Communication Protection – Part IV



Posted by: Robert Davis
Configuration Items, Encapsulating Security Payload, Encapsulation, ESP, Infrastructure, Internet Protocol Security, IPSec, Open Systems Interconnection, OSI, Privacy, Secure Socket Layer, SSL, Transport Mode, Tunnel Mode, Virtual Private Network, VPN

The primary distinguishing feature between IPSec and SSL is their respective OSI reference model protocol communication tier levels. IPSec operates at the network layer of the


July 2, 2009  8:12 PM

Trans-border Communication Protection – Part III



Posted by: Robert Davis
Configuration Items, Encapsulating Security Payload, Encapsulation, ESP, Infrastructure, Internet Protocol Security, IPSec, Open Systems Interconnection, OSI, Privacy, Secure Socket Layer, SSL, Transport Mode, Tunnel Mode, Virtual Private Network, VPN

Generally, a VPN is recognized as a confidential data plexus that employs the public telecommunication infrastructure while maintaining...


March 3, 2009  4:05 AM

Peer-to-Peer Networking – Part 2



Posted by: Robert Davis
Applications, HDLC, Infrastructure, Network Access Protection, P2P, Password-Protected Share, Peer-to-Peer, Performance, Privacy, Security Risks, Share-level Security, X.25

Maybe, experientially, the small branch office with a P2P network has escaped a security incident since deployment. Even so, a functional P2P network unintentionally presents itself as a potential target waiting for someone capable of pulling the threat trigger to introduce a potent security...


February 26, 2009  6:49 PM

Peer-to-Peer Networking – Part 1



Posted by: Robert Davis
Applications, Infrastructure, Network Access Protection, P2P, Password-Protected Share, Peer-to-Peer, Performance, Privacy, Security Risks, Share-level Security

There are a variety of networking architectures available for deployment. Potential candidates include Peer-to-Peer, Client/Server and Master/Slave. However, Peer-to-Peer (P2P) architectures present unique governance issues to the information...

Bookmark and Share     0 Comments     RSS Feed     Email a friend


February 5, 2009  9:38 PM

Access Control Convergence – Part 2



Posted by: Robert Davis
Access Controls, Accountability, Authentication, Authorization, Distributed Platforms, Identification, Information Asset Protection, Infrastructure, Logical Security, Physical Security

Integrated policies improving access control are needed to increase safeguarding capabilities. Furthermore, due to technological and operational diversity, it is critical to have standard processes to control access that will permit economies of scale. Potential candidates for access control...


February 2, 2009  7:38 PM

Access Control Convergence – Part 1



Posted by: Robert Davis
Access Controls, Accountability, Authentication, Authorization, Distributed Platforms, Identification, Information Asset Protection, Infrastructure, Logical Security, Physical Security

Computer technology continues to advance toward a tiered decentralized world of distributed platforms for entering, processing, and retrieving information. Technological implementations are diverse and complex; however, all IT deployments should be protected from unauthorized usage utilizing...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: