IT Governance, Risk, and Compliance:

Irregularities

1

August 17, 2009  8:26 PM

Preserving Electronically Encoded Evidence – Part IV



Posted by: Robert Davis
Boot, Configuration, Data Acquisition, Electronic Discovery, Event Management, Forensic Imaging Software, Illegal Acts, Incident Handling, Incident Response, Information Security Management, Irregularities, ISM, Law Enforcement

Whether target data is in transit or at rest, it is critical that measures are in place to prevent the sought information from being destroyed, corrupted or becoming unavailable for forensic investigation. When evidence is at rest, adequate procedures should be followed to ensure evidential

August 13, 2009  9:04 PM

Preserving Electronically Encoded Evidence – Part III



Posted by: Robert Davis
Boot, Configuration, Data Acquisition, Electronic Discovery, Event Management, Forensic Imaging Software, Illegal Acts, Incident Handling, Incident Response, Information Security Management, Irregularities, ISM, Law Enforcement

Creating evidential copies through routine backup procedures will only permit replicating specific files while none of the files with delete indicators are recovered, nor the designated 'free space' between files. To remediate this limitation, a


August 10, 2009  7:59 PM

Preserving Electronically Encoded Evidence – Part II



Posted by: Robert Davis
Boot, Configuration, Data Acquisition, Electronic Discovery, Illegal Acts, Incident Handling, Incident Response, Information Security Management, Irregularities, ISM, Law Enforcement

Conditionally, if the target system is turned off, simply turning the technology on and permitting a 'boot' can introduce content changes to files directly or indirectly connected through


August 6, 2009  8:39 PM

Preserving Electronically Encoded Evidence – Part I



Posted by: Robert Davis
Electronic Discovery, Illegal Acts, Incident Handling, Incident Response, Information Security Management, Irregularities, ISM

Seeking to preserve electronically encoded evidence implies an incident or event has occurred that will require facts extrapolation for presentation as...


March 31, 2009  9:36 PM

Control Assessments – Part IV



Posted by: Robert Davis
Assurance Services, Control Self-assessment, CSA, IAP, ICR, Illegal Acts, Information Asset Protection, Information Security Management, Internal Control Review, Irregularities

Arguably, data security is the most significant domain supporting information reliability. Entity oversight committees should monitor control activities for on-going relevance and effectiveness as well as responses to information security...


March 28, 2009  8:20 PM

Control Assessments – Part III



Posted by: Robert Davis
Assurance Services, Control Self-assessment, CSA, IAP, ICR, Illegal Acts, Information Asset Protection, Information Security Management, Internal Control Review, Irregularities

Information security managers should prepare for audits utilizing control self-assessments to verify compliance with laws, regulations, policies and procedures. It is always a sound idea to strategically plan annual control self-assessments....


March 24, 2009  7:11 PM

Control Assessments – Part II



Posted by: Robert Davis
Assurance Services, Control Self-assessment, CSA, IAP, ICR, Illegal Acts, Information Asset Protection, Information Security Management, Internal Control Review, Irregularities

Management needs to understand the status of the entity's IT systems to decide what safeguarding mechanisms should be deployed to meet business requirements. When IAP monitoring is built into the entity's operating activities, and process performance is reviewed on a real-time basis; control...


March 19, 2009  7:56 PM

Control Assessments – Part I



Posted by: Robert Davis
Assurance Services, Control Self-assessment, CSA, IAP, Illegal Acts, Information Asset Protection, Information Security Management, Internal Control Review, Irregularities

For most entities, information and related technologies compliance management is critical to survival as well as success. As with other organizational programs, security compliance does not occur through managerial intent transmissions from a remote planet in some distant galaxy far, far away....


1

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: