IT Governance, Risk, and Compliance:

ISG


September 23, 2011  7:47 PM

Auditing Information Security Governance – Part I



Posted by: Robert Davis
Certified Information Systems Auditor, Certified Information Technology Professional, Certified Internal Auditor, Certified Internal Controls Auditor, Certified Public Accountant, External Audit, Information Security Governance, Internal Audit, ISG, IT Audit

Governance supports stakeholder expectations related to management’s fiduciary responsibilities. Governance also reflects how an entity achieves its stated mission. Specifically, governance can be considered the program by which entities are directed and controlled.

July 26, 2011  8:04 PM

Business Continuity and IT Availability – Part VIII



Posted by: Robert Davis
Backup, BCM, BCP, Business Continuity, Crisis Management, Disaster Recovery, DRP, Information Security Governance, Information Security Service Management, Information Technology Service Management, ISG, ISSM, ITSM, Service Delivery, Service Disruption, Threat Management

Directly, an entity’s DRP has a significant affect on the viability of IT and information security governance programs. Indirectly, IT and information security governance programs may impact stakeholder assessed entity value. Regardless of organizational formation -- corporation, partnership,...


July 22, 2011  5:35 PM

Business Continuity and IT Availability – Part VII



Posted by: Robert Davis
Backup, BCM, BCP, Business Continuity, Crisis Management, Disaster Recovery, DRP, Information Security Governance, Information Security Service Management, Information Technology Service Management, ISG, ISSM, ITSM, Service Delivery, Service Disruption, Threat Management

Through establishment and deployment of an emergency management program, top-level personnel can send a clear message to everyone in the entity that business continuity and disaster recovery control...


July 19, 2011  8:04 PM

Business Continuity and IT Availability – Part VI



Posted by: Robert Davis
Backup, BCM, BCP, Business Continuity, Crisis Management, Disaster Recovery, DRP, Information Security Governance, Information Security Service Management, Information Technology Service Management, ISG, ISSM, ITSM, Service Delivery, Service Disruption, Threat Management

Considering the interconnectivity of national economies through computer networks, entities are more vulnerable than ever to the possibility of technical difficulties disrupting business at any point in the communication chain. From flood or fire to computer-virus or denial-of-service, disasters...


July 15, 2011  2:44 AM

Business Continuity and IT Availability – Part V



Posted by: Robert Davis
Backup, BCM, BCP, Business Continuity, Crisis Management, Disaster Recovery, DRP, Information Security Governance, Information Security Service Management, Information Technology Service Management, ISG, ISSM, ITSM, Service Delivery, Service Disruption, Threat Management

Managerial concerns normally include: excessive business costs, forgone business opportunities, and potential revenue losses. When a business interruption occurs, restored information assets may affect operational effectiveness and efficiency. ...


July 12, 2011  9:32 PM

Business Continuity and IT Availability – Part IV



Posted by: Robert Davis
Backup, BCM, BCP, Business Continuity, Crisis Management, Disaster Recovery, DRP, Information Security Governance, Information Security Service Management, Information Technology Service Management, ISG, ISSM, ITSM, Service Delivery, Service Disruption, Threat Management

Where accepted as a managerial responsibility, an adequate ISG program should have security professionals participating in system life cycle design, acquisition, testing, and maintenance phases to ensure business continuity as well as availability requirements are appropriately incorporated, that...


July 8, 2011  10:25 PM

Business Continuity and IT Availability – Part III



Posted by: Robert Davis
Backup, BCM, BCP, Business Continuity, Crisis Management, Disaster Recovery, DRP, Information Security Governance, ISG, Service Delivery, Service Disruption, Threat Management

Governance usually occurs at different organizational strata, with activities flowing from processes, with processes linking up to systems, and programs receiving objectives from the entity’s oversight committee through established reporting lines. Alternatively or...


November 19, 2009  9:16 PM

Second-Tier Governance Deployment – Part V



Posted by: Robert Davis
CISM, Decision Theory, Fiduciary Responsibility, Framework, Governance Tree, Information Security Governance, Information Security Management, Information Theory, ISG, ISM, ITGI, Node, Safeguarding, Stakeholder

Governance usually occurs at different organizational strata, with procedures tailored for processes, with processes linking up to systems, and programs receiving objectives from the entity's oversight committee through established...


November 16, 2009  8:13 PM

Second-Tier Governance Deployment – Part IV



Posted by: Robert Davis
CISA, CISM, Concentrator, Decision Theory, Fiduciary Responsibility, Framework, Governance Tree, Information Security Governance, Information Security Management, Information Theory, ISG, ISM, Multiplexor, Node, Stakeholder

Abstraction levels are developed based on perceived usefulness. Second-tier Governance Tree information nodes can be viewed in the context of programs, systems, and processes. Pragmatically, establishment of entity-level governance is a second-tier


November 12, 2009  9:10 PM

Second-Tier Governance Deployment – Part III



Posted by: Robert Davis
CISM, Decision Theory, Fiduciary Responsibility, Framework, Governance Tree, Information Security Governance, Information Security Management, Information Theory, ISG, ISM, Node, Stakeholder

Entity tonal and nodal associations create powerful decision making structures that enable achieving objectives and goals. Information is generally considered the primal basis for decision making. However, to affect decision making information must be communicated through an acceptable medium....


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: