IT Governance, Risk, and Compliance:

ISM


May 4, 2009  6:32 PM

Developing Objectives – Part II



Posted by: Robert Davis
Accountability, Behavioral Management, Benchmarking, Goals, IAP, Information Asset Protection, Information Security Governance, Information Security Management, ISG, ISM, Management by Objectives, MBO, Planning Committee, Resource Allocation, Responsibility

Within behavioral management theory, entity leaders have alternative approaches available to accomplish information assets safeguarding objectives development -- including participative, consultative, free rein, and autocratic models....

March 16, 2009  7:01 PM

Physical Token Protection – Part IV



Posted by: Robert Davis
Availability, CIA, Confidentiality, Functionality, Identification, Information Security Management, Integrity, ISM, IT Security, Laws and Regulations, Quality, Service Level Agreement, SLA, Token, Usability

Regarding provisioning physical authentication mediums, an entity's deployed access control process should clearly define the way encoded identification is delivered to users -- within the context of promoting adequate confidentiality, integrity and availability. Specifically, the process to...


March 12, 2009  6:41 PM

Physical Token Protection – Part III



Posted by: Robert Davis
Availability, CIA, Confidentiality, Functionality, Identification, Information Security Management, Integrity, ISM, IT Security, Laws and Regulations, Quality, Service Level Agreement, SLA, Token, Usability

As a corollary requirement, when considering physical tokens, functionality is directly related to capabilities. Consequently, physical token appropriateness should be evaluated based on the set of attributes applicable to the existing set of activities and their specific properties. In other...


March 9, 2009  6:56 PM

Physical Token Protection – Part II



Posted by: Robert Davis
Availability, CIA, Confidentiality, Functionality, Identification, Information Security Management, Integrity, ISM, IT Security, Laws and Regulations, Service Level Agreement, SLA, Token, Usability

Information asset usability implies availability to perform requested services as well as transparency. Determining physical token usability necessitates assessing relevant and pertinent services for the access process as well as secure user delivery in a timely, correct, and consistent manner....


March 6, 2009  7:50 PM

Physical Token Protection – Part I



Posted by: Robert Davis
Availability, CIA, Confidentiality, Functionality, Identification, Information Security Management, Integrity, ISM, IT Security, Laws and Regulations, Token, Usability

Organizationally, information security normally is considered a program enabling and optimizing IT security services for the entity in order to satisfy business requirements, while simultaneously providing strategic and tactical IT security infrastructure management that complies with applicable...


February 23, 2009  9:26 PM

Legal Compliance Alignment – Part IV



Posted by: Robert Davis
FCPA, Foreign Corrupt Practices Act, GLBA, Gramm-Leach-Bliley Act, Health Insurance Portability and Accountability Act, HIPAA, IAP, Information Asset Protection, Information Security Governance, Information Security Management, ISG, ISM, Sarbanes Oxley Act, SOA, SOX

When exploring links between national and international arenas, the information security manager will discover international developments decisively impact national laws. Specifically, regional coalitions have enacted IAP related edicts that subsequently were codified in national laws and...


February 19, 2009  8:47 PM

Legal Compliance Alignment – Part III



Posted by: Robert Davis
FCPA, Foreign Corrupt Practices Act, GLBA, Gramm-Leach-Bliley Act, Health Insurance Portability and Accountability Act, HIPAA, IAP, Information Asset Protection, Information Security Governance, Information Security Management, ISG, ISM, Sarbanes Oxley Act, SOA, SOX

There are numerous global, regional as well as national laws and regulations focusing on information assets protection (IAP) requiring professional consideration. In particular, at...


February 16, 2009  8:00 PM

Legal Compliance Alignment – Part II



Posted by: Robert Davis
FCPA, Foreign Corrupt Practices Act, GLBA, Gramm-Leach-Bliley Act, Health Insurance Portability and Accountability Act, HIPAA, IAP, Information Asset Protection, Information Security Governance, Information Security Management, ISG, ISM, Sarbanes Oxley Act, SOA, SOX

Simultaneous compliance with multiple laws and regulations can create unique challenges for most entities. Selectively, potential compliance hurdles include distinct internal management groups pursuing equivalent goals; diverse audit perspectives, priorities, and requirements; as well as confusion...


February 12, 2009  10:22 PM

Legal Compliance Alignment – Part I



Posted by: Robert Davis
FCPA, Foreign Corrupt Practices Act, GLBA, Gramm-Leach-Bliley Act, Health Insurance Portability and Accountability Act, HIPAA, IAP, Information Asset Protection, Information Security Governance, Information Security Management, ISG, ISM, Sarbanes Oxley Act, SOA, SOX

Institutionalized information security governance defines the information assets safeguarding perimeter inside which an entity should operate. Whereas, legal compliance management ensures structural boundary segments are sturdy and the entity consistently fulfills its mission within externally...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: