IT Governance, Risk, and Compliance:

MIS

1

February 8, 2011  9:21 PM

Governing IT: Setting Control Objectives – Part VIII



Posted by: Robert Davis
Acquire and Implement, Availability, COBIT Domains, Confidentiality, Control Objectives, Deliver and Support, Effectiveness, Efficiency, Integrity, MIS, Monitor and Evaluate, Plan and Organize, Planning Committee, Reliability, Risk Management

IT goals election as well as information systems design, implementation, and maintenance are bound by IT objectives. Performing an IT maturity assessment can assist in determining where improvements are most needed. Subsequently, IT control objectives selection conveys what is considered...

February 4, 2011  11:07 PM

Governing IT: Setting Control Objectives – Part VII



Posted by: Robert Davis
Acquire and Implement, Availability, COBIT Domains, Confidentiality, Control Objectives, Deliver and Support, Effectiveness, Efficiency, Integrity, MIS, Monitor and Evaluate, Plan and Organize, Planning Committee, Reliability, Risk Management

“An [entity's] Management Information System...


October 18, 2010  12:48 PM

Compliance through Automation: Continuous Monitoring – Part VIII



Posted by: Robert Davis
Compliance Management, Compliance Verification Systems, Continuous Monitoring, Control System, Data Provisioning, Decision Techniques, Enterprise Resource Planning, ERP, Exception Reporting Systems, Expert Systems, Inference Engine, Knowledge Acquisition, Knowledge Engineer, Knowledge-base, Management Information Systems, MIS

Since management is responsible for the entity’s controls, they should have the means to determine, on an ongoing basis, whether selected controls are operating as designed. Continuous monitoring typically addresses management’s responsibility to assess the adequacy and effectiveness of...


October 14, 2010  3:21 PM

Compliance through Automation: Continuous Monitoring – Part VII



Posted by: Robert Davis
Compliance Management, Compliance Verification Systems, Continuous Monitoring, Control System, Data Provisioning, Decision Techniques, Enterprise Resource Planning, ERP, Exception Reporting Systems, Expert Systems, Inference Engine, Knowledge Acquisition, Knowledge Engineer, Knowledge-base, Management Information Systems, MIS

Continuous monitoring allows management to have greater insight into the entity’s current state of compliance. Typically, for IT, continuous monitoring involves...


October 11, 2010  6:02 PM

Compliance through Automation: Continuous Monitoring – Part VI



Posted by: Robert Davis
Compliance Management, Compliance Verification Systems, Continuous Monitoring, Control System, Data Provisioning, Decision Techniques, Enterprise Resource Planning, ERP, Exception Reporting Systems, Expert Systems, Inference Engine, Knowledge Acquisition, Knowledge Engineer, Knowledge-base, Management Information Systems, MIS

To ensure effective continuous monitoring, adequate segregation-of-functions must be sustained. Continuous monitoring and segregation-of-functions are not new control concepts. Yet,...


October 7, 2010  12:28 PM

Compliance through Automation: Continuous Monitoring – Part V



Posted by: Robert Davis
Compliance Management, Compliance Verification Systems, Continuous Monitoring, Control System, Data Provisioning, Decision Techniques, Enterprise Resource Planning, ERP, Exception Reporting Systems, Expert Systems, Inference Engine, Knowledge Acquisition, Knowledge Engineer, Knowledge-base, Management Information Systems, MIS

According to The Institute of Internal Auditors, “Continuous monitoring of controls is a process that management puts in place to ensure that its policies and procedures are adhered to, and that business processes are...


August 3, 2009  6:16 PM

Critical Incident Response Elements – Part IV



Posted by: Robert Davis
Contingency Management, Incident Response, Information, Management Information System, MIS, Organization, Risk Management, Security Service, Threat Management

Managing an appropriate security incident response is typically a crucial business requirement. To enable effective management, a security MIS should correlate data to intended usage to determine security failure repercussions. Considering the...


July 30, 2009  6:25 PM

Critical Incident Response Elements – Part III



Posted by: Robert Davis
Contingency Management, Incident Response, Information, Management Information System, MIS, Organization, Risk Management, Security Service, Threat Management

There exist various theories concerning managing employees during a crisis scenario. Nevertheless, security incident response tactics should be viewed as a unique application of contingency...

Bookmark and Share     0 Comments     RSS Feed     Email a friend


July 27, 2009  8:31 PM

Critical Incident Response Elements – Part II



Posted by: Robert Davis
Incident Response, Information, Management Information System, MIS, Organization, Security Service, Threat Management

By definition, an entity's management information system (MIS) represents an aggregation of personnel, computer hardware and software, as well as procedures that process data in order to generate utilizable...


July 23, 2009  4:53 PM

Critical Incident Response Elements – Part I



Posted by: Robert Davis
Incident Response, Information, Management Information System, MIS, Organization, Security Service, Threat Management

Information technology is completely secure when resources are utilized and accessed as intended under all circumstances. Through delegation, every entity manager assumes responsibility for maintaining an adequate control system that safeguards assets. However,


1

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: