IT Governance, Risk, and Compliance:

Objectives

1

January 11, 2011  5:07 PM

Governing IT: Policy Formulation and Enforcement – Part VIII



Posted by: Robert Davis
Decision Making, Feedback Control, Fuzzy Logic, Goals, Internal Control Systems, ITG, Linear Control, Logic Control, Management, Monitoring, Objectives, Organizing, Planning, Policy Enforcement, Policy Formation, Sequential Control

Without clear policies that define acceptable IT related behavior, sustaining an effective and efficient internal control system is a remote possibility. Conversely, the formulation of clear IT policies is a mechanism for creating and propagating transparent plans for the achievement of adopted IT...

January 8, 2011  12:26 AM

Governing IT: Policy Formulation and Enforcement – Part VII



Posted by: Robert Davis
Decision Making, Feedback Control, Fuzzy Logic, Goals, Internal Control Systems, ITG, Linear Control, Logic Control, Management, Monitoring, Objectives, Organizing, Planning, Policy Enforcement, Policy Formation, Sequential Control

Due to the continuous adoption of new or improved hardware, firmware and software, IT threat vectors are likely to remain a business risk for the foreseeable future. Once an entity understands what information needs to...


January 4, 2011  5:14 PM

Governing IT: Policy Formulation and Enforcement – Part VI



Posted by: Robert Davis
Decision Making, Feedback Control, Fuzzy Logic, Goals, Internal Control Systems, ITG, Linear Control, Logic Control, Management, Monitoring, Objectives, Organizing, Planning, Policy Enforcement, Policy Formation, Sequential Control

Performance measurement is a control activity.” Measurement techniques are the means for achieving effective performance monitoring. Manually monitoring...


December 31, 2010  6:10 PM

Governing IT: Policy Formulation and Enforcement – Part V



Posted by: Robert Davis
Decision Making, Feedback Control, Fuzzy Logic, Goals, Internal Control Systems, ITG, Linear Control, Logic Control, Management, Monitoring, Objectives, Organizing, Planning, Policy Enforcement, Policy Formation, Sequential Control

Management’s intentions for IT can be implemented manually and/or technologically. Nevertheless, effective IT policy enforcement ultimately depends on the actions of individuals and control systems responsible for monitoring assigned activities. IT policy...


December 28, 2010  7:33 PM

Governing IT: Policy Formulation and Enforcement – Part IV



Posted by: Robert Davis
Decision Making, Feedback Control, Fuzzy Logic, Goals, Internal Control Systems, ITG, Linear Control, Logic Control, Management, Objectives, Organizing, Planning, Policy Formation, Sequential Control

IT policies should be deployed based on assessed effectiveness and efficiency in addressing managements’ risk appetite for an adopted strategy. As previously suggested in this article, control policies can be considered high-level governance documentation guiding operational activities. ...


December 24, 2010  3:11 PM

Governing IT: Policy Formulation and Enforcement – Part III



Posted by: Robert Davis
Decision Making, Goals, Internal Control Systems, ITG, Management, Objectives, Organizing, Planning, Policy Formation

Developing and implementing IT Governance design effectiveness and efficiency can be a multidirectional, interactive, iterative, and adaptive process. Normally,


December 21, 2010  6:42 PM

Governing IT: Policy Formulation and Enforcement – Part II



Posted by: Robert Davis
Decision Making, Goals, Internal Control Systems, ITG, Management, Objectives, Organizing, Planning, Policy Formation

After completion of governance planning and organizing; policies direct employee activity to ensure management’s intentions are implemented throughout the entity. Strategically; IT policies are definite...


December 17, 2010  8:34 PM

Governing IT: Policy Formulation and Enforcement – Part I



Posted by: Robert Davis
Decision Making, Goals, Management, Objectives, Policy Formation

IT policies are general written statements or understandings that prescribe organizational choices. Entity-centric policies typically impose guidelines enabling the execution of fairly routine judgments, consistent with current goals. Policy activation enables leadership, authority, motivation,...


September 17, 2009  7:15 PM

Supporting ISG Deployment – Part V



Posted by: Robert Davis
Benchmarking, Budgeting, Framework, Gap Analysis, Governance Tree, Information Security Governance, Information Security Management, Information Security Processes, Internal Control System, ISG, ISM, ITG, Maturity Modeling, Methodology, Objectives

What ever your perspective may be, the importance of effective and efficient ISG cannot be overlooked in the current global high technology environment. Considering what is at stake for most entities, when security is compromised, usually justifying


September 14, 2009  6:19 PM

Supporting ISG Deployment – Part IV



Posted by: Robert Davis
Benchmarking, Budgeting, Framework, Gap Analysis, Governance Tree, Information Security Governance, Information Security Management, Information Security Processes, Internal Control System, ISG, ISM, ITG, Maturity Modeling, Methodology, Objectives

If, however, you assume ISG provides financial and/or reputational benefits, potential stakeholders are presumed to rely upon governance elements prior to investing their time, talent, and/or money. Therefore, ascertaining the effectiveness and efficiency of entity-centric information security...


1

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: