February 4, 2011 11:07 PM
Posted by: Robert Davis
Acquire and Implement,
Availability,
COBIT Domains,
Confidentiality,
Control Objectives,
Deliver and Support,
Effectiveness,
Efficiency,
Integrity,
MIS,
Monitor and Evaluate,
Plan and Organize,
Planning Committee,
Reliability,
Risk Management“An [entity's] Management Information System...
February 1, 2011 9:04 PM
Posted by: Robert Davis
Acquire and Implement,
Availability,
COBIT Domains,
Confidentiality,
Control Objectives,
Deliver and Support,
Effectiveness,
Efficiency,
Integrity,
Monitor and Evaluate,
Plan and Organize,
Planning Committee,
Reliability,
Risk ManagementReflective of ensuring effective IT control objectives, undertaking IT risk management provides the framework that enables future activity to take place in a consistent and controlled manner. ...
January 28, 2011 10:07 PM
Posted by: Robert Davis
Acquire and Implement,
Availability,
COBIT Domains,
Confidentiality,
Control Objectives,
Deliver and Support,
Effectiveness,
Efficiency,
Integrity,
Monitor and Evaluate,
Plan and Organize,
Planning Committee,
ReliabilityUsing SWOT, each IT objectives analysis team member should have conversations with at least four other individuals from the entity to solicit their situational assessment of the current state of IT controls. At a minimum, the four individuals -- queried independently by each team member involved...
January 25, 2011 9:53 PM
Posted by: Robert Davis
Acquire and Implement,
Availability,
COBIT Domains,
Confidentiality,
Control Objectives,
Deliver and Support,
Effectiveness,
Efficiency,
Integrity,
Monitor and Evaluate,
Plan and Organize,
Planning Committee,
ReliabilityCOBIT enables an entity to set clear control objectives for IT through the combining of previously discussed individual IT design and operational areas. Specifically, the eight IT managerial areas are grouped into four...
January 21, 2011 10:08 PM
Posted by: Robert Davis
Acquire and Implement,
Availability,
COBIT Domains,
Confidentiality,
Control Objectives,
Deliver and Support,
Effectiveness,
Efficiency,
Integrity,
Monitor and Evaluate,
Plan and Organize,
Planning Committee,
ReliabilityIT planning, organization, acquisition, implementation, delivery, support, monitoring, and evaluation are baseline IT subjects that embrace core managerial responsibilities as conceived by Henri Fayol. Categorically, IT related planning,...
January 18, 2011 5:52 PM
Posted by: Robert Davis
Acquire and Implement,
Availability,
COBIT Domains,
Confidentiality,
Control Objectives,
Deliver and Support,
Effectiveness,
Efficiency,
Integrity,
Monitor and Evaluate,
Plan and Organize,
Planning Committee,
ReliabilityGeneral managerial objectives, such as maintaining satisfactory performance levels, can be translated into detail IT objectives defining acceptable IT configuration characteristics. The primary purpose of these detailed IT configuration objectives is to guide IT...
January 14, 2011 7:06 PM
Posted by: Robert Davis
Availability,
Confidentiality,
Control Objectives,
Effectiveness,
Efficiency,
Integrity,
Planning Committee,
ReliabilityReducing IT related errors, mistakes, omissions, irregularities, and illegal acts should be an explicit policy of every passive or...
May 12, 2009 3:25 PM
Posted by: Robert Davis
Accountability,
Behavioral Management,
Benchmarking,
Goals,
IAP,
Information Asset Protection,
Information Security Governance,
Information Security Management,
ISG,
ISM,
Management by Objectives,
MBO,
Planning Committee,
Resource Allocation,
ResponsibilityMBO is a participative behavioral approach to managing employees. One of the primary MBO assumptions is that employees prefer to work hard once they are provided with employer expectations. Intuitively, sustaining accepted expectations...
May 7, 2009 11:14 PM
Posted by: Robert Davis
Accountability,
Behavioral Management,
Benchmarking,
Goals,
IAP,
Information Asset Protection,
Information Security Governance,
Information Security Management,
ISG,
ISM,
Management by Objectives,
MBO,
Planning Committee,
Resource Allocation,
ResponsibilityA system for disseminating information security management objectives is considered fundamental to obtain employee commitment. One way to communicate entity-centric information security objectives is clear and concise policies. Information security...
