January 19, 2013 4:35 PM
Posted by: Robert Davis
Accountability,
Acquire and Implement,
Adaptive Systems,
Asset Management,
Assurance Services,
Availability Management,
COBIT,
COBIT Domains,
Control Environment,
Control Objectives,
Control Objectives for Information and related Technology,
Deliver and Support,
Due Diligence,
Fiduciary Responsibility,
Framework,
Information Assets Protection,
Information Security Governance,
Information Security Management,
ISG,
Key Performance Indicators,
Monitor and Evaluate,
Performance Measurement,
Plan and Organize,
Risk Management,
Strategic Alignment,
Value DeliveryIf management views an IAP program as a methodology for achieving information systems goals and objectives, the adopted processes can enable a series of assessments defining control usefulness and control deployment; while conjunctively correlating effectiveness and efficiency directly linked to...
January 17, 2013 12:01 AM
Posted by: Robert Davis
Accountability,
Acquire and Implement,
Adaptive Systems,
Asset Management,
Assurance Services,
Availability Management,
COBIT,
COBIT Domains,
Control Environment,
Control Objectives,
Control Objectives for Information and related Technology,
Deliver and Support,
Due Diligence,
Fiduciary Responsibility,
Framework,
Information Assets Protection,
Information Security Governance,
Information Security Management,
ISG,
Key Performance Indicators,
Monitor and Evaluate,
Performance Measurement,
Plan and Organize,
Risk Management,
Strategic Alignment,
Value DeliveryRoles and responsibilities assignment for providing adequate IAP is typically considered critical to effective and efficient IT security. However, depending on the entity, IAP management roles and responsibilities may focus solely on IT security or IT and business security. Roles and...
January 12, 2013 5:59 PM
Posted by: Robert Davis
Accountability,
Acquire and Implement,
Adaptive Systems,
Asset Management,
Assurance Services,
Availability Management,
COBIT Domains,
Control Environment,
Control Objectives,
Control Objectives for Information and related Technology,
Deliver and Support,
Due Diligence,
Fiduciary Responsibility,
Framework,
Information Assets Protection,
Information Security Governance,
Information Security Management,
ISG,
Key Performance Indicators,
Monitor and Evaluate,
Performance Measurement,
Plan and Organize,
Risk Management,
Strategic Alignment,
Value DeliveryClassically, managers are individuals assigned to and functioning at various responsibility, accountability, and authority levels. Top-level managers are usually responsible for overall entity direction, accountable to stakeholders, and have the authority to establish measurable and achievable...
January 10, 2013 3:33 AM
Posted by: Robert Davis
Accountability,
Acquire and Implement,
Adaptive Systems,
Asset Management,
Assurance Services,
Availability Management,
COBIT,
COBIT Domains,
Control Environment,
Control Objectives,
Control Objectives for Information and related Technology,
Deliver and Support,
Due Diligence,
Fiduciary Responsibility,
Framework,
Information Assets Protection,
Information Security Governance,
Information Security Management,
ISG,
Key Performance Indicators,
Monitor and Evaluate,
Performance Measurement,
Plan and Organize,
Risk Management,
Strategic Alignment,
Value DeliveryIn fulfilling addressable COBIT information criteria, an IAP program should include processes and steps for assessing tangible as well as intangible property. The distinction between tangible and intangible is the physical nature of the property. Properties having a physical existence -- such...
January 5, 2013 4:52 PM
Posted by: Robert Davis
Accountability,
Acquire and Implement,
Adaptive Systems,
Asset Management,
Assurance Services,
Availability Management,
COBIT,
COBIT Domains,
Control Environment,
Control Objectives,
Control Objectives for Information and related Technology,
Deliver and Support,
Due Diligence,
Fiduciary Responsibility,
Framework,
Information Assets Protection,
Information Security Governance,
Information Security Management,
ISG,
Key Performance Indicators,
Monitor and Evaluate,
Performance Measurement,
Plan and Organize,
Risk Management,
Strategic Alignment,
Value Delivery1.2 IAP Management
“Applying similar management practices to [i]nformation security management is unavoidable as the security environment keeps on increasing in complexity and insecurity.” – Security...
January 3, 2013 1:35 AM
Posted by: Robert Davis
Accountability,
Acquire and Implement,
Adaptive Systems,
Asset Management,
Assurance Services,
Availability Management,
COBIT,
COBIT Domains,
Control Environment,
Control Objectives,
Control Objectives for Information and related Technology,
Deliver and Support,
Due Diligence,
Fiduciary Responsibility,
Framework,
Information Assets Protection,
Information Security Governance,
Information Security Management,
ISG,
Key Performance Indicators,
Monitor and Evaluate,
Performance Measurement,
Plan and Organize,
Risk Management,
Strategic Alignment,
Value Delivery
Compliance...
December 29, 2012 5:48 AM
Posted by: Robert Davis
Accountability,
Acquire and Implement,
Adaptive Systems,
Asset Management,
Availability Management,
COBIT,
COBIT Domains,
Control Environment,
Control Objectives,
Control Objectives for Information and related Technology,
Deliver and Support,
Due Diligence,
Fiduciary Responsibility,
Framework,
Information Assets Protection,
Information Security Governance,
Information Security Management,
ISG,
Key Performance Indicators,
Monitor and Evaluate,
Performance Measurement,
Plan and Organize,
Risk Management,
Strategic Alignment,
Value DeliveryDynamic homeostasis is steady state achievement by a relatively open system. This condition is the result of receiving input from outside the system that is at least equal to the sum of system output and resource expenditure. Thus, a for-profit entity must earn profits in the long run to...
December 27, 2012 1:31 AM
Posted by: Robert Davis
Accountability,
Acquire and Implement,
Adaptive Systems,
Asset Management,
Availability Management,
COBIT,
COBIT Domains,
Control Environment,
Control Objectives for Information and related Technology,
Deliver and Support,
Due Diligence,
Fiduciary Responsibility,
Framework,
Information Assets Protection,
Information Security Governance,
Information Security Management,
ISG,
Key Performance Indicators,
Monitor and Evaluate,
Performance Measurement,
Plan and Organize,
Risk Management,
Security Frameworks,
Strategic Alignment,
Value Delivery1.1 Control Environment
“…culture determines the behaviour of people in an organisation and should, therefore, be used to influence the behaviour of people with regard to information security.” – Kerry-Lynn Thomson and Rossouw von...
December 22, 2012 1:43 AM
Posted by: Robert Davis
Accountability,
Acquire and Implement,
Asset Management,
Availability Management,
COBIT Domains,
Control Objectives for Information and related Technology,
Deliver and Support,
Due Diligence,
Fiduciary Responsibility,
Framework,
Information Assets Protection,
Information Security Governance,
Information Security Management,
ISG,
Key Performance Indicators,
Monitor and Evaluate,
Plan and Organize,
Risk Management,
Value DeliveryUsually, a formal ISG program is required to promote information assets safeguarding. ISG programs should ensure the Control Objectives for Information and related Technology (COBIT) framework confidentiality, integrity, availability, compliance, and reliability information criteria are not...
