IT Governance, Risk, and Compliance

Jan 10 2013   3:33AM GMT

eBook excerpt: Assuring Information Security – Part IX

Robert Davis Robert Davis Profile: Robert Davis

In fulfilling addressable COBIT information criteria, an IAP program should include processes and steps for assessing tangible as well as intangible property.  The distinction between tangible and intangible is the physical nature of the property.  Properties having a physical existence — such as buildings and fire extinguishers — are tangible; and properties having no physical existence — such as patent rights and computer programs — are intangible.  Acquired or created information, with ownership rights, should be classified as an intangible asset.  Intangible assets may have explicit or implicit legal protection and retention mandates imposed by governmental entities.  Thus, as with other intangible assets, an entity’s management should provide adequate safeguards to preserve information value as well as comply with applicable information related laws, regulations and standards to fulfill their fiduciary responsibilities.  Consequently, roles for information value delivery and support should be clearly documented for accountability determination.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: