Critical Elements of Information Security Program Success (English)

INFORMATION SYSTEMS CONTROL JOURNAL

Document information

  • Title:
    Critical Elements of Information Security Program Success
  • Author / Creator:
  • Journal / Series:
  • Volume:
    3
  • Page:
    29-32
  • Publisher:
    INFORMATION SYSTEMS AUDIT AND CONTROL ASSOCIATION
  • Year of publication:
    2006
  • Size:
    4 pages
  • ISSN:
  • Type of media:
    Article (Journal)
  • Type of material:
    Print
  • Language:
    English
  • Classification:
    DDC:    657.4550285

Table of contents – Volume 3

Show all volumes and issues

Tables of content are generated automatically and are based on records of articles contained that are available in the TIB-Portal index. Due to missing records of articles, the volume display may be incomplete, even though the whole journal is available at TIB.

5
Taking A Look Back: Will EDP Auditors be an Extinct Species by 2000 A.D.?
| 2009
5
Editorial - Issues & Comments
Cangemi, Michael P. | 2007
5
Guest Editorial: Mobility Changes (Almost) Everything!
Boni, William C. | 2008
5
Editorial - Issues & Comments - Editor-in-Chief Michael P Cangemi, CISA, CPA, presents the annually popular AICPA Top Technology Priorities
Cangemi, Michael P. | 2000
5
Editorial - Issues & Comments - Editor in Chief Michael Cangemi, CISA, CPA, discusses the issue of privacy and government intervention, technology and central banking and the new US Independence Rules. He also notes the importance of future donations to the foundation.
Cangemi, Michael | 2001
5
Editorial - Issues & Comments - Editor in Chief Michael Cangemi, CISA, CPA discusses corporate governance and lessons learned in regard to Enron. He also discusses the role of corporate governance in preventing cybercrime.
Cangemi, Michael | 2002
6
Guest Editorial: Building Bridges: IT as an Enabler of GRC Convergence
Anand, S. | 2009
8
IS Security Matters - Identifier Management
Ross, Steven J. | 2003
8
Paris Hilton's Privacy
Ross, S. J. | 2005
8
Identifier Management
Ross, S. J. | 2003
8
IS Security Matters: Paris Hilton's Privacy
Ross, Steven J. | 2005
9
IS Security Matters - Steve Ross, CISA, approaches DDoS from the prevention of the outages in the first place. To illustrate his points, he sets forth conceptual specifications for this architecture
Ross, Steve | 2000
9
IS Security Matters - ROSI Scenarios - Steven J. Ross, CISA, discusses the advantages of designing security into systems from their inception, as opposed to adding security later. He proposes looking at return on security investment (ROSI) in a way that provides a guide for investment.
Ross, Steven J. | 2002
9
IS Security Matters: Falling Off the Truck
Ross, Steven J. | 2006
9
IS Security Matters: Resilience Transformation
Ross, Steven J. | 2008
9
Strategies for Information Technology Governance
Tsang-Reveche, C. | 2004
9
the advantages of designing security into systems from their inception, as opposed to adding security later. He proposes looking at return on security investment (ROSI) in a way that provides a guide for investment
Ross, S. J. | 2002
9
IT Security Matters: Mail Call III
Ross, Steven J. | 2007
9
Mahogany Row Mail Call While acknowledging that most often information security focuses on the unknown person doing unauthorized things, Steven J. Ross considers the risks that arise from known people doing things they are allowed to do but should not be doing
| 2001
9
IS Security Matters - Mahogany Row Mail Call - While acknowledging that most often information security focuses on the unknown person doing unauthorized things, Steven J. Ross considers the risks that arise from known people doing things they are allowed to do but should not be doing.
Ross, Steven J. | 2001
9
IS Security Matters: Gang Aft Agley
Ross, S.J. | 2009
11
Auditing Realization of Benefits from IT
Sayana, S. A. | 2005
11
IT Audit Basics: Beyond the IT in IT Audit
Singleton, Tommie | 2008
11
The Ramifications of Sarbanes-Oxley
Singleton, T. | 2003
11
Network Security: The Complete Reference
Parmar, K. | 2004
11
Commentary - The Ramifications of Sarbanes-Oxley
Singleton, Tommie | 2003
11
IT Audit Basics: Auditing Realization of Benefits from IT
Sayana, S.Anantha | 2005
12
Standards, Statements, Guidelines - Standards and guidelines for maintaining compliance for ISACATM membership and the CISAa designation are outlined and the status of ISACA issuances noted.
| 2002
13
Global Perspectives: The View of and Approach Toward Cybercrime
Cilli, Claudio / Townsend, Andy / Alegue, Gilbert N. | 2006
13
Standards and guidelines for maintaining compliance for both ISACA" membership and the CISA^o designation are outlined and the status of ISACA issuances noted
| 2001
13
IT Audit Basics: IT Audit Education and Professional Development
Singleton, Tommie | 2007
13
COBIT Advisor 2nd Edition
| 2000
13
Book Reviews - COBIT Advisor 2nd Edition - Although there are two book reviews by two different authors for this book, the editors believed both to be of value. One focuses on what a person needs to know about COBIT to use COBIT Advisor. The other review walks the reader through practical applications of COBIT Advisor in one's work world
| 2000
13
Modeling Resiliency
Ross, S. J. | 2004
13
IS Security Matters - Modeling Resiliency
Ross, Steven J. | 2004
13
Standards, Statements, Guideliness - Standard, and guidelines for maintaining compliance for both ISACA" membership and the CISAe designation are outlined and the status of ISACA issuances noted.
| 2001
13
IT Audit Basics: What Every IT Auditor Should Know About Controls: The CDLC
Singletn, T.W. | 2009
14
Make Sure Management and IT Are on the Same Page: Implementing an IT Governance Framework
Hardy, G. | 2002
14
IT Governance - Make Sure Management and IT Are on the Same Page: Implementing an IT Governance Framework - Gary Hardy examines the management of IT through an IT governance framework. To govern IT effectively, it is important to appreciate the activities and risks within IT that need to be managed. Using the CoBiT Framework's four domains and the IT processes, he breaks this down -- Looking at it logically from a top management perspective.
Hardy, Gary | 2002
14
IT Governance: IT Governance Global Status Report 2008: An Excerpt
Steuperaert, Dirk | 2008
15
Plus - HelpSource Q & A
Lilly, Fred L. | 2001
15
IT Value: Five Critical Success Factors for Introducing Val IT
Harries, S. / Harrison, P. | 2009
15
Standards, Statements, Guidelines - ISACA(R) Member and Certification Holder Compliance
| 2005
17
IT Governance - IT Governance Putting It in Perspective - Hugh Parkes, CISA, FCA, attempts to put IT governance into perspective. He discusses several domains that could possibly be considered to comprise IT governance and the goals of IT governance both inward and outward.
| 2001
17
IT and Enterprise Governance
Parkinson, M. J. A. / Baker, N. J. | 2005
17
IT Audit Basics: What Every IT Auditor Should Know About Cyberforensics
Singleton, Tommie W. | 2006
17
IT Governance: IT and Enterprise Governance
Parkinson, Michael J.A. / Baker, Nicholas J. | 2005
17
Effective Information Technology Governance Will Improve Returns to Shareholders
Dodds, R. | 2004
17
IT Governance: Bridging Business and IT Strategies With Enterprise Architecture: Realising the Real Value of Business-IT Alignment
Chatterji, Sushil | 2007
17
IT Governance Putting It in Perspective Hugh Parkes, CISA, FCA, attempts to put IT governance into perspective. He discusses several domains that could possibly be considered to comprise IT governance and the goals of IT governance both inward and outward
| 2001
17
IT Governance - Effective Information Technology Governance Will Improve Returns to Shareholders
Dodds, Rupert | 2004
18
Information Technology Control & Audit
| 2000
18
IT Value: Recognising the Need for Val IT: Identifying Tipping Points for Value Management
Harries, Sarah / Harrison, Peter | 2008
18
Book Reviews - Information Technology Control & Audit - Reprinted by permission from EDPAC's
| 2000
18
IT Audit Basics - The Necessity for Documentation - S. Anantha Sayana, CISA, CIA, discusses the importance of IS auditors' work and observations in the course of an audit.
Sayana, S.Anantha | 2002
18
The Necessity for Documentation
Sayana, S. A. | 2002
19
IT Audit Basics - Auditing OS and Database Controls
Sayana, S.Anantha | 2003
19
Auditing OS and Database Controls
Sayana, S. A. | 2003
19
IT Audit Basics - Auditing Wireless Telecommunications: An Issue of Standards
Gallegos, Frederick | 2004
19
Auditing Wireless Telecommunications: An Issue of Standards
Gallegos, F. | 2004
19
Book Review: Cyber Forensics: A Field Manual for Collecting, Examining and Preserving Evidence of Computer Crime, 2^n^d Edition
Rafeq, A. | 2009
20
Five Questions With...
Toro Lobos, Luis Eduardo | 2008
20
Plus - Technical Q & A, Helpsource
Lilly, Fred L. | 2000
20
IT value: Program Management: Seeing Both the Forest and the Trees
Thorp, John | 2007
21
IT Governance: Moving From IT Governance to Enterprise Governance of IT
De Haes, S. / Van Grembergen, W. | 2009
22
ISACA® Member and Certification Holder Compliance
| 2004
22
IT Governance: Why a Guideline?
Cilli, C. | 2003
22
Global Perspectives: The Changing Role of the IT Auditor
Mansour, Charles / Gattiker, Urs E. / Sadarangani, Preeti / Dodds, Rupert | 2005
22
IT Governance - IT Governance: Why a Guideline?
Cilli, Claudio | 2003
23
Perspective - Partnership for Critical Infrastructure Security - Critical infrastructure, the backbone of the American economy, faces insidious and potentially destructive threats such as cyber strikes and acts of violence. Learn what ISACA's role is in addressing these problems
Lainhart IV, John W. | 2000
23
IT Governance: Information Security Governance
Malik, William J. | 2006
23
Security, Audit and Control Issues for Managing Risk in the Wireless LAN Environment
Stanley, Richard A. | 2004
23
An E-citadel for Securing Credit Card and Consumer Data: A New Application for an Old Approach to Security - Businesses suffer threats to security from different types of attacks. Unfortunately, many of today's e-businesses implement security programs that bear far more resemblance to an eggshell than a citadel. The author outlines 10 suggestions that can help an organization change its security model from an easily cracked eggshell to a more advanced, defensive model.
Arnold, Tom | 2002
23
Partnership for Critical Infrastructure Security
Lainhart, J. W. | 2000
23
An E-citadel for Securing Credit Card and Consumer Data: A New Application for an Old Approach to Security
Arnold, T. | 2002
23
Virtual Private Networking: Confidentiality on Public Networks As workplaces become increasingly remote-based, enterprises need to identify possible solutions to provide the desired confidentiality, availability and public network connectivity. The concept of a virtual private networking is to create a private network over the public network, or the Internet, by using encryption, authentication and tunneling to allow data to travel securely
Norris, R. C. | 2001
23
Features - Virtual Private Networking: Confidentiality on Public Networks - As workplaces become increasingly remote-bascd, enterprises need to identify possible solutions to provide the desired confidentiality, availability and public network connectivity. The concept of a virtual private networking is to create a private network over the public network, or the Internet, by using encryption, authentication and tunneling to allow data to travel securely.
Norris Jr, Robert C. | 2001
24
Cybersecurity and the Critical Infrastructure: Looking Beyond the Perimeter
Axelrod, C.Warren | 2006
24
Book Review: Stepping Through the InfoSec Program
Axelrod, C.Warren | 2008
25
Is Your Business Continuity Plan a Paper Tiger?
Kothari, Priyank | 2007
25
Book Reviews: From Business Strategy to IT Action By Robert J. Benson, Thomas L. Bugnitz and William B. Walton
Tsang-Reveche, C. | 2005
25
Book Reviews - Integrated Auditing of ERP Systems
Musaji, Yusufali F. / Emani, Sarathy | 2005
25
Book Reviews - From Business Strategy to IT Action
Benson, Robert J. / Bugnitz, Thomas L. / Walton, William B. / Tsang-Reveche, Christina | 2005
25
Excerpt: IT Governance Roundtable: Brisbane September 2008
| 2009
25
Book Review: Information Development: Managing Your Documentation Projects, Portfolio, and People
Chatterjee, Soumen | 2008
25
Computer Forensics Emerges as an Integral Component of an Enterprise Information Assurance Program
Barbin, D. / Patzakis, J. | 2002
25
Computer Forensics Emerges as an Integral Component of an Enterprise Information Assurance Program - Computer forensics is the collection, preservation, analysis and court presentation of computer-related evidence. The proper collection and analysis of computer evidence through accepted computer forensic protocols is a critical component to any internal investigation or audit where the results have at least the potential to be presented in a legal proceeding.
Barbin, Douglas / Patzakis, John | 2002
26
Case Study - The COBIT Maturity Model in a Vendor Evaluation Case
Pederiva, Andrea | 2003
26
Perspective - IT Governance Roundtables Spur Discussion - This article summarizes the lively and productive discussions that occurred in the UK. The article is sponsored by the IT Governance Institute and is written by an ISACA member who attended the first IT Governance Forum
Poole, Vernon | 2000
26
The COBIT® Maturity Model in a Vendor Evaluation Case
Pederiva, A. | 2003
26
IT Governance Roundtables Spur Discussion
Poole, V. | 2000
27
Securing the Wireless Network
Nelson, William F. / Lu, Wei | 2004
27
IT Risk Exploration: The IT Risk Management Taxonomy and Evolution
Schlarman, S. | 2009
27
A Prelude to IT Assurance Framework
Muthukrishnan, Ravi | 2008
28
Control Considerations in Object-oriented Systems
Cobb, Andrew T. / Guan, Jian / Levitan, Alan S. | 2007
28
Data Hiding - This article examines techniques that a slightly more sophisticated end user might employ to hide data rather than trying to erase them, including renaming files, changing file extensions, turning on the hidden attribute function and concealing information in a part of the disk where data would not normally exist.
Hoskinson, Clayton / Sleezer, Jim | 2002
28
IT Does Not Matter...Or, Does IT? Has IT Moved From a Strategic to a Purely Tactical Function?
Sarup, Deepak | 2005
28
examines techniques that a slightly more sophisticated end user might employ to hide data rather than trying to erase them, including renaming files, changing file extensions, turning on the hidden attribute function and concealing information in a part of the disk where data would not normally exist
Hoskinson, C. / Sleezer, J. | 2002
29
Features - Top US Privacy Stories of 2000 - The phenomenal rise and technological sophistication of workplace surveillance leads the list of the Top 10 US privacy stories of the year 2000, according to a Privacy Foundation analysis.
Keating, Stephen / Smith, Richard M. | 2001
29
Critical Elements of Information Security Program Success
O'Bryan, Sharon K. | 2006
29
Top US Privacy Stories of 2000 The phenomenal rise and technological sophistication of workplace surveillance leads the list of the Top 10 US privacy stories of the year 2000, according to a Privacy Foundation analysis
Keating, S. / Smith, R. M. | 2001
29
Standards, Statements, Guidelines - Procedures to maintain compliance for both ISACA membership and the CISA designation are outlined and the status of ISACA issuances is noted
| 2000
30
Case Study - Implementing COBIT in New South Wales Health - Using a model called the Systems Audit Life Cycle, the health institution developed six internal audits for a large systems implementation process. Healthcare executives advocate planning the use Of COBIT as they would any other large project. This article gives the specifics
Tyler, Ross | 2000
30
IT Security Awareness Programme
Wiederkehr, B. | 2003
30
What Auditors Should Know About Encryption
Chan, David | 2004
30
Case Study - IT Security Awareness Programme
Wiederkehr, Bruno | 2003
30
Implementing COBIT in New South Wales Health
Tyler, R. | 2000
31
Using CoBIT 4.1 to Guide the Adoption and Implementation of Open Source Software
Haes, Steven De / Grembergen, Wim Van / Ven, Kris / Verelst, Jan | 2008
31
Excerpt: ITGI Enables ISO/IEC 38500:2008 Adoption
Hardy, G. | 2009
32
The Asian Tsunami: A Wake-up Call for Traditional Disaster Recovery Planning
Bakshi, Sunil / Rafeq, A. | 2005
33
Features - Choosing the Best Solution for Your Network Security: Secure Shell, TLS or IPSec - The increase in computer security breaches has fostered the public s awareness of the critical need for data security to continue the successful growth of a business. The author discusses possible solutions, including Secure Shell, Transport Layer Security and Internet Protocol Security.
Carasik, Anne | 2001
33
The Val IT™ Story
Thorp, J. | 2006
33
Practical Pointers - Providing Continuous Audit to Oracle Applications - For anyone who has ever done it, documentation and change tracking of Oracle Applications Setup Values are challenging, manual-labor-intensive tasks. Even though this is so, ERP software packages are designed so that customers can tailor the software, often through complex setup steps. The author explains how, when and why Tickmark Setup Reporter works, shaving hours and even days off an auditor's job
Nelson, Mark L. | 2000
33
The Val ITTM Story
Thorp, John | 2006
33
Choosing the Best Solution for Your Network Security: Secure Shell, TLS or IPSec The increase in computer security breaches has fostered the publics awareness of the critical need for data security to continue the successful growth of a business. The author discusses possible solutions, including Secure Shell, Transport Layer Security and Internet Protocol Security
Carasik, A. | 2001
33
Providing Continuous Audit to Oracle Applications
Nelson, M. L. | 2000
34
Analyzing the Security of Internet Banking Authentication Mechanisms
Dimitriadis, Christos K. | 2007
34
Avoiding Tainted Testimony - The author provides a sample study of an internal investigation to illustrate the effects testimony and evidence can have on a legal case. Business and government professionals frequently do not comprehend how their words and actions impact their ability to deliver credible witness testimony.
Sterneckert, Alan B. | 2002
34
Case Study - A Selective Approach to COBIT: A Top-down Approach
Oliver, Derek J. | 2003
34
Vendor Due Diligence
Bayuk, J. | 2009
34
Avoiding Tainted Testimony
Sterneckert, A. B. | 2002
34
A Selective Approach to COBIT: A Top-down Approach
Oliver, D. J. | 2003
35
The Value to IT of Using International Standards
Oud, Ernst Jan | 2005
36
Best Practices for Wireless Network Security
Kennedy, Susan | 2004
36
A New Approach for Assessing the Maturity of Information Security
AlAboodi, Saad Saleh | 2006
37
Keys to Data Governance Success: Teamwork and an Iterative Approach
Moseley, Marty | 2008
37
COBIT: A Tool To Manage Information Ecology
Martin, Joseph | 2003
38
Combating Cyberthreats-Partnership Between Public and Private Entities
Lee, E. | 2002
38
Combating Cyberthreats -- Partnership Between Public and Private Entities - The article examines the basic elements of cyberthreats, looks at government initiatives to promote the public-private partnership and discusses key steps organizations can take to prevent, detect and recover from cyberthreats.
Lee, Elsa | 2002
39
Tone at the Top Is Vital! A Delphi Study
Bruinsma, C. / Wemmenhove, P. | 2009
39
Using Wireless Network Audit Techniques
Hoesing, Michael T. / Raval, Vasant | 2004
40
Features - HIPAA Preparation Begins and Y2K Ends - For the first time, there is a governmental mandate on information security requirements. New regulations in the United States regarding the portability and accountability of health insurance will generate significant changes in security policies and procedures, security tools and communications standards
Landreth, John / Ledman, Mark Conrad | 2000
40
Assessing the Value of IT: Understanding and Measuring the Link Between IT and Strategy
Burg, William D. / Singleton, Tommie W. | 2005
40
Case Study: Auditor Ethics for Continuous Auditing and Continuous Monitoring
Daigle, Jill Joseph / Daigle, Ronald J. / Lampe, James C. | 2008
40
HIPAA Preparation Begins and Y2K Ends
Landreth, J. / Ledman, M. C. | 2000
40
IT Auditor Careers: IT Governance Provides New Roles and Opportunities
Gallegos, Frederick | 2003
41
Creating the Privacy Complaint Organization The concept of personal information privacy, and the rights of citizens to protect themselves has caused governments to begin to consider enacting personal information privacy legislation. This article addresses the process under which a company can become privacy complaint, adhering to the specific requirements of the legislation under which it operates
Parker, R. G. | 2001
41
Features - Creating the Privacy Compilant Organization - The concept of personal information privacy, and the rights of citizens to protect themselves has caused governments to begin to consider enacting personal information privacy legislation. This article addresses the process under which a company can become privacy compliant, adhering to the specific requirements of the legislation under which it operates.
Parker, Robert G. | 2001
42
Maximizing Backup and Recovery of Data and Systems
Wandrei, Philip L. | 2007
43
A Holistic Definition of IT Security-Part 1
Musaji, Y. | 2006
43
A Holistic Definiton of IT Security -- Part 1
Musaji, Yusuf | 2006
43
IT Governance and Process Maturity
Debreceny, R. / Gray, G.L. | 2009
43
A Guide to Wireless Network Security
Ashley, Mitchell | 2004
44
Principles of Governance
Hamaker, Stacey / Hutton, Austin | 2003
44
Features - Auditing and Business Controls: Coming of Age in the Healthcare Industry - Meeting changes in the healthcare industry, specifically on the delivery side, requires a broadened, updated concept of internal controls and access to expert resources to do the job. Learn how providing these can add value to organizations
Just, G.Randolph / Fabrizius, Michael P. | 2000
44
Auditing and Business Controls: Coming of Age in the Healthcare Industry
Just, G. R. / Fabrizius, M. P. | 2000
45
Automating Controls
Pareek, Mukul | 2007
45
Computer-assisted Audit Techniques: Value of Data Mining for Corporate Auditors
Ott, John / MacLeod, Andrew / Fan, Kevin Mar | 2008
45
New Opportunities for Information Systems Auditors: Linking SysTrust^S^A^I to COBIT
Frownfelter-Lohrke, C. / Hunton, J. E. | 2002
45
New Opportunities for Information Systems Auditors: Linking SysTrustSM to COBIT - This is the third in a series of articles linking new types of assurance services suggested by the American Institute of Certified Public Accountants (AICPA) and Canadian Institute of Chartered Accountants (CICA) to COBIT. This article addresses how information system auditors can play a lead role in providing SysTrust assurance services to internal and external constituents.
Frownfelter-Lohrke, Cynthia / Hunton, James E. | 2002
46
Features - Erosion of Trust E-commerce and the Loss of Privacy - The author discusses the differences between personal information and sensitive information and the need to build a consumer s trust and confidence. Furthermore, the article addresses the actions taken by various governments and the e-commerce market itself to protect the consumer.
Andrews, Jonathan D. | 2001
46
IT Performance Improvement With COBIT and the SEI CMM
Mallette, Debra / Jain, Monica | 2005
46
Erosion of Trust E-commerce and the Loss of Privacy The author discusses the differences between personal information and sensitive information and the need to build a consumers trust and confidence. Furthermore, the article addresses the actions taken by various governments and the e-commerce market itself to protect the consumer
Andrews, J. D. | 2001
47
An Investigation of Computer Forensics
Pidanick, Ryan | 2004
47
Introduction to Forensic Computing
Curtin, C.Matthew | 2006
49
Defeating the Cyber Criminal: Defense Tactics for Denial of Service Attacks
Bigler, M. | 2000
49
Key Considerations for Business Resiliency
Pironti, J.P. | 2009
49
Pay Today or Pay Later -- Calculating ROI to Justify Information Security and Compliance Budgets
Singh, Jaspreet | 2008
49
Features - Defeating the Cyber Criminal: Defense Tactics for Denial of Service Attacks - The letters DDoS are anathema to almost anyone who conducts or offers business on the Internet. The author describes how these attacks could create legal implications for everyone in the chain and describes intrusion detection controls and disaster recovery methods in depth
Bigler, Mark | 2000
49
The Why and How of Leveraging Synergies Across Sarbanes-Oxley and Other Regulations
Anand, Sanjay | 2007
50
Features - Cross-Border Privacy Impact Assessments: An Introduction - Organizations doing business in multiple jurisdictions are subject to regulatory and cultural variances on what data are protected, how the data must be protected, and what rights are afforded to the enterprise, the regulators and the individual. The author introduces a cross-border privacy impact assessment model.
Karol, Thomas J. | 2001
50
The Second Edition of the European Survey on the Economic Value of Information Technology: Inventory of Practices Concerning IT Governance
Legrenzi, Christophe | 2003
50
Fighting Internal Crime Before It Happens
Lux, A. G. / Fitiani, S. | 2002
50
Cross-Border Privacy Impact Assessments: An Introduction Organizations doing business in multiple jurisdictions are subject to regulatory and cultural variances on what data are protected, how the data must be protected, and what rights are afforded to the enterprise, the regulators and the individual. The author introduces a cross-border privacy impact assessment model
Karol, T. J. | 2001
50
Fighting Internal Crime Before It Happens - Some of the most potentially crippling crimes against an enterprise are committed by the organization's own employees. To wage a battle against an enemy, it is necessary to first identify that enemy.
Lux, Allen G. / Firiani, Sandra | 2002
51
Refining IT Processes Using COBIT
Reingold, Stephen | 2005
51
A Business Model for Information Security
Anderson, Kent | 2008
51
New Rules Regarding E-discovery
Gonzalez, Silka Maria | 2007
52
Plus - CE Quiz #82, Based on Volume 1, 2002
Oringel, Joey | 2002
52
Key Elements of a Threat and Vulnerability Management Program
Pironti, John P. | 2006
52
Plus - CPE Quiz #70
Oringel, Joey | 2000
53
Help Source - Help Source Q&A
Subramaniam, B.Ganapathi | 2004
53
Influencer Analysis: A Perspective on Reducing Audit Risk
Deshmukh, Meera / Shankar, Raj | 2007
53
Features - CPO Position Joins Executive Ranks - As increased importance is placed on privacy and the ethical issues surrounding privacy, many companies have created a new executive-level position called chief privacy officer (CPO). The author discusses the role of the CPO in today s corporate environment.
Parkinson, Michael | 2001
53
Virtual Appliances -- The Evolution of a Gold Standard
Kavanagh, Ronan | 2008
53
After Year One -- Automating IT Controls for Sarbanes-Oxley Compliance
Dietrich, Robert J. | 2005
53
CPO Position Joins Executive Ranks As increased importance is placed on privacy and the ethical issues surrounding privacy, many companies have created a new executive-level position called chief privacy officer (CPO). The author discusses the role of the CPO in todays corporate environment
Parkinson, M. | 2001
55
CPE Quiz #94, based on volume 1, 2004
Oringel, Joe | 2004
56
The IS Auditor's Consideration of Irregularities and Illegal Acts
Nihlett, Peter / Wechsler, Sander S. | 2003
57
Features - E-commerce and Smart Cards - The author discusses the smart card with a C-SET protocol for online authentication as a solution to online security concerns. With smart cards, it is possible to accomplish a complete authentication process, through the use of a personal identification number known only by the owner.
Hector Ganzalez, Marcelo | 2001
57
Help Source Q&A
Subramaniam, Gan | 2005
57
CPE Quiz #112 - Based on Volume 1, 2007
Chan, Sally | 2007
57
E-commerce and Smart Cards The author discusses the smart card with a C-SET protocol for online authentication as a solution to online security concerns. With smart cards, it is possible to accomplish a complete authentication process, through the use of a personal identification number known only by the owner
Gonzlez, M. H. | 2001
59
CPE Quiz #118 - Based on Volume 1, 2008
Khan, Kamal | 2008
59
CPE Quiz #106 - Based on Volume 1, 2006
Rateq, A. | 2006
59
CPE Quiz #100 - Based on volume 1, 2005
Khan, Kamal | 2005
60
Implementing Enterprise Security: A Case Study (Part 2)
Doughty, Ken | 2003
62
Plus - CE Quiz #76, Based on Volume 1, 2001
Oringel, Joey | 2001
67
CPE Quiz #87, based on volume 6, 2002
Oringel, Joe | 2003
Plus - ISACA Bookstore Price List Supplement
| 2002
ISACA Bookstore Price List Supplement
| 2005
Plus - ISACA Bookstore Offerings - Supplement
| 2000

Similar titles