Improving Information Security Compliance


This paper presents a process-oriented approach to manage organizational change needed to improve information security compliance. The approach uses Business Aligned Information Security  anagement (BAISeM) and principles that have been derived from standards like ITIL, CObIT and ISO 27001. In order to illustrate the approach, the context of IT service continuity is selected as an example.

Download Document: Documents are in common file formats such as Microsoft Word (doc), Powerpoint (ppt), Excel (xls,csv,xlsx), and Adobe pdf.
Download


Related Categories




Related Topics



Related Articles


A Single Framework for Compliance?

A good discussion on the need for a single framework for compliance to replace/work with existing frameworks. Good Read!

Audit Like a Hacker

This presentation guides you through a security audit from a different perspective - that of a hacker who focuses on "value" among other things.

Beyond SOX…

Can Companies Gain From SOX?

Can companies gain from SOX compliance? This report says yes!

Compliance made easy

Compliance: Creating Business Value

Does Good Governance Pay?

Good governance costs a lot of money. But does it pay? The author argues that is does pay - by the truckload!

Getting Value From SOX 404 Compliance!

SOX 404 costs a lot of money and is a waste of time. Right? Well, you could not be more wrong. Setting internal controls in process driven value creation is exactly what the doctor ordered.

Identity Lifecycle Management

This presentation discusses the security challenges facing an enterprise, the cost of breaches, the need for and cost of compliance and then proposes using identity lifecycle management as a solution to address these challenges.

Integrating Three Major IT Governance Frameworks (CoBit, ITIL and ISO 27002)

This in-depth brief discusses IT governance best practices in general and CoBit, ITIL and ISO 27002 in particular.

IT Governance

 IT governance best practices implementation guide

IT Governance Best Practices

IT Governance Guide

This IT Governance guide provides a template to understand and strengthen controls over information technology. It focuses on IT Security and related areas.

IT Security Basics

An overview of information technology security - define information security, detail functional areas, discuss security standards and regulations, describe testing techniques for IT security audits, and information security organization maturity leve...

Key Compliance Requirements

This whitepaper discusses the requirements for compliance, and their implications for actions that an organization must take to avoid legal, and regulatory jeopardy. The paper presents these imperatives in the context of the key laws, and regulations...

Lean and Balanced: How to Cut Costs Without Compromising Compliance

Fact: Compliance is critical to your success. Fact: Compliance can be done without increasing costs. Really? Read On!

Making the Case for Network Security Compliance

Monitoring: An Integral Component of Internal Control

 COSO’s 2008 Guidance on Monitoring Internal Control Systems (COSO’s Monitoring Guidance) was developed to clarify the monitoring component of internal control.

Overview of International IT Guidance on IT Governance Frameworks

This document offers a global overview of the following important international standards and guidance for IT control and IT security in relationship to COBIT: COSO, ITIL®, ISO/IEC 17799:2005, FIPS Pub 200, ISO/IEC TR13335, ISO/IEC 15408, 2005, PRIN...

Overview of SOX Compliance

Performing an Information Security Assessment

This presentation describes the steps in performing an information security assessment - what are the critical security goals and objectives? what are the documentation requirements? how to incorporate regulatory requirements? how to gather data to ...

Primer on Compliance

This white paper provides an introduction to compliance - what is compliance? why is compliance important? how to implement compliance in your organization? A good place for the CIO to start their journey into compliance and get ready to move beyond ...

Risk Management: Moving Beyond SOX Compliance

Sustaining SOX Compliance

This guide outlines recommendations for companies seeking to make their financial control systems and evaluations sustainable.

The Emerging Role of IT Governance

 This article presents a comprehensive perspective on IT Governance rooted in business considerations - a point of view that takes you beyond the IT world and narrow concerns such as compliance and risk.

The Impact of Good Governance on International Investing: The 'Home Bias' Effect and Other Issues

Understanding the Cost of Sarbanes-Oxley Compliance

New research shows that the Sarbanes-Oxley Act has created unprecedented levels of cooperation between finance and IT executives. And companies whose business and technology managements are aligned with respect to investment consistently deliver hig...

Using COBIT for SOX Compliance by SMBs

This excellent presentation starts with the connection between SOX, COSO and COBIT with perhaps the most coherent explanation I have seen in a long time. Then it goes into the SOX 404 requirements for small companies and how COBIT can help meet the...

What is Information Security Governance?

 This presentation provides a definition for information security governance and how to implement it in your organization.


Posted on 10/11/2011 by


Improving Information Security Compliance author sourabhhajela

sourabhhajela

Signup For ThoughtLeader









Subscribe


CIO Index

Our Focus is On Your Agenda

CIO Index is the world's largest professional network for CIOs - of the CIO, for the CIO, by the CIO. 

Over 70,000 CIOs and other IT Executives use CIO Index to Learn, Network and Share.

 

Cioindex, Inc.

  • (+1) 800-309-3550
  • Mon - Fri 9:00am - 5:00 pm
  • 115 Franklin Tpke, Mahwah, NJ 07430