Chapter

Information Security Governance

e-Book: Cybersecurity Strategy

An in-depth discussion on cybersecurity as an executive issue and creating a strategy that aligns with business strategy.

Introduction to Information Security

This presentation provides a basic overview of threats facing organizations and how to deal with them. A very good introduction to basic concepts in information security.

e-Book – Integrating COBIT and Balanced Scorecard Framework

This paper proposes a framework that is based upon the integration of COBIT and the Balanced Scorecard frameworks. This new framework plugs key gaps in each framework, aligns business with IT, and improves audit capabilities. Excellent Read! (100 pages)

IT Governance Guide

This IT Governance guide provides a template to understand and strengthen controls over information technology. It focuses on IT Security and related areas.

Introduction to IT Security Governance

This presentation introduces information technology governance and information security governance and key concepts related to them – what is IT governance? what is IT security governance? what is the IT security Governance framework? what are some leading practices in implementing IT security governance?

IT Security Self Assessment Guide

This document provides guidance on applying the IT Security Assessment Framework – establishes five levels of standardized security status and criteria – by identifying 17 control areas, such as those pertaining to identification and authentication and contingency planning. In addition, the guide provides control objectives and techniques that can be measured for each area. (100 Pages)

Prioritizing IT Security Investments

This document provides guidance on integrating IT security and IT Investment Management processes. Applying funding towards high-priority security investments supports the objective of maintaining appropriate security controls, both at the enterprise-wide and system level, commensurate with levels of risk and data sensitivity. This paper introduces common criteria against which managers can prioritize security activities to ensure that corrective actions are incorporated into the capital planning process to deliver maximum security in a cost-effective manner. (70 Pages)

IT Security Metrics Guide

This document provides guidance on how an organization, through the use of metrics, identifies the adequacy of in-place security controls, policies, and procedures. It provides an approach to help management decide where to invest in additional security protection resources or identify and evaluate nonproductive controls. It explains the metric development and implementation process and how it can also be used to adequately justify security control investments. The results of an effective metric program can provide useful data for directing the allocation of information security resources and should simplify the preparation of performance-related reports. (100 pages)

Introduction to Common Criteria Scheme (CCS)

This presentation introduces the Common Criteria Evaluation and Certification Scheme, or CCS – an independent evaluation and certification service for measuring the security assurance and functionality claims of Information and Communications Technology (ICT) products and systems. What is it? Why is it important to you?

Introduction to Cyber Forensics

This presentation provides an overview of cyber forensics – what is forensics? what is cyber forensics? who uses cyber forensics? what are the skills needed for cyber forensics?

Copyright ©  2020  CIO Portal. All rights reserved.