Audit Like a Hacker
This presentation guides you through a security audit from a different perspective – that of a hacker who focuses on "value" among other things.
This presentation guides you through a security audit from a different perspective – that of a hacker who focuses on "value" among other things.
This paper presents a process-oriented approach to manage organizational change needed to improve information security compliance. The approach uses Business Aligned Information Security  anagement (BAISeM) and principles that have been derived from standards like ITIL, CObIT and ISO 27001. In order to illustrate the approach, the context of IT service continuity is selected as an example.
This quick introduction to information security governance also covers tips on implementing it successfully.
"This publication is designed for Certified Information Security Managers (CISMs), Chief Information Security Officers (CISOs) and information security managers to use as action steps in addressing the questions posed by the 2001 ITGI publication Information Security Governance: Guidance for Boards of Directors and Executive Management. "
This presentation discusses a framework for information security and business alignment – the extent to which the ISEC function is integrated into the rest of the business organization
This paper provides an overview of information security governance for the board of directors so "the board can provide a level of needed oversight to this vital business function that is adequate and necessary, and in doing so, exercise its essential duty of care."<br />
<br />
<span style="background-color: rgb(255, 255, 153); ">Dated Material</span>
This paper proposes a preliminary framework for information security governance that builds on the lessons of Federal Information Security Management Act (FISMA) and ISO 17799.
This presentation makes the connection between corporate governance, information technology IT governance, information security governance, and risk management.
This paper discusses the role and importance of effective Information Security Management (ISM), how it is supported by an extensive family of global standards and the way these harmonize with ITIL
This in-depth presentation provides a step by step guide to implementing an information technology risk management program