IT Compliance and Controls

Converging Business, Information, and Controls

IT Compliance and Controls header image 4

Entries Tagged as 'Life Cycle Management'

ISACA is seeking feedback on COBIT 5.0 Design Draft

March 23rd, 2010 · No Comments

COBIT 5 exposure draft is out for review, so sharpen those pencils, order that Grande with an add shot, and find someplace quiet and dig into this design document (note this is NOT Cobit 5.0 but instead the plan at which will be employed to create it.  It is critical to review and provide feedback […]

[Read more →]

Tags: Change Control · Direcitonal Alignment · Life Cycle Management · Monitoring and Performance Reviews · Physical Access · Risk Awareness · SDLC · Trusted Communications and Network · Trusted Computing Platform Systems

Misunderstandings on SOX costs and Governance

March 28th, 2008 · No Comments

A recent article raised the point that SOX expense by companies was declining (as it should with the full adoption of AS5 across all filers and it being in place for over 6 years!), and that according to analysts that Governance expenses were on the rise and the new focus of enterprises.  Yes and not […]

[Read more →]

Tags: iso27001 · Life Cycle Management · Risk Awareness · Technology Strategy Orchestration · Tone at the Top

HITBSecConf2007 presentations are online!

September 27th, 2007 · 1 Comment

The generous conference organizers at this years “Hack In The Box Security Conference Series” Malaysia (September 3-6) have posted the full presentations for anyone to download and enjoy. This is an excellent resource for extending your knowledge and leveraging the leading thought leaders in security. My favorite reads include Andrew Cushman’s “State of Security“, Martin […]

[Read more →]

Tags: Human Resources · Life Cycle Management · Risk Awareness · Security and Assurance · Trusted Communications and Network · Trusted Computing Platform Systems