IT Compliance and Controls

Converging Business, Information, and Controls

IT Compliance and Controls header image 4

Entries Tagged as 'Trusted Computing Platform Systems'

ISACA is seeking feedback on COBIT 5.0 Design Draft

March 23rd, 2010 · No Comments

COBIT 5 exposure draft is out for review, so sharpen those pencils, order that Grande with an add shot, and find someplace quiet and dig into this design document (note this is NOT Cobit 5.0 but instead the plan at which will be employed to create it.  It is critical to review and provide feedback […]

[Read more →]

Tags: Change Control · Direcitonal Alignment · Life Cycle Management · Monitoring and Performance Reviews · Physical Access · Risk Awareness · SDLC · Trusted Communications and Network · Trusted Computing Platform Systems

CIA: Energy Infrastructure Attacked

January 24th, 2008 · No Comments

In my book, IT Compliance and Controls, I highlight the importance of the energy infrastructure, and the risks that these systems face given their newly interconnectedness. To highlight the relevant points from the book – the energy infrastructures of the world support the medical, HVAC, security, and financial systems of our economies. The loss of […]

[Read more →]

Tags: Access and Authorization · Application Controls · Incident Response Capability · Logical Access · Monitoring and Performance Reviews · Physical Access · Sustain Operations · Technology Intelligence · Trusted Computing Platform Systems

Global Impact of Corporate Espionage – a focus on China and U.S. Companies

December 11th, 2007 · No Comments

An eye opening report was put forth by the U.S. government (USCC) that focused on the political impact of China on the United States.  The report covered currency, pollution, censorship, information technology, competition, supply-chain concerns, and recommended actions.  The report is an important read to every business executive as a whole given the economic importance […]

[Read more →]

Tags: Monitoring and Performance Reviews · Risk Awareness · Technology Intelligence · Trusted Communications and Network · Trusted Computing Platform Systems

HITBSecConf2007 presentations are online!

September 27th, 2007 · 1 Comment

The generous conference organizers at this years “Hack In The Box Security Conference Series” Malaysia (September 3-6) have posted the full presentations for anyone to download and enjoy. This is an excellent resource for extending your knowledge and leveraging the leading thought leaders in security. My favorite reads include Andrew Cushman’s “State of Security“, Martin […]

[Read more →]

Tags: Human Resources · Life Cycle Management · Risk Awareness · Security and Assurance · Trusted Communications and Network · Trusted Computing Platform Systems