VIEW ONLINE: ARCHIVES: | | Sentinel, our newsletter for IT governance and information security professionals, continues to explore the great range of available resources found for us by editor Dan Swanson.  Follow us on Twitter!
 Join us on Facebook!
| | | "If someone is going down the wrong road, he doesn't need motivation to speed him up. What he needs is education to turn him around"
- Jim Rohn. "Quality is never an accident; it is always the result of high intention, sincere effort, intelligent direction, and skillful execution; it presents the wise choice of many alternatives"
- W. Foster. "If you have made mistakes, even serious ones, there is always another chance for you. What we call failure is not the falling down, but the staying down"
- Mary Pickford. | This Month's Top "Picks" |  
| Resiliency Engineering ResearchSince 2001, CERT has been working in the areas of security process improvement and operational resiliency management and engineering. Beginning with the introduction of the OCTAVE® Method, CERT has been researching and developing tools, techniques, and methods that help organizations manage operational risk and improve operational resiliency. http://www.cert.org/resiliency_engineering/ The Chief Information Officers (CIO) CouncilThe CIO Council's existence was codified into law by the U.S. Congress in the E-Government Act of 2002. The CIO Council serves as the principal interagency forum for improving practices in the design, modernization, use, sharing, and performance of Federal Government agency information resources. http://www.cio.gov/index.cfm 20/20 vision: Tomorrow's business reportingToday's financial reporting model is rooted in the Great Depression, a time when hard assets such as factories, equipment and land created value. Today, intangibles — strategy, innovation, people, customer loyalty, leadership, technological change, research and development, competitor activities, climate change, patents, reputation — create or destroy value. http://www.grantthornton.com/portal/site Global Best Practices® - Performance improvementPerformance improvement begins with measuring the effectiveness and efficiency of business operations to identify and implement changes needed for optimal success. It involves methodical approaches to business process management, including ongoing efforts to identify your company's strengths and weaknesses. http://globalbestpractices.pwc.com/ NEW! CISSP CBK – Essential for Infosec ProfessionalsCISSP certification has become a pre-requisite for anyone looking to make a career in information security and certification provides professionals with an objective measure of competence and a globally recognised standard of achievement. The issue isn't your current qualification status, it's how current your knowledge is, in relation to the the latest development in this ever-changing field. Purchase a copy of the Official (ISC)2 Guide to the CISSP CBK, Second Edition, it will bring you bang up to date and keep you ahead of the game. http://www.itgovernance.co.uk/products/861 | | | Organisational Governance The Full MontyFollowing the logic of full disclosure, everything you might need to know about a CEO. http://directorsandboards.com/The Dialogue in corporate governance initiative aims to facilitate better understanding of pressure and opportunities that arise in increasingly international capital markets. It encourages dialogue around business, investment accountancy and policy issues relating to corporate governance through publications, roundtables and face-to-face meetings. http://www.icaew.com/index.cfm/route/ Grant Thorton's COSO Resource CenterThe Committee of Sponsoring Organizations of the Treadway Commission (COSO) has released its Guidance on Monitoring Internal Control Systems. Developed by COSO and led by a diverse Grant Thornton LLP team, the purpose of the guidance is to assist organizations in monitoring the effectiveness of their internal control systems and taking timely corrective actions as needed. http://www.grantthornton.com/ | | | IT Governance Making Information Systems Work programNew technology has transformed the way we interact with one another and do business. However, as systems become ever-more complex, the challenges of effective implementation are greater than ever. These are challenges to the whole business, not just IT, and require engagement from all across the organization in the effective management and use of technology. http://www.icaew.com/index.cfm/ Auditing IT Initiatives Is a Recommended Quality PracticeChanges to a company's information technology (IT) environment, both information systems and the underlying platforms, are a source of significant operational risk for every organization. To protect its IT investment and reduce operating risk, robust change management processes are critical. http://www.ahia.org/audit_library/ Society for Technical Communications (STC)STC is an individual membership organization dedicated to advancing the arts and sciences of technical communication. http://www.stc.org/ | | | Risk Management and Internal Audit Resources for the Risk Intelligent Enterprise™Successful companies use a management philosophy that focuses not only on risk avoidance but also on risk-taking as a means to value creation — viewing all challenges and opportunities through the lens of risk. Explore the resources below to view business issues and roles through risk-colored glasses. http://www.deloitte.com/dtt/ Transforming internal audit: The quest for real strategic value To maintain a competitive edge in this increasingly complex world, CEOs and CFOs are focused on increasing shareholder value by relentlessly driving toward two overarching objectives: How to deliver enhanced and superior value to their customers and How to lower their costs of operation. www.pwc.com/internalaudit New Perspectiveson Healthcare Risk Management, Control and Governance, is the quarterly Journal of the Association of Healthcare Internal Auditors. New Perspectives addresses up-to-date information, current trends and issues in the areas of financial auditing, operational auditing, medical auditing, management and consulting, and information systems auditing, as well as the healthcare industry and the auditing profession. http://www.ahia.org/audit_library/ | | | Information Security Long Awaited ISO/IEC 27004:2009 Now Available!Provides guidance on the development, implementation use of metrics to measure the effectiveness of an ISO 27001-compliant ISMS, controls or groups of controls. Helping you to quantify the payback to your organisation of implementing an ISMS. http://blog.itgovernance.co.uk/447/ Comply with the Massachusetts Data Protection Law – 201 CMR 17.00If you need motivation to move towards compliance, Massachusetts General Law, Chapter 93A, section 4 specifically authorizes the Attorney General to seek injunctive relief against the organization involved in the unauthorized act or practice. In addition, section 4 allows a court to impose a $5,000 civil penalty for each violation and if 'violation' is interpreted to mean the unauthorized access to a single individual's personal information, the potential damages could be enormous. http://blog.itgovernance.co.uk/518/ The Systems Security Engineering Capability Maturity Model (SSE-CMM).The SSE-CMM describes the essential characteristics of an organization' s security engineering process that must exist to ensure good security engineering.
http://www.sse-cmm.org/index.html Software security is a pay me now, (or) pay me later proposition.Software security is a pay me now, pay me later proposition. There is ample evidence indicating that it is much more cost effective (by factors of 100:1 or more) to address a security requirements or design flaw (that can propagate forward into code and production) as early in the lifecycle as possible. The same is true for a security defect or coding error. You can fix it during code and test or you can incur all of the costs (dollars and productivity losses) associated with releasing a patch into a production system. http://www.cylab.cmu.edu/ Recent Research Onlineoffers a glimpse at the most relevant academic thinking about business and management. It cuts straight to the bottom line, allowing busy executives and decision makers to stay informed. http://www.strategy-business.com/re | | | ITIL, ITSM & Prince2 ISO/IEC TR 20000-3:2009ISO/IEC TR 20000-3:2009 today - this standard will help you decide if ISO/IEC 20000-1 and implementing a service management system are right for your organisation. http://www.itgovernance.co.uk/products/2815 Information Security Management with ITIL V3This title is a comprehensive source of information on the ITILv3 Information Security Management process. This groundbreaking new title looks at information security from defining what security measures positively support the business, to implementation to maintaining the required level and anticipating required changes. http://www.itgovernance.co.uk/products/2888 ITIL Complete Certification KitThis kit contains books and a CD-ROM which will help you pass your ITILv3 Foundation exam and your ITILv3 Intermediate exams. All of the books in this kit are officially approved, they are endorsed by itSMF, APMG or ISEB. http://www.itgovernance.co.uk/products/2821 Passing Your ITIL Intermediate Exams (ITILv3)This ITILv3 exam guide is suitable for candidates taking any of the ITIL Lifecycle or Capability stream exams, or both. It offers details about the exams, how to prepare and how to achieve the target competencies. http://www.itgovernance.co.uk/products/2819 | | Sign up now for SENTINEL - monthly updates on IT govenance issues that matter | | Download our new Training Catalog and find out what we have to offer in 2009! | Security Awareness Resources Information Security Awareness PostersThe posters are designed to be used as part of a general information security education and awareness initiative inside security-conscious organisations, and all organisations pursuing ISO27001 certification (which requires a staff training and awareness plan) or Data Protection Act compliance. http://www.itgovernance.co.uk/products/1756 The Alan Calder ISO 27001 LibraryThis library of books assembles key publications from Alan Calder - the world's leading authority on ISMS implementation - together as one kit. The Library contains essential information about Information Security Management and ISO 27001. http://www.itgovernance.co.uk/products/749 IT Induction and Information Security AwarenessThe only guide on the market to cover IT Induction and Information Security Awareness! Where your information security is concerned, prevention is better than cure. http://www.itgovernance.co.uk/products/2882 | | Sign up now for SENTINEL - monthly updates on IT govenance issues that matter What are online bookmarks?        | | | This message was sent from Joy Smith / IT Governance to dswanson_2008@yahoo.ca. It was sent from: IT Governance Ltd, IT Governance Ltd, Unit 3, Clive Court, Bartholomew's Walk, Cambridgeshire Business Park, Ely, Cambs CB7 4EH. Registered in England No 4418178. , Ely, Cambs CB7 4EH, United Kingdom. You can modify/update your subscription via the link below. | Email Marketing by
 | | 
Ask a question on any topic and get answers from real people. Go to Yahoo! Answers. |
IT Governance specialises in governance, risk management, compliance and information security.
0 comments:
Post a Comment