Posted in Application, CISSP, COBIT, Defense in Depth, ISACA, Information Security Governance, Opinion, Policies, Relation Competence, Risk on Mar 21st, 2009
I come bearing no answers, only questions. This being the SecurityMonks website, I could not allow the article, “The High Priests of IT — And the Heretics” to pass without comment. No heretics or high priests here. Only a simple security monk. The author, Cory Doctorow, makes his argument well. [...]
Read Full Post »
Posted in COBIT, ISO 27001, ITIL on Jan 15th, 2009
I just received word, I passed the ITIL V2 – V3 Foundation Bridging Course in IT Service Management. Which means, I am now certified in ITIL V3 Foundations. For those not familiar with the Information Technology Infrastructure Library (ITIL), it is a set of concepts and policies for managing information technology (IT) infrastructure, [...]
Read Full Post »
Recently I was asked if I could provide a few pointers to help in developing a risk assessment process for an organization. I thought I would share my response. First, I would like to draw your attention to the mind map image over to the left of this text. The mind map [...]
Read Full Post »
