Search results
Jump to navigation
Jump to search
Page title matches
- ==Availability Management== Availability Management allows organizations to sustain the IT service availability in order to sup ...1 KB (154 words) - 15:48, 20 March 2007
- ==Financial Management== ...ery section of the [[ITIL]] best practice framework. The aim of Financial Management for IT Services is to give accurate and cost effective stewardship of IT as ...6 KB (885 words) - 10:12, 23 March 2007
- ==Release Management== ...ntation of new hardware and software is also the responsibility of Release Management. This guarantees that all software can be conceptually optimized to meet th ...2 KB (352 words) - 16:42, 20 March 2007
- ==Problem Management== The goal of Problem Management is to resolve the root cause of incidents and thus to minimize the adverse ...3 KB (480 words) - 16:20, 20 March 2007
- ==IT Service Continuity Management== ...[[Contingency Plan Testing]], and [[Risk_Assessment_and_Treatment: | Risk Management]]. ...464 bytes (58 words) - 13:24, 30 April 2007
- ==Incident Management== ...| Service Level Management]] process area. The first goal of the incident management process is to restore a normal service operation as quickly as possible and ...9 KB (1,371 words) - 16:40, 23 May 2007
- ==Change Management== ...anges (fixes) - with minimum risk to IT infrastructure. The goal of Change Management is to ensure that standardized methods and procedures are used for efficien ...4 KB (588 words) - 16:23, 21 March 2007
- ==Security Management== ...urity Management is based on the code of practice for information security management also known as ISO/IEC 17799. ...32 KB (4,804 words) - 14:10, 27 February 2009
- ==Configuration Management == ...re or software upgrade, a computer technician can access the configuration management program and database to see what is currently installed. The technician can ...7 KB (942 words) - 15:09, 23 March 2007
- ==IT Management Booklet== ...risk management processes to ensure effective information technology (IT) management.<br> ...5 KB (645 words) - 18:03, 27 April 2007
- ==Capacity Management== ...agement, Modeling, Capacity Planning, Resource Management, and Performance Management. ...352 bytes (43 words) - 15:46, 20 March 2007
- ...cording to whether the risk management method is in the context of project management, security, risk analysis, industrial processes, financial portfolios, actua Certain aspects of many of the risk management standards have come under criticism for having no measurable improvement on ...27 KB (4,185 words) - 23:45, 10 March 2010
- =='''Asset Management'''== ...mation security perspective is not just about 'IT' Assets. It is about the management, control and protection of '''all''' aspects of Information / Data in whate ...5 KB (705 words) - 13:29, 23 May 2007
- '''MANAGEMENT CONTROL '''<br> ...DOI A.1''']] Is there an IS steering committee or other evidence that top management is involved in the IS function and, if so, who are the members? Please prov ...2 KB (354 words) - 20:12, 25 June 2006
- ==Information Security Aspects of Business Continuity Management== ==Business Continuity Management Considerations== ...9 KB (1,274 words) - 00:17, 1 June 2007
- ==Service Level Management== ...l processes to control their activities. The central role of Service Level Management makes it the natural place for metrics to be established and monitored agai ...2 KB (253 words) - 15:44, 20 March 2007
- ==Communications and Operations Management== ...y and cost effective service to client financial institutions. Institution management should monitor any changes in the current strategies and plans of independe ...19 KB (2,609 words) - 13:51, 23 May 2007
- ==Service Desk Management== A '''Service Desk''' is a primary IT capability called for in IT Service Management (ITSM) as defined by the [[Information Technology Infrastructure Library]] ...4 KB (552 words) - 16:15, 20 March 2007
- ==Software Configuration Management== Software Configuration Management (SCM) is the discipline whose objective is to identify the configuration of ...22 KB (3,132 words) - 19:07, 17 April 2007
- ==IT Risk Management Process== ...he ability to mitigate IT risks is dependent upon risk assessments. Senior management should identify, measure, control, and monitor technology to avoid risks th ...4 KB (528 words) - 16:58, 28 March 2010
- ...ves, or from programs, projects or service improvement initiatives. Change Management can ensure standardized methods, processes and procedures are used for all ==Change management in development projects== ...4 KB (523 words) - 10:24, 23 April 2010
- ==Sample Configuration Management Standard== ...e objectives established in the [[Sample_Asset_Management_Policy:|'''Asset Management Standard''']], and provides specific instructions and requirements for esta ...5 KB (681 words) - 21:56, 15 January 2014
- =='''Vulnerability Management Standard'''== ...jectives for establishing specific standards on the assessment and ongoing management of vulnerabilities.<br> ...9 KB (1,122 words) - 14:12, 1 May 2010
- =='''Sample Management Security Awareness Standard'''== ...ts for providing security awareness education and training for the Company management.<br> ...6 KB (752 words) - 14:02, 1 May 2010
- Click [[File:Records-Management.pdf]] for more information. ...299 bytes (39 words) - 22:00, 15 March 2010
- ==Sample Asset Management Standard== ...ard defines Company objectives for establishing specific standards for the management of the networks, systems, and applications that store, process and transmit ...3 KB (389 words) - 17:40, 14 January 2014
- ...rily out of [[ISO/IEC 17799]], a code of practice for information security management published by the [[International Organization for Standardization]] in 2000 ...can be used as a template to make ISO 9001 compliant information security management systems. While ISO 27001 is controls based, ISM3 is process based. ISM3 has ...2 KB (257 words) - 17:09, 22 March 2007
- ...covered that with an organized, systematic approach, you can approach risk management effectively. Risk simply put is the negative impact to business assets by t ...lping you understanding the core elements of a successful IT security risk management program for a commercial enterprise, the processes of calculating the cost ...23 KB (3,630 words) - 10:19, 27 October 2012
- =='''Sample Life Cycle Management Standard'''== ...Name>''' (the "Company") [[Sample Asset Management Policy:|'''Sample Asset Management Policy''']] defines objectives for establishing specific standards for prop ...16 KB (2,312 words) - 14:14, 1 May 2010
- =='''Sample Management Security Awareness Standard'''== ...ts for providing security awareness education and training for the Company management.<br> ...5 KB (662 words) - 17:54, 25 July 2006
- ==Sample Vulnerability Assessment and Management Standard== ...ectives for establishing specific standards for the assessment and ongoing management of vulnerabilities. ...2 KB (230 words) - 19:16, 14 January 2014
- ...done on time and on budget, you know it can be a challenge. Learn project management practices that make the e-Discovery process easier. You’ll improve planning ...402 bytes (59 words) - 10:44, 16 March 2010
Page text matches
- ==Capacity Management== ...agement, Modeling, Capacity Planning, Resource Management, and Performance Management. ...352 bytes (43 words) - 15:46, 20 March 2007
- ==IT Service Continuity Management== ...[[Contingency Plan Testing]], and [[Risk_Assessment_and_Treatment: | Risk Management]]. ...464 bytes (58 words) - 13:24, 30 April 2007
- ==Service Level Management== ...l processes to control their activities. The central role of Service Level Management makes it the natural place for metrics to be established and monitored agai ...2 KB (253 words) - 15:44, 20 March 2007
- ==Sample Vulnerability Assessment and Management Standard== ...ectives for establishing specific standards for the assessment and ongoing management of vulnerabilities. ...2 KB (230 words) - 19:16, 14 January 2014
- Provides a framework for consistent, timely, and cost-effective management decisions.<br> Management best guesses.<br> ...2 KB (318 words) - 16:08, 3 August 2006
- Provides a framework for consistent, timely, and cost-effective management decisions.<br> Management best guesses.<br> ...2 KB (322 words) - 16:10, 3 August 2006
- ==Change Management== ...anges (fixes) - with minimum risk to IT infrastructure. The goal of Change Management is to ensure that standardized methods and procedures are used for efficien ...4 KB (588 words) - 16:23, 21 March 2007
- ...g to a business and service priority and routed to the appropriate problem management team, and customers kept informed of the status of their queries. ITIL Incident Management<br> ...2 KB (299 words) - 17:41, 5 May 2006
- ...rily out of [[ISO/IEC 17799]], a code of practice for information security management published by the [[International Organization for Standardization]] in 2000 ...can be used as a template to make ISO 9001 compliant information security management systems. While ISO 27001 is controls based, ISM3 is process based. ISM3 has ...2 KB (257 words) - 17:09, 22 March 2007
- ...issues are recorded, analyzed, resolved in a timely manner and reported to management. . ...if a problem management system exists and how it is being used. Review how management has documented how the system is to be used. ...2 KB (325 words) - 19:12, 25 June 2006
- Management should establish quality assurance procedures and update future planning wi Management should conduct quality assurance reviews for all significant activities bot ...2 KB (227 words) - 18:59, 17 April 2007
- ==Sample Asset Management Standard== ...ard defines Company objectives for establishing specific standards for the management of the networks, systems, and applications that store, process and transmit ...3 KB (389 words) - 17:40, 14 January 2014
- ==Availability Management== Availability Management allows organizations to sustain the IT service availability in order to sup ...1 KB (154 words) - 15:48, 20 March 2007
- ITIL Security Management, Security Management Measures<br> ITIL 4.2 Implement Security Management, Security Management Measures<br> ...2 KB (270 words) - 14:54, 5 May 2006
- ==Service Desk Management== A '''Service Desk''' is a primary IT capability called for in IT Service Management (ITSM) as defined by the [[Information Technology Infrastructure Library]] ...4 KB (552 words) - 16:15, 20 March 2007
- ...sourced services is performed in accordance with the organization’s vendor management policy.<br> ...sourced services is performed in accordance with the organization’s vendor management policy. .<br> ...2 KB (306 words) - 18:32, 14 June 2006
- ...sourced services is performed in accordance with the organization's vendor management policy.<br> ...nagement policy and discuss with those responsible for third-party service management if they follow such standards. ...2 KB (295 words) - 15:40, 25 June 2006
- '''PO 9.1 IT and Business Risk Management Alignment'''<br> ...nagement and control framework with the organization’s (enterprise’s) risk management framework. This includes alignment with the organization’s risk appetite an ...3 KB (377 words) - 14:10, 8 August 2006
- =='''Asset Management'''== ...mation security perspective is not just about 'IT' Assets. It is about the management, control and protection of '''all''' aspects of Information / Data in whate ...5 KB (705 words) - 13:29, 23 May 2007
- ==Problem Management== The goal of Problem Management is to resolve the root cause of incidents and thus to minimize the adverse ...3 KB (480 words) - 16:20, 20 March 2007
- =='''Sample Management Security Awareness Standard'''== ...ts for providing security awareness education and training for the Company management.<br> ...5 KB (662 words) - 17:54, 25 July 2006
- '''DS 5.1 Management of IT Security'''<br> Manage IT security at the highest appropriate organizational level, so the management of security actions is in line with business requirements. ...3 KB (394 words) - 17:12, 22 March 2007
- :[[Sample Asset Management Policy:|'''Sample Asset Management Policy''']]<br> :The Asset Management Policy defines objectives for properly managing Information Technology infr ...3 KB (404 words) - 14:53, 25 July 2006
- ...01: "Information technology - Security techniques - [[Information Security Management System]]s" are of particular interest to information security professionals ...s standards and guidelines to increase secure IT planning, implementation, management and operation. NIST is also the custodian of the USA [http://csrc.nist.go ...2 KB (287 words) - 14:29, 8 March 2007
- ==Release Management== ...ntation of new hardware and software is also the responsibility of Release Management. This guarantees that all software can be conceptually optimized to meet th ...2 KB (352 words) - 16:42, 20 March 2007
- :::a. SOX.2.0.1: Organizational policies and management procedures are in place to ensure the IT function is controlled properly.<b ITIL ICT Infrastructure Management.<br> ...3 KB (356 words) - 17:11, 1 May 2006
- ...ves, or from programs, projects or service improvement initiatives. Change Management can ensure standardized methods, processes and procedures are used for all ==Change management in development projects== ...4 KB (523 words) - 10:24, 23 April 2010
- [[DS1.1:| 1.1 Service Level Management Framework]]<br> [[DS2.2:| 2.2 Supplier Relationship Management]]<br> ...4 KB (538 words) - 19:08, 14 June 2007
- ==IT Management Booklet== ...risk management processes to ensure effective information technology (IT) management.<br> ...5 KB (645 words) - 18:03, 27 April 2007
- ...upport the objectives established in the Asset Protection Policy and Asset Management Policy.<br> :1. [[Sample Life Cycle Management Standard:|'''Sample ISO Life Cycle Management Standard''']]<br> ...5 KB (613 words) - 18:14, 25 July 2006
- The problem management system should provide for adequate audit trail facilities that allow tracki ...rs on user services. In the event that this impact becomes severe, problem management should escalate the problem, perhaps referring it to an appropriate board t ...3 KB (451 words) - 17:52, 5 May 2006
- ...nal standard for [[Compliance#ITIL_IT_Infrastructure_Library: | IT Service Management]]. It was developed in 2005, by the BSI Group. It is based on and intended ...ogether, these form a top-down framework to define the features of service management processes that are essential for the delivery of high quality services.<br> ...2 KB (298 words) - 14:25, 23 April 2010
- [[Asset Management:|'''Asset Management''']]<br> [[Communications and Operations Management:|'''Communications and Operations Management''']]<br> ...3 KB (378 words) - 21:27, 18 January 2015
- ==Financial Management== ...ery section of the [[ITIL]] best practice framework. The aim of Financial Management for IT Services is to give accurate and cost effective stewardship of IT as ...6 KB (885 words) - 10:12, 23 March 2007
- ...nd services. The framework should integrate with the corporate performance management system.<br> ...2 KB (301 words) - 12:27, 4 May 2006
- ...c level to deal with related security issues. Obtain direction from senior management on the appetite for IT risk and approval of any residual IT risks.<br> ITIL ICT Infrastructure Management, Design and Planning.<br> ...3 KB (370 words) - 18:04, 1 May 2006
- ...rs, risk managers, the corporate compliance group, outsourcers and offsite management.<br> ITIL 7. Supplier Relationship Management.<br> ...2 KB (342 words) - 18:20, 1 May 2006
- ==Configuration Management== ...an '''Information Technology Infrastructure Library''' [[ITIL]] IT Service Management [[ITSM]] '''process''' that tracks all of the individual Configuration Item ...4 KB (570 words) - 16:12, 23 March 2007
- ...t and disposition of records under chapters 29, 31, or 33 of title 44, the management of information resources under sub-chapter I of chapter 35 of this title, o ...851 bytes (128 words) - 21:01, 3 June 2010
- '''PO 10.2 Project Management Framework'''<br> ...should be integrated with the enterprise portfolio management and program management processes.<br> ...3 KB (367 words) - 16:28, 21 June 2006
- ==Configuration Management == ...re or software upgrade, a computer technician can access the configuration management program and database to see what is currently installed. The technician can ...7 KB (942 words) - 15:09, 23 March 2007
- :'''Assign to an individual or team the following information security management responsibilities:'''<br> ...rity to a Chief Security Officer or other security-knowledgeable member of management. Obtain information security policies and procedures to verify that the fol ...2 KB (293 words) - 16:04, 2 March 2007
- ...is standardized, logged, approved, documented and subject to formal change management procedures. ...xists and is maintained to reflect the current process. Consider if change management procedures exist for all changes to the production environment, including p ...3 KB (447 words) - 13:36, 23 June 2006
- '''ME 4.5 Risk Management'''<br> ...s and report IT-related risks and the impact on the business. Make sure IT management follows up on risk exposures, paying special attention to IT control failur ...2 KB (334 words) - 13:36, 4 May 2006
- :'''Assign to an individual or team the following information security management responsibilities:'''<br> ...rity to a Chief Security Officer or other security-knowledgeable member of management. Obtain information security policies and procedures to verify that the fol ...2 KB (303 words) - 16:00, 2 March 2007
- '''DS 10.4 Integration of Change, Configuration and Problem Management '''<br> ...ents, integrate the related processes of change, configuration and problem management. Monitor how much effort is applied to firefighting rather than enabling bu ...2 KB (248 words) - 17:50, 5 May 2006
- ...y policy exists and has been approved by an appropriate level of executive management. ...been approved by an appropriate level of senior management to demonstrate management’s commitment to security? ...3 KB (351 words) - 16:49, 25 June 2006
- ...t and disposition of records under chapters 29, 31, or 33 of title 44, the management of information resources under sub-chapter I of chapter 35 of this title, o ...940 bytes (143 words) - 21:44, 1 June 2010
- ITIL Service Delivery, IT Service Continuity Management.<br> ITIL 7.5 Risk assessment model ICT Infrastructure Management, Annex 3B.<br> ...2 KB (317 words) - 20:10, 1 May 2006
- :::a. SOX.2.0.1: Organizational policies and management procedures are in place to ensure the IT function is controlled properly.<b ITIL 8. Roles, Responsibilities and Interfaces Application Management.<br> ...3 KB (393 words) - 17:18, 1 May 2006
- <br>Produce reports of service desk activity to enable management to measure service performance and service response times and to identify t ITIL Incident Management<br> ...2 KB (264 words) - 17:42, 5 May 2006
- ...strators cannot connect remotely to the wireless management interface (all management of wireless environments is only from the console).<br> ...3 KB (352 words) - 13:58, 28 February 2007
- ITIL Service Delivery, Financial Management for IT Services.<br> ITIL 5.1.7 Benefits Service Delivery, Financial Management for IT Services.<br> ...2 KB (346 words) - 18:25, 1 May 2006
- ...799]], "Information Technology - Code of practice for information security management." in 2000. [[ISO/IEC 17799]] was then revised in June 2005 and finally inc ...security management system]] (ISMS), referring to the information security management structure and controls identified in BS 7799-2, which later became [[ISO/IE ...2 KB (249 words) - 10:56, 27 October 2012
- ...sks and responsibilities of internal and external service providers, their management and their customers, and the rules and structures to document, test and exe :::a. [[SOX.2.0.1:|'''SOX.2.0.1''']] Organizational policies and management procedures are in place to ensure the IT function is controlled properly. ...3 KB (456 words) - 17:15, 15 February 2007
- ITIL Service Delivery, Capacity Management.<br> ITIL 6.3 Activities in capacity management Service Delivery, Availability Management.<br> ...2 KB (290 words) - 17:49, 25 April 2007
- ...report and classify problems that have been identified as part of incident management. The steps involved in problem classification are similar to the steps in c :::a. SOX.3.1.1: Management should monitor security incidents and the extent of compliance with informa ...4 KB (601 words) - 15:01, 8 August 2006
- ==Sample Configuration Management Standard== ...e objectives established in the [[Sample_Asset_Management_Policy:|'''Asset Management Standard''']], and provides specific instructions and requirements for esta ...5 KB (681 words) - 21:56, 15 January 2014
- '''MANAGEMENT CONTROL '''<br> ...DOI A.1''']] Is there an IS steering committee or other evidence that top management is involved in the IS function and, if so, who are the members? Please prov ...2 KB (354 words) - 20:12, 25 June 2006
- '''PO 5.1 Financial Management Framework'''<br> ...these portfolios to the budget prioritization, cost management and benefit management processes.<br> ...2 KB (353 words) - 18:22, 1 May 2006
- ...puter operations, which are periodically reviewed, updated and approved by management. ...and availability is compromised because emergency changes are made without management approval.''' ...4 KB (537 words) - 13:57, 23 June 2006
- [[ME4.4:| 4.4 Resource Management]]<br> [[ME4.5:| 4.5 Risk Management]]<br> ...2 KB (195 words) - 19:06, 14 June 2007
- * [[KY MANAGEMENT CONTROL:|'''MANAGEMENT CONTROL''']] ...924 bytes (100 words) - 20:14, 25 June 2006
- * [[GA MANAGEMENT CONTROL:|'''MANAGEMENT CONTROL''']] ...923 bytes (100 words) - 20:08, 25 June 2006
- * [[LA MANAGEMENT CONTROL:|'''MANAGEMENT CONTROL''']] ...925 bytes (100 words) - 20:09, 25 June 2006
- * [[TX MANAGEMENT CONTROL:|'''MANAGEMENT CONTROL''']] ...921 bytes (100 words) - 20:10, 25 June 2006
- * [[WI MANAGEMENT CONTROL:|'''MANAGEMENT CONTROL''']] ...925 bytes (100 words) - 20:11, 25 June 2006
- '''PO 1.6 IT Portfolio Management'''<br> ITIL ICT Infrastructure Management.<br> ...3 KB (470 words) - 13:39, 6 March 2007
- ITIL Applications Management.<br> ITIL The Application Management Lifecycle.<br> ...3 KB (377 words) - 14:55, 1 May 2006
- * [[FL MANAGEMENT CONTROL:|'''MANAGEMENT CONTROL''']] ...928 bytes (100 words) - 20:06, 25 June 2006
- ...chnology - Security techniques - Code of practice for information security management''. The current standard is a revision of the version published in [[2000]], ...]] for initiating, implementing or maintaining [[ISMS|Information Security Management Systems]] (ISMS). Information security is defined within the standard in th ...6 KB (847 words) - 16:57, 26 March 2007
- :'''Ensure management approves all media that is moved from a secured area (especially when media ...g logs, and verify the presence in the logs of tracking details and proper management authorization.'''<br> ...2 KB (281 words) - 14:25, 2 March 2007
- :4. [[Sample Asset Management Policy:|'''Sample HIPAA Asset Management Policy''']]<br> :The Asset Management Policy is required to comply with HIPAA (Subpart C Section 164.308(a)1C,2, ...5 KB (614 words) - 16:46, 25 July 2006
- '''PO 8.1 Quality Management System'''<br> ...conformity. The QMS should define the organizational structure for quality management, covering the roles, tasks and responsibilities. All key areas develop thei ...2 KB (337 words) - 19:47, 1 May 2006
- ...ards define Company objectives for establishing specific standards for the management of the networks, systems, and applications that store, process and transmit ...ectives for establishing specific standards for the assessment and ongoing management of vulnerabilities.<br> ...4 KB (465 words) - 15:46, 13 January 2014
- =='''Sample Management Security Awareness Standard'''== ...ts for providing security awareness education and training for the Company management.<br> ...6 KB (752 words) - 14:02, 1 May 2010
- ...DOI A.1''']] Is there an IS steering committee or other evidence that top management is involved in the IS function and, if so, who are the members? Please prov * [[PO10.3:|'''PO 10.3 Project Management Approach''']]<br> ...3 KB (346 words) - 21:58, 23 June 2006
- ==IT Risk Management Process== ...he ability to mitigate IT risks is dependent upon risk assessments. Senior management should identify, measure, control, and monitor technology to avoid risks th ...4 KB (528 words) - 16:58, 28 March 2010
- :::a. SOX.2.0.1: Organizational policies and management procedures are in place to ensure the IT function is controlled properly.<b ITIL Security Management, Security Management Measures.<br> ...2 KB (338 words) - 19:03, 17 April 2007
- ...y to explain deviations and performance problems. Upon review, appropriate management action should be initiated and controlled.<br> ...2 KB (347 words) - 13:38, 4 May 2006
- ITIL Security Management, Security Management Measures.<br> ITIL 4.2 Implement Security Management, Security Management Measures.<br> ...3 KB (420 words) - 14:06, 8 August 2006
- :::a. [[SOX.2.7.7:|'''SOX.2.7.7''']] The problem management system provides for adequate audit trail facilities, which allow tracing fr 2. Review a sample of problems recorded on the problem management system to consider whether a proper audit trail exists and is used. ...2 KB (297 words) - 19:19, 25 June 2006
- '''PO 10.1 Program Management Framework'''<br> ITIL ICT Infrastructure Management.<br> ...2 KB (345 words) - 01:18, 2 May 2006
- ...Standard (ISO 17799) is an internationally recognized information Security Management standard consisting of security clauses, controls, and objectives comprisin ::ISO 17799 defines Security Policy objectives to provide management direction and support for information security. This section provides templ ...8 KB (1,023 words) - 17:25, 24 October 2006
- ...| governance]], [[Risk_management | risk]], and [[compliance]] activities; management reviews, and Microsoft Solutions Framework (MSF) best practices.<br> ...tivities through the use of [[risk management]], [[Change_control | change management]], and controls. It also provides guidance relating to accountability and r ...3 KB (461 words) - 14:19, 23 April 2010
- :::a. [[SOX.2.0.13:|'''SOX.2.0.13''']] IT management determines that, before selection, potential third parties are properly qua ...hird party’s financial stability, skill and knowledge of the systems under management, and controls over security, availability and processing integrity. .<br> ...2 KB (317 words) - 18:30, 14 June 2006
- :'''Assign to an individual or team the following information security management responsibilities:'''<br> ...rity to a Chief Security Officer or other security-knowledgeable member of management. Obtain information security policies and procedures to verify that the fol ...2 KB (294 words) - 20:02, 2 March 2007
- '''DS 5.8 Cryptographic Key Management '''<br> ITIL Security Management<br> ...3 KB (413 words) - 19:02, 4 May 2006
- :::a. SOX.3.1.1: Management should monitor security incidents and the extent of compliance with informa ITIL Service Delivery, Availability Management <br> ...2 KB (351 words) - 13:57, 4 May 2006
- :'''Assign to an individual or team the following information security management responsibilities:'''<br> ...rity to a Chief Security Officer or other security-knowledgeable member of management. Obtain information security policies and procedures to verify that the fol ...2 KB (293 words) - 15:59, 2 March 2007
- :::a. [[SOX.2.7.15:|'''SOX.2.7.15''']] Management has established, documented and followed standard procedures for IT operati 1. Determine if management has documented its procedures for IT operations, and operations are reviewe ...2 KB (315 words) - 20:11, 25 June 2006
- ::'''Verify the existence of key management procedures.'''<br> ::Examine the key management procedures and determine the procedures require the following: ...2 KB (311 words) - 17:11, 28 February 2007
- :'''Assign to an individual or team the following information security management responsibilities:'''<br> ...rity to a Chief Security Officer or other security-knowledgeable member of management. Obtain information security policies and procedures to verify that the fol ...2 KB (296 words) - 16:02, 2 March 2007
- ...ments analysis was performed and appropriately approved (including account management and IT security). Obtain and examine documents associated with requirements ITIL ICT Infrastructure Management, Design and Planning.<br> ...3 KB (446 words) - 16:36, 1 May 2006
- :[[Executive Management Awareness:|'''Executive Management Awareness''']]<br> :This presentation on executive management awareness covers security and business risks, anatomy of an attack, and a s ...5 KB (653 words) - 12:45, 25 April 2007
- ::'''Verify the existence of key management procedures.'''<br> ::Examine the key management procedures and determine the procedures require the following: ...2 KB (311 words) - 17:07, 28 February 2007
- ::'''Verify the existence of key management procedures.'''<br> ::Examine the key management procedures and determine the procedures require the following: ...2 KB (311 words) - 17:09, 28 February 2007
- ::'''Verify the existence of key management procedures.'''<br> ::Examine the key management procedures and determine the procedures require the following: ...2 KB (312 words) - 17:12, 28 February 2007
- '''DS 1.1 Service Level Management Framework'''<br> ...ogue. The framework defines the organizational structure for service level management, covering the roles, tasks and responsibilities of internal and external se ...4 KB (524 words) - 15:03, 25 June 2006
- ::'''Verify the existence of key management procedures.'''<br> ::Examine the key management procedures and determine the procedures require the following: ...2 KB (312 words) - 17:06, 28 February 2007
- ::'''Verify the existence of key management procedures.'''<br> ::Examine the key management procedures and determine the procedures require the following: ...2 KB (314 words) - 17:14, 28 February 2007
- ::'''Verify the existence of key management procedures.'''<br> ::Examine the key management procedures and determine the procedures require the following: ...2 KB (315 words) - 17:14, 28 February 2007
- ::'''Verify the existence of key management procedures.'''<br> ::Examine the key management procedures and determine the procedures require the following: ...2 KB (318 words) - 17:15, 28 February 2007
- ...on and database, and identified security violations are reported to senior management. ...s the nature and extent of such events over the past year and discuss with management how they have responded with controls to prevent unauthorized access or man ...2 KB (321 words) - 18:06, 25 June 2006
- ::'''Verify the existence of key management procedures.'''<br> ::Examine the key management procedures and determine the procedures require the following: ...2 KB (323 words) - 17:20, 28 February 2007
- 1. Conduct an evaluation of the frequency and timeliness of management’s review of configuration records. 2. Assess whether management has documented the configuration management procedures. ...2 KB (324 words) - 18:46, 25 June 2006
- '''PO 2.4 Integrity Management'''<br> ....1.6: Database access is granted through a service request and approved by management.<br> ...4 KB (550 words) - 14:34, 1 May 2006
- ISO 27002 (17799) defines Security Policy objectives to provide management direction and support for information security. This section provides templ ...ling Standard is required to comply with ISO Communications and Operations Management objectives and builds on the objectives established in the Asset Protection ...2 KB (202 words) - 12:40, 15 June 2007
- '''PO 10.3 Project Management Approach'''<br> Establish a project management approach commensurate with the size, complexity and regulatory requirements ...4 KB (594 words) - 19:50, 25 June 2006
- ::'''Verify the existence of key management procedures.'''<br> ::Examine the key management procedures and determine the procedures require the following: ...2 KB (334 words) - 17:13, 28 February 2007
- ITIL IT Service Continuity Management<br> ITIL 7.3 Service continuity management generic recovery plan<br> ...2 KB (270 words) - 18:10, 25 April 2007
- ITIL IT Service Continuity Management.<br> ITIL 7.3.4 Stage 4 - Operational management.<br> ...2 KB (278 words) - 18:21, 25 April 2007
- The objective of this category is to provide management direction and support for information security in accordance with business One or more information security policy documents should be approved by management, and published and communicated to all employees and relevant external part ...8 KB (1,063 words) - 13:25, 23 May 2007
- ...nd discussions, that procedures exist for user authentication and password management, by performing the following:'''<br> ::'''PCI-8.5.1 B:''' Determine that only administrators have access to management consoles for wireless networks.'''<br> ...3 KB (345 words) - 14:24, 1 March 2007
- ...th the business continuity planner). The RTOs are then presented to senior management for acceptance. The RTO attaches to the business process and not the resour * [http://www.pas56.com/ BS25999 Business Continuity Management] ...2 KB (272 words) - 11:15, 27 October 2012
- '''AI 2.9 Applications Requirements Management'''<br> ...being approved through an established [[Change_control | change control]] management process.<br> ...2 KB (274 words) - 13:47, 6 March 2007
- Through the development and management of key information security processes.<br> '''True or False: Organizations need process-management tools and resources to help develop and manage these critical information s ...2 KB (305 words) - 17:31, 3 August 2006
- '''''Through the development and management of key information security processes.'''''<br> '''True or False: Organizations need process-management tools and resources to help develop and manage these critical information s ...2 KB (309 words) - 17:34, 3 August 2006
- '''DS 2.2 Supplier Relationship Management'''<br> Formalize the supplier relationship management process for each supplier. The relationship owners must liaise on customer ...3 KB (408 words) - 16:10, 25 June 2006
- ...steering committee (or equivalent) composed of executive, business and IT management to: Determine prioritization of IT-enabled investment programs in line with ...d systems development methodology should be established and implemented by management. This systems development life cycle (SDLC) describes the stages involved i ...4 KB (506 words) - 20:00, 25 June 2006
- ...r [[AES | Advanced Encryption Standard]] (AES) 256-bit with associated key management processes and procedures. :'''PCI-3.6 Fully document and implement all key management processes and procedures, including:'''<br> ...4 KB (635 words) - 11:52, 28 March 2008
- ...ual responsible for the function and which exceptions should be escalated. Management is also responsible to inform affected parties.<br> ...2 KB (289 words) - 13:11, 4 May 2006
- ...ual responsible for the function and which exceptions should be escalated. Management is also responsible to inform affected parties.<br> ...2 KB (289 words) - 12:56, 4 May 2006
- ITIL Incident Management<br> ITIL Incident Management<br> ...2 KB (281 words) - 17:42, 5 May 2006
- ...and availability is compromised because emergency changes are made without management approval.''' ...'']] Emergency change requests are documented and subject to formal change management procedures. ...3 KB (372 words) - 13:56, 23 June 2006
- [[PO1.1:| 1.1 IT Value Management]]<br> [[PO1.6:| 1.6 IT Portfolio Management]]<br> ...4 KB (517 words) - 19:07, 14 June 2007
- '''PO 5.4 Cost Management'''<br> Implement a cost management process comparing actual costs to budgets. Costs should be monitored and re ...2 KB (303 words) - 18:29, 1 May 2006
- ITIL Security Management, Guidelines for Implementing Security Management.<br> ITIL 5.2.1 The role of the security manager ICT Infrastructure Management.<br> ...3 KB (427 words) - 17:58, 1 May 2006
- Encourage IT management to define and execute ` procedures to ensure that the IT continuity plan is ::'''5. PCI-6.4.2 Management sign-off by appropriate parties.''' ...3 KB (436 words) - 14:30, 4 May 2006
- :'''Description of groups, roles, and responsibilities for logical management of network components.'''<br> ...s include a description of groups, roles, and responsibilities for logical management of network components. ...2 KB (265 words) - 12:24, 16 June 2010
- ...n repository and be properly integrated with change management and problem management procedures. '''Rationale —''' Configuration management includes procedures such that security, availability and processing integri ...3 KB (429 words) - 18:55, 25 June 2006
- ...d so security incidents can be properly treated by the incident or problem management process. Characteristics include a description of what is considered a secu :::a. SOX.3.1.1: Management should monitor security incidents and the extent of compliance with informa ...4 KB (548 words) - 14:21, 4 May 2006
- ...izing tasks, error tolerance mechanisms and resource allocation practices. Management should ensure that contingency plans properly address availability, capacit ITIL Service Delivery, Availability Management<br> ...2 KB (284 words) - 14:37, 21 June 2006
- • Computing environment management <br> • Network environment management <br> ...3 KB (360 words) - 16:59, 25 June 2006
- ...r Independent Computer Consultants,[[FN43]] or the Association for Systems Management.[[FN44]] ...2 KB (298 words) - 15:17, 22 February 2009
- Data Processing Management Association, 505 Busse Highway, Park Ridge IL 60068-3191 (312) 825-8124. ...606 bytes (76 words) - 02:57, 5 March 2009
- ...urable and predictable by users to encourage proper use of resources. User management should be able to verify actual usage and charging of services. ITIL Financial Management for IT Services<br> ...2 KB (305 words) - 14:51, 5 May 2006
- ITIL Service Support, Release Management.<br> ITIL Release Management.<br> ...2 KB (296 words) - 17:59, 3 May 2006
- Association for Systems Management, 24587 Bagley Rd., Cleveland, OH 44138 (216) 243-6900. ...516 bytes (62 words) - 03:00, 5 March 2009
- ITIL ICT Infrastructure Management, Operations<br> ITIL 4.6.2 The tools - scheduling tools ICT Infrastructure Management<br> ...3 KB (467 words) - 18:39, 5 May 2006
- '''ME 4.4 Resource Management'''<br> ...current and future strategic objectives and keep up with business demands. Management should put clear, consistent and enforced human resources policies and proc ...2 KB (329 words) - 13:34, 4 May 2006
- ...management are provided in the [[Sample Management Awareness Standard:|'''Management Awareness Standard''']].<br> ...3 KB (418 words) - 19:53, 14 January 2014
- :[[Sample Asset Management Policy:|'''Sample Asset Management Standard''']]<br> :The Asset Management Standard defines objectives for properly managing Information Technology in ...4 KB (581 words) - 17:06, 30 December 2013
- ==Information Security Aspects of Business Continuity Management== ==Business Continuity Management Considerations== ...9 KB (1,274 words) - 00:17, 1 June 2007
- ...list to a control list of exceptions that has been previously certified by management. Any accounts that remain should be investigated as they are most likely po ITIL Service Delivery, Availability Management.<br> ...3 KB (459 words) - 17:56, 21 June 2006
- '''DS 5.4 User Account Management'''<br> ...rmation are contractually arranged for all types of users. Perform regular management review of all accounts and related privileges.<br> ...6 KB (846 words) - 13:52, 4 May 2006
- ITIL IT Service Continuity Management<br> ITIL 7.3.4 Stage 4 - Operational management<br> ...2 KB (324 words) - 14:50, 4 May 2006
- ==AI 4.2 Knowledge Transfer to Business Management== ...rocesses. The knowledge transfer should include access approval, privilege management, segregation of duties, automated business controls, backup/recovery, physi ...3 KB (362 words) - 23:55, 14 June 2007
- :::a. [[SOX.2.0.1:|'''SOX.2.0.1''']] Organizational policies and management procedures are in place to ensure the IT function is controlled properly. ITIL The Business Perspective, Supplier Relationship Management<br> ...3 KB (366 words) - 18:00, 25 April 2007
- ...deviations from expected performance should be identified, and appropriate management action should be initiated and reported.<br> ...2 KB (332 words) - 12:39, 4 May 2006
- ...iew, basis for payment, warranties, arbitration procedures, human resource management and compliance with the organization’s policies.<br> ...2 KB (319 words) - 17:09, 3 May 2006
- ITIL Problem Management <br> ITIL 6.8 Proactive problem management<br> ...2 KB (333 words) - 16:42, 5 May 2006
- ...nts to address: a definition of services; performance measurement; problem management; customer duties; warranties; disaster recovery; termination of agreement.< *[[IT Service Management]] ...3 KB (527 words) - 16:06, 22 March 2007
- ...done on time and on budget, you know it can be a challenge. Learn project management practices that make the e-Discovery process easier. You’ll improve planning ...402 bytes (59 words) - 10:44, 16 March 2010
- ::[[Image:Key-control.jpg]][[PCI-6.4.2:|PCI-6.4.2 Management sign-off by appropriate parties.]]<br> ...mage:Key-control.jpg]][[PCI-6.5.3:|PCI-6.5.3 Broken authentication/session management (use of account credentials and session cookies).]]<br> ...4 KB (578 words) - 18:46, 28 February 2007
- ...ments analysis was performed and appropriately approved (including account management and IT security). Obtain and examine documents associated with requirements ITIL ICT Infrastructure Management, Appendix C.1.<br> ...4 KB (510 words) - 13:54, 1 May 2006
- ITIL Security Management<br> ITIL Security Management Measures<br> ...3 KB (377 words) - 18:52, 4 May 2006
- :::a. [[SOX.3.1.4:|'''SOX.3.1.4''']] Management ensures that authorized access to corporate resources terminated entities o * ISO 17799 9.2 User access management.<br> ...3 KB (366 words) - 16:39, 26 June 2006
- .... While not a control, insurance can be an effective risk mitigation tool. Management should balance controls against business operations requirements, cost, eff ...655 bytes (85 words) - 19:15, 17 April 2007
- ==Incident Management== ...| Service Level Management]] process area. The first goal of the incident management process is to restore a normal service operation as quickly as possible and ...9 KB (1,371 words) - 16:40, 23 May 2007
- Ensure that IT management, working with the business, defines a balanced set of performance objective ITIL ICT Infrastructure Management.<br> ...3 KB (362 words) - 12:33, 4 May 2006
- ...essment and Management Policy:|'''Sample GLBA Vulnerability Assessment and Management Policy''']]<br> :The Vulnerability Assessment and Management Policy is required to comply with GLBA (Interagency Guideline III.E), and b ...4 KB (535 words) - 16:51, 25 July 2006
- '''DS 11.3 Media Library Management System '''<br> ...r [[AES | Advanced Encryption Standard]] (AES) 256-bit with associated key management processes and procedures.''' ...3 KB (401 words) - 11:50, 28 March 2008
- * Statement of general principles and management approach to the use of cryptographic controls ...ough risk assessment, that considers appropriate algorithm selections, key management and other core features of cryptographic implementations ...9 KB (1,170 words) - 14:05, 22 May 2007
- :::a. [[SOX.1.2:|'''SOX.1.2''']] IT management involves users in the design of applications, selection of packaged softwar ...puter operations, which are periodically reviewed, updated and approved by management.<br> ...4 KB (530 words) - 11:58, 23 June 2006
- =='''Vulnerability Management Standard'''== ...jectives for establishing specific standards on the assessment and ongoing management of vulnerabilities.<br> ...9 KB (1,122 words) - 14:12, 1 May 2010
- ...ange processes. The IT process framework should be integrated in a quality management system and the internal control framework.<br> ...DOI A.1''']] Is there an IS steering committee or other evidence that top management is involved in the IS function and, if so, who are the members? Please prov ...5 KB (699 words) - 19:59, 25 June 2006
- ...demands. Enforce a disciplined approach to portfolio, program and project management, insisting that the business takes ownership of all IT-enabled investments ...3 KB (393 words) - 14:35, 21 June 2006
- ...nt practicable and appropriate, make uniform Federal information resources management policies and practices as a means to improve the productivity, efficiency, ...lementing the information collection review process, information resources management, and related policies and guidelines established under this sub-chapter. ...3 KB (414 words) - 10:37, 1 June 2010
- ::5. Users and management should not directly discuss the violation with the individual(s) involved i ...nicated and understood within its respective organizational units. Company management also is responsible for defining, approving, and implementing processes and ...6 KB (857 words) - 12:22, 19 July 2007
- ===Management commitment to information security=== Management at all levels should actively support security within the organization with ...8 KB (996 words) - 12:49, 22 May 2007
- ...The Application Management Life Cycle, 5.2 Requirements ICT Infrastructure Management, Appendix F3, Requirements Analysis.<br> ...4 KB (538 words) - 13:16, 23 June 2006
- ...y policy exists and has been approved by an appropriate level of executive management. ...on and database, and identified security violations are reported to senior management. ...10 KB (1,333 words) - 17:44, 25 June 2006
- '''PO 10.9 Project Risk Management'''<br> ...at have the potential to cause unwanted change. Risks faced by the project management process and the project deliverable should be established and centrally rec ...3 KB (403 words) - 12:37, 23 June 2006
- ...nformation sharing outside of that required for legitimate business needs. Management should obtain signed confidentiality agreements before granting new employe ...hey will protect and the control processes for which they are responsible. Management can take similar steps to ensure contractors and consultants understand the ...10 KB (1,327 words) - 12:54, 10 April 2007
- ...ata classification policy and the enterprise’s media storage practices. IT management should ensure that offsite arrangements are periodically assessed, at least ...puter operations, which are periodically reviewed, updated and approved by management.<br> ...5 KB (700 words) - 18:07, 23 June 2006
- ...he elements of a control environment for IT, aligned with the enterprise’s management philosophy and operating style. These elements include expectations/require ...ments analysis was performed and appropriately approved (including account management and IT security). Obtain and examine documents associated with requirements ...4 KB (580 words) - 18:00, 23 June 2006
- ITIL IT Service Continuity Management<br> ISO 11.1 Aspects of [[Business_Continuity_Management: | business continuity management]]. ...2 KB (297 words) - 18:35, 25 April 2007
- ITIL IT Service Continuity Management.<br> ISO 11.1 Aspects of [[Business_Continuity_Management: | business continuity management]].<br> ...2 KB (303 words) - 18:16, 25 April 2007
- ...tandard in the field of [[Business continuity planning|Business Continuity Management]] (BCM). This standard replaces PAS 56, a publicly available specification, BS 25999 is a Business Continuity Management (BCM) standard published by the British Standards Institution (BSI). ...7 KB (1,040 words) - 10:48, 27 October 2012
- Among the areas top management analyzes are:<br> ...tioned customer KPIs are developed and improved with customer relationship management.<br> ...5 KB (786 words) - 16:48, 22 March 2007
- ...puter operations, which are periodically reviewed, updated and approved by management.<br> ...es in the business. When policies and procedures are changed, determine if management approves such changes. Select a sample of projects and determine that user ...3 KB (432 words) - 12:23, 23 June 2006
- '''DS 11.6 Security Requirements for Data Management '''<br> :::If considered appropriate, for example for cost reasons, management may wish to make use of independently evaluated and certified products. Fur ...5 KB (649 words) - 18:23, 5 May 2006
- ::*[[Sample Asset Management Policy:|'''Sample Asset Management Policy''']]<br> ...y Assessment and Management Policy:|'''Sample Vulnerability Assessment and Management Policy''']]<br> ...10 KB (1,206 words) - 14:05, 1 May 2010
- ...r [[AES | Advanced Encryption Standard]] (AES) 256-bit with associated key management processes and procedures. ...[[AES | Advanced Encryption Standard]] (AES) 256-bit, with associated key management processes and procedures. ...4 KB (486 words) - 11:53, 28 March 2008
- ...anagement procedure. Include periodic review against business needs, patch management and upgrade strategies, risks, vulnerabilities assessment and security requ :::*If considered appropriate, for example for cost reasons, management may wish to make use of independently evaluated and certified products. Fur ...6 KB (819 words) - 13:54, 23 June 2006
- ...us communication program, supported by top management in action and words. Management should give specific attention to communicating IT security awareness and t ...3 KB (442 words) - 18:58, 1 May 2006
- ...ents and files include hidden data, firm-wide understanding about metadata management as a real security concern still lags. ===Controlling and managing metadata with third-party metadata scrubbing and management software.=== ...4 KB (587 words) - 22:52, 15 March 2010
- ...) that are needed to create, implement, and maintain a best practice, risk management-based information security program.<br> ...) that are needed to create, implement, and maintain a best practice, risk management-based Information Security Program.<br> ...5 KB (705 words) - 11:39, 30 May 2015
- :'''Avoid Session Management Pitfalls:''' [[Media:session-management-security.pdf]]<br> ...actices in Configuration Management for Security:''' [[Media:configuration-management-security.pdf]] <br> ...6 KB (839 words) - 16:22, 23 April 2007
- [[AI2.9:| 2.9 Applications Requirements Management]]<br> [[AI4.2:| 4.2 Knowledge Transfer to Business Management]]<br> ...3 KB (341 words) - 19:07, 14 June 2007
- ...Name>''' (the "Company") [[Sample Asset Management Policy:|'''Sample Asset Management Standard''']] defines objectives for establishing specific standards for pr ...tives established in the [[Sample Asset Management Policy:|'''Sample Asset Management Standard''']], and provides specific instructions and requirements for esta ...9 KB (1,213 words) - 13:20, 9 March 2009
- ...puter operations, which are periodically reviewed, updated and approved by management.<br> ITIL ICT Infrastructure Management<br> ...3 KB (471 words) - 12:32, 23 June 2006
- '''DS 2.3 Supplier Risk Management'''<br> ...iness standards in accordance with legal and regulatory requirements. Risk management should further consider non-disclosure agreements (NDA), escrow contracts, ...7 KB (958 words) - 16:01, 25 June 2006
- ...formation systems, a formal evaluation and approval of the test results by management of the affected user department(s) and the IT function. The tests should co :::*If considered appropriate, for example for cost reasons, management may wish to make use of independently evaluated and certified products. Fur ...5 KB (730 words) - 19:05, 17 April 2007
- ...sition, and maintenance process includes numerous risks. Effective project management influences operational risks (also referred to as transactional risks). The ...uctured project management techniques. The section details general project management standards, procedures, and controls and discusses various development, acqu ...12 KB (1,538 words) - 22:41, 25 April 2007
- ...d systems development methodology should be established and implemented by management. This systems development life cycle (SDLC) describes the stages involved i ...puter operations, which are periodically reviewed, updated and approved by management.<br> ...6 KB (804 words) - 12:14, 23 June 2006
- :::a. [[SOX.2.7.10:|'''SOX.2.7.10''']] Management protects sensitive information— logically and physically, in storage and du :::a. [[SOX.2.7.12:|'''SOX.2.7.12''']] Management has implemented a strategy for cyclical backup of data and programs. ...5 KB (721 words) - 11:49, 28 March 2008
- :::a. [[SOX.3.1.1:|'''SOX.3.1.1''']] Management should monitor security incidents and the extent of compliance with informa ISO 8.5 Network management<br> ...4 KB (517 words) - 18:12, 21 June 2006
- ==Security Management== ...urity Management is based on the code of practice for information security management also known as ISO/IEC 17799. ...32 KB (4,804 words) - 14:10, 27 February 2009
- ...ines a DoD-wide formal and standard set of activities, general tasks and a management structure process for the [[Cyber security certification|certification]] an ...2 KB (322 words) - 10:16, 15 April 2012
- ** '''IT [[Project Portfolio Management]]''' - An inventory of current projects being managed by the information te *** Example: Availability of open-source [[learning management system]]s such as [[Moodle]] ...5 KB (777 words) - 17:59, 16 February 2007
- Management should update BCPs as business processes change. For example, financial ins :* Risk management ...5 KB (705 words) - 13:42, 30 May 2007
- '''Rationale —''' Configuration management includes procedures such that security, availability and processing integri ITIL Configuration Management<br> ...4 KB (506 words) - 18:44, 25 June 2006
- '''Rationale —''' Configuration management includes procedures such that security, availability and processing integri :::a. [[SOX.1.2:|'''SOX.1.2''']] IT management involves users in the design of applications, selection of packaged softwar ...4 KB (501 words) - 18:24, 25 June 2006
- ...chnology - Security techniques - Code of practice for information security management''. ...le for initiating, implementing or maintaining [[ISMS|Information Security Management Systems]] (ISMS). Information security is defined within the standard in th ...8 KB (1,111 words) - 10:30, 15 April 2012
- Determine if the management of third-party services has been assigned to appropriate individuals. Revie ...2 KB (285 words) - 18:35, 14 June 2006
- ...usiness applications (including payroll, finance, logistics, and personnel management applications);<br> ...quipment that is used in the automatic acquisition, storage, manipulation, management, movement, control, display, switching, interchange, transmission, or recep ...3 KB (368 words) - 00:50, 1 June 2010
- ...equiring expertise in accounting, fraud examination, [[forensic science]], management science, systems engineering, [[security engineering]], and [[criminology]] ...complete, the IA practitioner then develops a [[Risk Management Plan|risk management plan]]. This plan proposes countermeasures that involve mitigating, elimina ...7 KB (983 words) - 10:41, 15 April 2012
- ...pecified in the [[Sample Management Security Awareness Standard:|'''Sample Management Security Awareness Standard''']].<br> Company management is responsible for ensuring employees within their area of responsibility c ...5 KB (728 words) - 14:07, 1 May 2010
- :::a. [[SOX.2.7.12:|'''SOX.2.7.12''']] Management has implemented a strategy for cyclical backup of data and programs. ...2 KB (280 words) - 19:58, 25 June 2006
- :::a. [[SOX.2.0.8:|'''SOX.2.0.8''']] IT management has established procedures across the organization to protect information s ...2 KB (279 words) - 19:02, 25 June 2006
- :::a. [[SOX.2.7.10:|'''SOX.2.7.10''']] Management protects sensitive information— logically and physically, in storage and du ...2 KB (274 words) - 19:44, 25 June 2006
- ==Communications and Operations Management== ...y and cost effective service to client financial institutions. Institution management should monitor any changes in the current strategies and plans of independe ...19 KB (2,609 words) - 13:51, 23 May 2007
- :::a. [[SOX.2.0.8:|'''SOX.2.0.8''']] IT management has established procedures across the organization to protect information s :::a. SOX.3.1.1: Management should monitor security incidents and the extent of compliance with informa ...8 KB (1,177 words) - 19:00, 25 June 2006
- :::a. [[SOX.2.7.15:|'''SOX.2.7.15''']] Management has established, documented and followed standard procedures for IT operati ITIL ICT Infrastructure Management<br> ...4 KB (522 words) - 20:12, 25 June 2006
- ...ewed for financial reporting systems and subsystems on a periodic basis by management. ...2 KB (292 words) - 17:47, 25 June 2006
- ::'''PCI-12.3.1:''' Explicit management approval to use the devices. ...2 KB (286 words) - 15:19, 2 March 2007
- Determine if the management of third-party services has been assigned to appropriate individuals.<br> ...2 KB (295 words) - 15:33, 25 June 2006
- '''Federal Information Security Management Act (FISMA)''' ...the implementation of and compliance with the Federal Information Security Management Act including: ...9 KB (1,252 words) - 19:19, 19 April 2010
- ITIL Security Management<br> ITIL Security Management Measures<br> ...4 KB (544 words) - 17:11, 5 May 2006
- :::a. [[SOX.1.3:|'''SOX.1.3''']] IT management implements system software that does not jeopardize the security of the dat ...2 KB (303 words) - 19:58, 23 June 2006
- <br>Ensure that security techniques and related management procedures (e.g., firewalls, security appliances, network segmentation, and ...puter operations, which are periodically reviewed, updated and approved by management.<br> ...6 KB (781 words) - 12:31, 23 June 2006
- ..., information about responsibilities for classification of information and management of organizational information facilities that the person may use<br> ===Management responsibilities=== ...10 KB (1,387 words) - 14:04, 22 May 2007
- ...-9.7.2:''' All media sent outside the facility is logged and authorized by management and sent via secured courier or other delivery mechanism that can be tracke ...2 KB (307 words) - 14:24, 2 March 2007
- ...of scenarios have been calculated with risk analysis, the process of risk management can be applied to help manage the risk. ...1 KB (215 words) - 18:32, 13 April 2007
- 1.Inquire as to the type of information that is used by management to determine the completeness and timeliness of system and data processing. ...2 KB (301 words) - 20:18, 25 June 2006
- ...hird party’s financial stability, skill and knowledge of the systems under management, and controls over security, availability and processing integrity. ...2 KB (302 words) - 15:57, 25 June 2006
- ...the agencies and revised, if necessary, based on examiner feedback. Senior management of each agency performed the final review and approval and then formally re :* IT Management ...15 KB (2,060 words) - 17:47, 15 June 2007
- ...s and standards) that are needed to create, implement, and maintain a risk management-based Information Security Program that complies with SOX Section 404.<br> ...1 KB (204 words) - 13:03, 14 July 2006
- ::* Requirement for an authorization form that is signed by management and specifies required privileges. ...2 KB (314 words) - 14:09, 1 March 2007
- ...tify trends in usage, particularly in relation to business applications or management information system tools. Managers should use this information to identify ITIL 4.5 Establishing the IS direction ICT Infrastructure Management, Design and Planning.<br> ...4 KB (586 words) - 01:37, 1 May 2006
- '''DS 11.1 Business Requirements for Data Management '''<br> ...2 KB (244 words) - 17:51, 5 May 2006
- :a. [[SOX.2.1.5.18:|'''SOX.2.1.5.18''']] Routing protocols are approved by management.<br> ...9''']] Unauthorized network tapping does not occur without the approval of management.<br> ...7 KB (901 words) - 13:44, 23 June 2006
- '''DS 5.3 Identity Management'''<br> ...iness needs and job requirements. User access rights are requested by user management, approved by system owner and implemented by the security-responsible perso ...6 KB (870 words) - 18:08, 21 June 2006
- '''Risk assessment''' is a step in the [[risk management]] process. Risk assessment is [[measurement|measuring]] two quantities of Risk assessment may be the most important step in the risk management process, and may also be the most difficult and prone to error. Once risks ...10 KB (1,633 words) - 16:03, 22 December 2007
- ::'''PCI-6.4.2:''' Obtain evidence that management sign-off by appropriate parties is present for each sampled change.<br> ...2 KB (307 words) - 18:42, 28 February 2007
- :a. [[SOX.2.1.4.18:|'''SOX.2.1.4.18''']] Routing protocols are approved by management.<br> ...9''']] Unauthorized network tapping does not occur without the approval of management.<br> ...7 KB (901 words) - 13:43, 23 June 2006
- Determine if the management of third-party services has been assigned to appropriate individuals.<br> ...3 KB (335 words) - 14:05, 26 February 2007
- ...jectives for establishing specific standards on the assessment and ongoing management of wireless technologies utilized for the extension of network infrastructu ==Access Point Management== ...8 KB (1,123 words) - 16:01, 2 August 2009
- ...nicated and understood within its respective organizational units. Company management also is responsible for defining, approving, and implementing processes and ...are responsible for reporting software copyright violations and misuse to management, and cooperating with official Company security investigations relating to ...7 KB (953 words) - 14:13, 1 May 2010
- ::'''PCI-12.7:''' Inquire of Human Resource department management and determine that there is a process in place to perform background checks ...2 KB (319 words) - 20:10, 2 March 2007
- ITIL Financial Management for IT Services<br> ...2 KB (258 words) - 14:48, 5 May 2006
- ==Information Technology Management Reform Act of 1996== ...ision E: Information Technology Management Reform - Information Technology Management Reform Act of 1996 - Title LI (sic): Responsibility for Acquisitions of Inf ...10 KB (1,502 words) - 19:27, 4 April 2010
- ITIL ICT Infrastructure Management.<br> ...2 KB (263 words) - 12:37, 4 May 2006
- ...f making data unavailable should anything go wrong with data handling, key management, or the actual encryption. For example, a loss of encryption keys or other # Effective key management practices ...13 KB (2,019 words) - 11:46, 28 March 2008
- Ensure that quality management focuses on customers by determining their requirements and aligning them to ...2 KB (273 words) - 20:01, 1 May 2006
- ::'''(C)''' ensuring that information security management processes are integrated with agency strategic and operational planning pro ::'''(A)''' shall include testing of management, operational, and technical controls of every information system identified ...10 KB (1,576 words) - 12:50, 4 June 2010
- ==PO 1.1 IT Value Management== ...d systems development methodology should be established and implemented by management. This systems development life cycle (SDLC) describes the stages involved i ...6 KB (847 words) - 17:21, 25 April 2007
- ==Software Configuration Management== Software Configuration Management (SCM) is the discipline whose objective is to identify the configuration of ...22 KB (3,132 words) - 19:07, 17 April 2007