Technology is becoming the solution to every business problem. As such, we need to implement our solutions faster, more securely, and moreover continually deliver “easy to use” (i.e. intuitive) system solutions. Did I mention our enterprise solutions has to also protect the privacy of both our organization’s and our organization’s clients’ information. We live in interesting times.
Have another great week.
1. Making Security Governance Investment Decisions – A Dashboard Approach
This article presents one approach for selecting security governance investments using business-based criteria. The approach and supporting tool define seven decision criteria categories, each supported by three or more indicators.
https://buildsecurityin.us-cert.gov/daisy/bsi/articles/best-practices/management/985-BSI.html
2. Information Quality and Technology
Studies suggest that business decision-makers, including directors and managers, struggle to gain access to high-quality, reliable information that influences financial performance. In some cases, technology may not be used adequately in support of governance, risk, and compliance processes. Controls and procedures that are still primarily manual may leave too much room for human inefficiency, error, and transgressions. As a result, decision-makers must spend additional time reconciling disparate, nonintegrated business processes and systems.
https://www.corpgov.deloitte.com/site/us/menuitem.46fa90d8eae6885c7312cd756cdf8a0c/
3. GTAG 10 - Business Continuity Management
This GTAG focuses on how business continuity management (BCM) is designed to enable business leaders to manage the level of risk the organization could encounter in the case of a natural or man-made disruptive event that affects the extended operability of the organization.
http://www.theiia.org/guidance/technology/gtag/gtag10/
4. Talking about Change
There is an old axiom that suggests that humans naturally resist change. If you believe this is true, offer someone a raise and see how much resistance he or she puts up. People don’t resist change per se; they resist change that they fear will cause them problems. That’s why it’s so important to create an atmosphere of open and honest dialogue during a company-wide change initiative. http://www.vitalsmarts.com/userfiles/File/newsletter/Newsletter%20030106QA.html
5. 20 Questions Directors Should Ask About IT
Information technology is a critical part of an organization's internal control and management information system. Ensuring its integrity is an important responsibility for board members.
ITAC has compiled 20 key questions about IT that should be asked about:
- Strategic planning and technology trends
- performance and personnel issues
- internal control issues
- risk and security
- information privacy
- e-business
-