final
Classified in Economy
Written at on English with a size of 8.61 KB.
Tweet |
The new modernized COSO Framework will affect business in three big ways by:
*Articulating the role of a company when outsourcing. While today´s Businesses
can outsource many activities, they can, never outsource responsibility
*Putting fraud right out in the forefront. A business´s control Structure must now
address issues of fraud directly.
*Highlighting the critical nature of IT. Information technology is a Needed component
that cannot be avoided in today´s business environment. Let´s face it, We simply
don’t use manual ledgers anymore.-----
Local Data Protection Approaches
*File Encryption
Laptops
Desktops
*Full Disk Encryption
Laptops
Desktops
*Encryption of Removable Media
USB-enabled Devices –Flash Drivers, iPod, Bluetooth devices,
Thumb Drives, Hard Disks
CD/DVD Writers
*Password and PIN Controls
Blackberry
Other PDA Devices
*Standards and guidelines for data Classification, usage and protection,
Access Control and Encryption-----------------
Security in the cloud
Responsibility for security Resides with company owning the data
Firms must ensure providers Provide adequate protection:
Where data Are stored
Meeting Corporate requirements, legal privacy laws
Segregation Of data from other clients
Audits and security certifications
Service level agreements (SLAs)-----------------------
These are not the same thing
Business Continuity (BC): Considers the academic, research and business
Functioning of the institution as A whole. Includes risk assessment, and plans for
functional units and business Processes. Potentially wider variety of scenarios to
consider.
Disaster Recovery (DR): It activities to enable recovery to an Acceptable condition
after a disaster. BC includes DR.DR requires guidance form BC to Direct priorities
and set scope.-------------------
Why do outsorcing? Survey Results
Key drivers for Outsorcing (Survey Results)
Acces best In class busness processes
Harness Leading technologes
Increase Efficiencies
Enhance Capabilities
Expand Service
Enrich Customer relations
Improve Supplier relations
Free up management Time
Decrease Operating costs
What is service Level Agreement (SLA)?
A performance-based technique where a written agreement is established between
the customer and service provider That defines key service objectives, metrics, and
acceptable quality levels(AQLs)
Primarily Used in information technology (IT) procurements
Expanding Into other sustainment-type services
Why adopt ITIL?
It aligns with IT business goals and service objectives
It is process driven, scalable And flexible
Reduce IT cost yet providing optimal services
Increase relationship and communication among different departments, Employees
, customers and users
Successfully adapted by HP, IBM, PG, Shell Oil, Boeing, Microsoft, P&G State of CA.
What is Green Computing?
Green computing is the practice Of using computing resources efficiently
Designing. Manufacturing and disposing Computer servers with no impact On
the environment
To reduce the use of Hazardous materials, maximize energy efficiency
during products lifetime
COBIT ITIL
Control Focused Strong Concentration on processes
Uses IT metrics Security is very important component
Used by auditors Focused On Service Delivery
Critical Success Factors