A code of practice for effective information security risk management using COBIT 5

机译：使用Cobit 5的有效信息安全风险管理的实践准则

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

A low-level code of practice is presented in this paper to help information security (IS) risk management professionals manage enterprise IS risks effectively and efficiently using COBIT 5 framework1. The proposed code of practice is the result of the experience gained by the authors over years through working with clients in many industries implementing IS risk management using different international standards and frameworks. COBIT 5 is supposed to serve as an umbrella framework that integrates knowledge and practice of many other standards and frameworks. However, COBIT 5, like many other frameworks, lacks detailed guidelines at the low-level activities carried out during IT risk management. This code of practice is proposed to fill in this gap. The recommended guidelines and activities have been successfully used in real-world IS risk management projects.

机译：本文提出了低级别的实践准则，以帮助信息安全（IS）风险管理专业人员管理企业的风险有效，有效地使用Cobit 5 Framework1。拟议的实践守则是作者通过在利用不同国际标准和框架的风险管理的许多行业的客户与客户合作的多年来的经验。 COBIT 5应该作为一个伞形框架，整合许多其他标准和框架的知识和实践。然而，与许多其他框架一样，Cobit 5缺乏在IT风险管理期间开展的低级活动的详细指导。提出了这种惯例弥补了这一差距。建议的指导方针和活动已成功用于现实世界中是风险管理项目。

著录项

来源
《International Conference on Information Security and Cyber Forensics》|2015年||共7页
会议地点
作者
Walid Al-Ahmad; Basil Mohammed;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类安全保密;
关键词
COBIT 5; Information Security; Practical Guidelines; Risk Management; Risk Management Processes;

机译：Cobit 5;信息安全;实用指南;风险管理;风险管理流程;

相似文献

外文文献
中文文献
专利

1. EVALUATION OF INFORMATION SECURITY RISK MANAGEMENT USING COBIT 5 SUBDOMAIN EDM03 (ENSURE RISK OPTIMIZATION) [J] . Fransisca Tiarawati Riadi, Augie David Manuputty, Alhadi Saputra Jurnal Terapan Teknologi Informasi: JUTEI . 2018,第1期

机译：使用COBIT 5子域EDM03评估信息安全风险管理（确保风险优化）
2. Incorporating COBIT Best Practices in PCI DSS V2.0 for Effective Compliance [J] . Mathew Nicho ISACA journal . 2012,第期

机译：将COBIT最佳实践纳入PCI DSS V2.0中以实现有效合规
3. Cybersecurity resiliency of marine renewable energy systems part 2: Cybersecurity best practices and risk management [J] . F.A. de Peralta, M.D. Watson, R.M. Bays Oceanographic Literature Review . 2021,第7期

机译：海洋可再生能源系统的网络安全弹性第2部分：网络安全最佳实践和风险管理
4. A code of practice for effective information security risk management using COBIT 5 [C] . Walid Al-Ahmad, Basil Mohammed 2015 Second International Conference on Information Security and Cyber Forensics . 2015

机译：使用COBIT 5进行有效信息安全风险管理的行为准则
5. Critical success factors for an effective security risk management program in an organization: An exploratory case study. [D] . Zafar, Humayun. 2010

机译：组织中有效的安全风险管理程序的关键成功因素：探索性案例研究。
6. Biosafety and biosecurity requirements for Orientia spp. diagnosis and research: recommendations for risk-based biocontainment work practices and the case for reclassification to risk group 2 [O] . Stuart D. Blacksell, Matthew T. Robinson, Paul N. Newton, 2019

机译：Orientia spp的生物安全和生物安全要求。诊断和研究：基于风险的生物遏制工作实践的建议以及将其重新归类为风险组2的案例
7. Risk Management Analysis Using COBIT 4.1 at Vehicle Testing Management Information System [O] . Resad Setyadi, Septian Anggoro 2021

机译：使用Cobit 4.1在车辆测试管理信息系统中的风险管理分析
8. Acquisition Program Risk Management: Does the Department of Defense Risk Management Practices Guide Provide an Effective Risk Tool for Program Managers in Today's Acquisition Environment. [R] . Lyons, R. C. 2012

机译：采购计划风险管理：国防部风险管理实践指南是否为今天的采购环境中的计划管理者提供了有效的风险工具。

A code of practice for effective information security risk management using COBIT 5

摘要

著录项

相似文献

相关主题

期刊订阅