IT Governance Archive
As a framework in your business, governing your IT effectively helps ensure your organisation’s IT infrastructure supports and enables the corporate strategies and objectives. But problems can arise that constantly affect critical functions within your IT: Your staff are constantly …
These days, organisations face a range of evolving cyber threats. The healthcare sector has a particularly hard time, as it needs to deal with more risks than most. Not only do OES (operators of essential services) such as NHS organisations …
The world is changing rapidly and cyber threats are becoming more frequent and severe. Most cyber attacks are automated and indiscriminate, exploiting known vulnerabilities rather than targeting specific organisations. While most organisations believe that their information security systems are secure, …
An ISO 27001-compliant ISMS requires ongoing maintenance and review to meet the Standard’s requirements in clauses 8 and 9. The internal audit is an essential element of this process that must be carried out as described in clause 9.2 of …
Healthcare was the hardest-hit industry in terms of the number of breaches in the first half of 2017, according to the Gemalto Breach Level Index report, suffering 228 data breaches that resulted in 31 million stolen records. One of the …
The International Accreditation Forum (IAF) has confirmed that accredited ISO 9001:2008 certifications will not be valid after September 2018. The IAF is encouraging buyers to check the expiration date of their suppliers’ ISO 9001 certificates, saying that “this will become …
Less than 15 months remain for organisations to make sure their documentation is compliant with the requirements of ISO 14001:2015 and in place. ISO 14001:2015 was published in September 2015, and organisations were given a three-year transition period to adopt the …
There is no doubt that the boards of most enterprises are becoming increasingly aware of the risks posed by cyber crime. The board is, of course, responsible for information security governance in relation to protecting assets, fiduciary aspects, risk management, …
With data security concerns moving to the top of the corporate risk agenda, organisations are seeking better ways of controlling the key security risks in their supply chain. This is especially true for complex supply chains, which can span multiple …
If you’re responsible for developing or delivering your organisation’s IT services, or are involved in IT governance, regulatory compliance or risk management, you’ll probably benefit from gaining a COBIT® 5 qualification. COBIT 5 is the leading framework for the governance …