SlideShare uma empresa Scribd logo

Welingkar Presentation On Cobit And Iso 1799 And Bs 7799

Transferir como PPTX, PDF
Abhinav Goyal
Abhinav Goyal

This presentation, I along with my team mates........ Vishal, Anju, Sonali, Shivangi, Charu, Khyati and Shreeya made to Anand Jangid Sir....... in respect with the subject Governance & Compliance in Trimester 5 in MBA from welingkar on 18th Sept 2009

EducaçãoTecnologiaNegócios
1 de 25
Information Security Governance: COBIT or ISO 17799/ BS 7799 Presented by- Abhinav Goyal AnjuBhadoria Charu Sharma Khyati Shah Shivangi Gupta ShreeyaDhingra Sonali Gupta Vishal Jain
Fundamentals…. History Of Cobit ,[object Object]
1st Edition in 1996
2nd Edition in 1998
3rd Edition in 2000
4th Edition in 2005
IT Governance and its importance
International StandardsCobit is developed by ISACA and the IT Governance Institute (ITGI) in order to implement IT Governance in organizations Control Objectives for Information and Related Technology.
[object Object]
Proactive, Not Reactive!
Adaptable to Organizations
Common Sense – maximize benefits of IT while providing IT governance and control.Executive Summary - “There is a method…” Framework - “The method is…” Control Objectives - “The minimum controls are…” Audit Guidelines - “Here’s how you audit…” Management Guidelines - “Here’s how you measure your performance…” Implementation Guide - “Here’s how you implement…” The Cobit Model
Cobit Framework ,[object Object]
Plan & Organize (PO)
Acquire & Implement (AI)
Deliver & Support (DS)
Monitor & Evaluate (ME)
34 High Level Control Objectives
215 Detailed Control Objectives ,[object Object]
Information Criteria: Effectiveness Efficiency Confidentiality Integrity Availability Compliance Reliability Business Processes PO1 Define a Strategic IT Plan PO2 Define the Information Architecture PO3 Determine Technological Direction PO4 Define the IT Organization and Relationships PO5 Manage the IT Investment PO6 Communicate Management Aims and Direction PO7 Manage Human Resources PO8 Ensure Compliance with External Requirements PO9 Assess Risks PO10 Manage Projects PO11 Manage Quality IT Resources Data Applications Technology Facilities People ME1 Monitor the Process ME2 Assess Internal Control Adequacy ME3 Obtain Independent Assurance ME4 Provide for Independent Audit Monitor & Evaluate Plan & Organize DS1 Define and Manage Service Levels DS2 Manage Third-Party Services DS3 Manage Performance and Capacity DS4 Ensure Continuous Service DS5 Ensure Systems Security DS6 Identify and Allocate Costs DS7 Educate and Train Users DS8 Assist and Advise Customers DS9 Manage the Configuration DS10 Manage Problems and Incidents DS11 Manage Data DS12 Manage Facilities DS13 Manage Operations Deliver & Support Acquire & Implement AI1 Identify Automated Solutions AI2 Acquire and Maintain Application Software AI3 Acquire and Maintain Technology Infrastructure AI4 Develop and Maintain Procedures AI5 Install and Accredit Systems AI6 Manage Changes
[object Object]
Describes what needs to be taken into account when making IT related decisions and investments; helps balance risk and control investment.
IT Providers
Provides clear expectations on minimum controls in IT environments
IT Users

Recomendados

PECB Certified ISO 27001:2013 Lead Implementer by Kinverg
PECB Certified ISO 27001:2013 Lead Implementer by KinvergPECB Certified ISO 27001:2013 Lead Implementer by Kinverg
PECB Certified ISO 27001:2013 Lead Implementer by Kinverg
Kinverg
 
information system and computers
information system and computersinformation system and computers
information system and computers
9535814851
 
CObIT
CObITCObIT
CObIT
Sophia Abigayle
 
Security Culture
Security CultureSecurity Culture
Security Culture
PLN9 Security Services Pvt. Ltd.
 
Creating an effective cyber security awareness programme
Creating an effective cyber security awareness programmeCreating an effective cyber security awareness programme
Creating an effective cyber security awareness programme
IT Governance Ltd
 
Steps to iso 27001 implementation
Steps to iso 27001 implementationSteps to iso 27001 implementation
Steps to iso 27001 implementation
Ralf Braga
 
7 Key Problems to Avoid in ISO 27001 Implementation
7 Key Problems to Avoid in ISO 27001 Implementation7 Key Problems to Avoid in ISO 27001 Implementation
7 Key Problems to Avoid in ISO 27001 Implementation
PECB
 
Staff awareness: developing a security culture
Staff awareness: developing a security cultureStaff awareness: developing a security culture
Staff awareness: developing a security culture
IT Governance Ltd
 

Recomendados

PECB Certified ISO 27001:2013 Lead Implementer by Kinverg
PECB Certified ISO 27001:2013 Lead Implementer by KinvergPECB Certified ISO 27001:2013 Lead Implementer by Kinverg
PECB Certified ISO 27001:2013 Lead Implementer by Kinverg
Kinverg
 
information system and computers
information system and computersinformation system and computers
information system and computers
9535814851
 
CObIT
CObITCObIT
CObIT
Sophia Abigayle
 
Security Culture
Security CultureSecurity Culture
Security Culture
PLN9 Security Services Pvt. Ltd.
 
Creating an effective cyber security awareness programme
Creating an effective cyber security awareness programmeCreating an effective cyber security awareness programme
Creating an effective cyber security awareness programme
IT Governance Ltd
 
Steps to iso 27001 implementation
Steps to iso 27001 implementationSteps to iso 27001 implementation
Steps to iso 27001 implementation
Ralf Braga
 
7 Key Problems to Avoid in ISO 27001 Implementation
7 Key Problems to Avoid in ISO 27001 Implementation7 Key Problems to Avoid in ISO 27001 Implementation
7 Key Problems to Avoid in ISO 27001 Implementation
PECB
 
Staff awareness: developing a security culture
Staff awareness: developing a security cultureStaff awareness: developing a security culture
Staff awareness: developing a security culture
IT Governance Ltd
 
Cobit
CobitCobit
Cobit
ifourkhushbooshah
 
ISO 27001 Certification - The Benefits and Challenges
ISO 27001 Certification - The Benefits and ChallengesISO 27001 Certification - The Benefits and Challenges
ISO 27001 Certification - The Benefits and Challenges
Certification Europe
 
GDPR compliance: getting everyone in the organisation on board
GDPR compliance: getting everyone in the organisation on boardGDPR compliance: getting everyone in the organisation on board
GDPR compliance: getting everyone in the organisation on board
IT Governance Ltd
 
ISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process Overview
Shankar Subramaniyan
 
COBIT5 Introduction
COBIT5 IntroductionCOBIT5 Introduction
COBIT5 Introduction
Mohammad Reda Katby
 
Cyber Essentials plays a key role in the Cyber Resilience Strategy for Scotla...
Cyber Essentials plays a key role in the Cyber Resilience Strategy for Scotla...Cyber Essentials plays a key role in the Cyber Resilience Strategy for Scotla...
Cyber Essentials plays a key role in the Cyber Resilience Strategy for Scotla...
IT Governance Ltd
 
Iso 27001 in images - sample slides from different levels of training, e.g. F...
Iso 27001 in images - sample slides from different levels of training, e.g. F...Iso 27001 in images - sample slides from different levels of training, e.g. F...
Iso 27001 in images - sample slides from different levels of training, e.g. F...
Stratos Lazaridis
 
Standardization of IT Processes
Standardization of IT ProcessesStandardization of IT Processes
Standardization of IT Processes
Natarajan V
 
Iso 27001 isms presentation
Iso 27001 isms presentationIso 27001 isms presentation
Iso 27001 isms presentation
Midhun Nirmal
 
ISO 27001:2013 - A transition guide
ISO 27001:2013 - A transition guideISO 27001:2013 - A transition guide
ISO 27001:2013 - A transition guide
Verde Ventures Pvt. Ltd.
 
Damco iso 27001
Damco iso 27001Damco iso 27001
Damco iso 27001
Dipin Sharma
 
ISMS implementation challenges-KASYS
ISMS implementation challenges-KASYSISMS implementation challenges-KASYS
ISMS implementation challenges-KASYS
Reza Teynia ISMS, ITSM, MSc
 
CobiT Foundation Free Training
CobiT Foundation Free TrainingCobiT Foundation Free Training
CobiT Foundation Free Training
EnterpriseGRC Solutions, Inc.
 
COBIT 5 - Principal 3 Applying A Single Integrated Framework
COBIT 5 - Principal 3 Applying A Single Integrated FrameworkCOBIT 5 - Principal 3 Applying A Single Integrated Framework
COBIT 5 - Principal 3 Applying A Single Integrated Framework
Mohammad Reda Katby
 
Project plan for ISO 27001
Project plan for ISO 27001Project plan for ISO 27001
Project plan for ISO 27001
technakama
 
Business Continuity Management: How to get started
Business Continuity Management: How to get startedBusiness Continuity Management: How to get started
Business Continuity Management: How to get started
IT Governance Ltd
 
IT Governance & ISO 38500
IT Governance & ISO 38500IT Governance & ISO 38500
IT Governance & ISO 38500
Ramiro Cid
 
Cobit & ISO 27002 Governance Topology
Cobit & ISO 27002 Governance TopologyCobit & ISO 27002 Governance Topology
Cobit & ISO 27002 Governance Topology
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
IT Control Objectives Framework, A Relationship Between COSO Cobit and ITIL
IT Control Objectives Framework, A Relationship Between COSO Cobit and ITILIT Control Objectives Framework, A Relationship Between COSO Cobit and ITIL
IT Control Objectives Framework, A Relationship Between COSO Cobit and ITIL
Alfid Ardyanto
 
Iso 27001 audits_guide
Iso 27001 audits_guideIso 27001 audits_guide
Iso 27001 audits_guide
Rico Firmansyah
 
Ministerio del Interior - Presentación norma iso 17799
Ministerio del Interior - Presentación norma iso 17799Ministerio del Interior - Presentación norma iso 17799
Ministerio del Interior - Presentación norma iso 17799
Cuidando mi Automovil
 
USWNT Sponsorship
USWNT SponsorshipUSWNT Sponsorship
USWNT Sponsorship
Liliauna Bonora
 

Mais conteúdo relacionado

Mais procurados

Iso 27001 in images - sample slides from different levels of training, e.g. F...
Iso 27001 in images - sample slides from different levels of training, e.g. F...Iso 27001 in images - sample slides from different levels of training, e.g. F...
Iso 27001 in images - sample slides from different levels of training, e.g. F...
Stratos Lazaridis
 

Mais procurados (20)

Cobit
CobitCobit
Cobit
 
ISO 27001 Certification - The Benefits and Challenges
ISO 27001 Certification - The Benefits and ChallengesISO 27001 Certification - The Benefits and Challenges
ISO 27001 Certification - The Benefits and Challenges
 
GDPR compliance: getting everyone in the organisation on board
GDPR compliance: getting everyone in the organisation on boardGDPR compliance: getting everyone in the organisation on board
GDPR compliance: getting everyone in the organisation on board
 
ISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process Overview
 
COBIT5 Introduction
COBIT5 IntroductionCOBIT5 Introduction
COBIT5 Introduction
 
Cyber Essentials plays a key role in the Cyber Resilience Strategy for Scotla...
Cyber Essentials plays a key role in the Cyber Resilience Strategy for Scotla...Cyber Essentials plays a key role in the Cyber Resilience Strategy for Scotla...
Cyber Essentials plays a key role in the Cyber Resilience Strategy for Scotla...
 
Iso 27001 in images - sample slides from different levels of training, e.g. F...
Iso 27001 in images - sample slides from different levels of training, e.g. F...Iso 27001 in images - sample slides from different levels of training, e.g. F...
Iso 27001 in images - sample slides from different levels of training, e.g. F...
 
Standardization of IT Processes
Standardization of IT ProcessesStandardization of IT Processes
Standardization of IT Processes
 
Iso 27001 isms presentation
Iso 27001 isms presentationIso 27001 isms presentation
Iso 27001 isms presentation
 
ISO 27001:2013 - A transition guide
ISO 27001:2013 - A transition guideISO 27001:2013 - A transition guide
ISO 27001:2013 - A transition guide
 
Damco iso 27001
Damco iso 27001Damco iso 27001
Damco iso 27001
 
ISMS implementation challenges-KASYS
ISMS implementation challenges-KASYSISMS implementation challenges-KASYS
ISMS implementation challenges-KASYS
 
CobiT Foundation Free Training
CobiT Foundation Free TrainingCobiT Foundation Free Training
CobiT Foundation Free Training
 
COBIT 5 - Principal 3 Applying A Single Integrated Framework
COBIT 5 - Principal 3 Applying A Single Integrated FrameworkCOBIT 5 - Principal 3 Applying A Single Integrated Framework
COBIT 5 - Principal 3 Applying A Single Integrated Framework
 
Project plan for ISO 27001
Project plan for ISO 27001Project plan for ISO 27001
Project plan for ISO 27001
 
Business Continuity Management: How to get started
Business Continuity Management: How to get startedBusiness Continuity Management: How to get started
Business Continuity Management: How to get started
 
IT Governance & ISO 38500
IT Governance & ISO 38500IT Governance & ISO 38500
IT Governance & ISO 38500
 
Cobit & ISO 27002 Governance Topology
Cobit & ISO 27002 Governance TopologyCobit & ISO 27002 Governance Topology
Cobit & ISO 27002 Governance Topology
 
IT Control Objectives Framework, A Relationship Between COSO Cobit and ITIL
IT Control Objectives Framework, A Relationship Between COSO Cobit and ITILIT Control Objectives Framework, A Relationship Between COSO Cobit and ITIL
IT Control Objectives Framework, A Relationship Between COSO Cobit and ITIL
 
Iso 27001 audits_guide
Iso 27001 audits_guideIso 27001 audits_guide
Iso 27001 audits_guide
 

Destaque

Gestao da politica de segurança e operação da informacao
Gestao da politica de segurança e operação da informacaoGestao da politica de segurança e operação da informacao
Gestao da politica de segurança e operação da informacao
Rui Gomes
 
Information security in healthcare - a perspective on EMR Security
Information security in healthcare - a perspective on EMR SecurityInformation security in healthcare - a perspective on EMR Security
Information security in healthcare - a perspective on EMR Security
Madhav Chablani
 
งานนำเสนอ1
งานนำเสนอ1งานนำเสนอ1
งานนำเสนอ1
wannis
 
AQA English - Unit 1 Understanding non-fiction texts
AQA English - Unit 1 Understanding non-fiction textsAQA English - Unit 1 Understanding non-fiction texts
AQA English - Unit 1 Understanding non-fiction texts
missbec
 
Melbourne Geek Night - Boot to Gecko – The Web as a Platform
Melbourne Geek Night - Boot to Gecko – The Web as a PlatformMelbourne Geek Night - Boot to Gecko – The Web as a Platform
Melbourne Geek Night - Boot to Gecko – The Web as a Platform
Robin Hawkes
 

Destaque (20)

Ministerio del Interior - Presentación norma iso 17799
Ministerio del Interior - Presentación norma iso 17799Ministerio del Interior - Presentación norma iso 17799
Ministerio del Interior - Presentación norma iso 17799
 
USWNT Sponsorship
USWNT SponsorshipUSWNT Sponsorship
USWNT Sponsorship
 
M014 Confluence Presentation 08 15 06
M014 Confluence Presentation 08 15 06M014 Confluence Presentation 08 15 06
M014 Confluence Presentation 08 15 06
 
Gestao da politica de segurança e operação da informacao
Gestao da politica de segurança e operação da informacaoGestao da politica de segurança e operação da informacao
Gestao da politica de segurança e operação da informacao
 
Iso 17799
Iso 17799Iso 17799
Iso 17799
 
Healthcare Security Essentials jean pawluk april 28 2011
Healthcare Security Essentials jean pawluk april 28 2011 Healthcare Security Essentials jean pawluk april 28 2011
Healthcare Security Essentials jean pawluk april 28 2011
 
Information security in healthcare - a perspective on EMR Security
Information security in healthcare - a perspective on EMR SecurityInformation security in healthcare - a perspective on EMR Security
Information security in healthcare - a perspective on EMR Security
 
Norma iso 27000
Norma iso 27000Norma iso 27000
Norma iso 27000
 
ISO 27001
ISO 27001ISO 27001
ISO 27001
 
Back To The Real World
Back To The Real WorldBack To The Real World
Back To The Real World
 
040126 Content Weg Meital Presentation
040126 Content Weg Meital Presentation040126 Content Weg Meital Presentation
040126 Content Weg Meital Presentation
 
งานนำเสนอ1
งานนำเสนอ1งานนำเสนอ1
งานนำเสนอ1
 
Hw fdb(2)
Hw fdb(2)Hw fdb(2)
Hw fdb(2)
 
AQA English - Unit 1 Understanding non-fiction texts
AQA English - Unit 1 Understanding non-fiction textsAQA English - Unit 1 Understanding non-fiction texts
AQA English - Unit 1 Understanding non-fiction texts
 
Melbourne Geek Night - Boot to Gecko – The Web as a Platform
Melbourne Geek Night - Boot to Gecko – The Web as a PlatformMelbourne Geek Night - Boot to Gecko – The Web as a Platform
Melbourne Geek Night - Boot to Gecko – The Web as a Platform
 
Re Final
Re FinalRe Final
Re Final
 
Extreme Time Management
Extreme Time ManagementExtreme Time Management
Extreme Time Management
 
Ettore
EttoreEttore
Ettore
 
050512 Knesset Jerusalem Declarationeva Minerva Knesset
050512 Knesset Jerusalem Declarationeva Minerva Knesset050512 Knesset Jerusalem Declarationeva Minerva Knesset
050512 Knesset Jerusalem Declarationeva Minerva Knesset
 
Majalah INFO-UFO no 04
Majalah INFO-UFO no 04Majalah INFO-UFO no 04
Majalah INFO-UFO no 04
 

Semelhante a Welingkar Presentation On Cobit And Iso 1799 And Bs 7799

Comparison of it governance framework-COBIT, ITIL, BS7799
Comparison of it governance framework-COBIT, ITIL, BS7799Comparison of it governance framework-COBIT, ITIL, BS7799
Comparison of it governance framework-COBIT, ITIL, BS7799
Meghna Verma
 
Feb 26 NETP Slide Deck
Feb 26 NETP Slide DeckFeb 26 NETP Slide Deck
Feb 26 NETP Slide Deck
ddcomeau
 
Governance and management of IT.pptx
Governance and management of IT.pptxGovernance and management of IT.pptx
Governance and management of IT.pptx
Prashant Singh
 
Principal 4 Enabling A Holistic Approach
Principal 4 Enabling A Holistic ApproachPrincipal 4 Enabling A Holistic Approach
Principal 4 Enabling A Holistic Approach
Mohammad Reda Katby
 
Gs Us Roadmap For A World Class Information Security Management System– Isoie...
Gs Us Roadmap For A World Class Information Security Management System– Isoie...Gs Us Roadmap For A World Class Information Security Management System– Isoie...
Gs Us Roadmap For A World Class Information Security Management System– Isoie...
Tammy Clark
 
Compliance Framework
Compliance FrameworkCompliance Framework
Compliance Framework
barnetdh
 
Marcos cobi t -e-itil-v040811
Marcos cobi t -e-itil-v040811Marcos cobi t -e-itil-v040811
Marcos cobi t -e-itil-v040811
faau09
 
201306 CIO NET The Value of IT Frameworks
201306 CIO NET The Value of IT Frameworks201306 CIO NET The Value of IT Frameworks
201306 CIO NET The Value of IT Frameworks
Francisco Calzado
 

Semelhante a Welingkar Presentation On Cobit And Iso 1799 And Bs 7799 (20)

Comparison of it governance framework-COBIT, ITIL, BS7799
Comparison of it governance framework-COBIT, ITIL, BS7799Comparison of it governance framework-COBIT, ITIL, BS7799
Comparison of it governance framework-COBIT, ITIL, BS7799
 
Process
ProcessProcess
Process
 
Frameworks For Predictability
Frameworks For PredictabilityFrameworks For Predictability
Frameworks For Predictability
 
Feb 26 NETP Slide Deck
Feb 26 NETP Slide DeckFeb 26 NETP Slide Deck
Feb 26 NETP Slide Deck
 
Governance and management of IT.pptx
Governance and management of IT.pptxGovernance and management of IT.pptx
Governance and management of IT.pptx
 
Principal 4 Enabling A Holistic Approach
Principal 4 Enabling A Holistic ApproachPrincipal 4 Enabling A Holistic Approach
Principal 4 Enabling A Holistic Approach
 
Cobit Foundation Training
Cobit Foundation TrainingCobit Foundation Training
Cobit Foundation Training
 
CobiT And ITIL Breakfast Seminar
CobiT And ITIL Breakfast SeminarCobiT And ITIL Breakfast Seminar
CobiT And ITIL Breakfast Seminar
 
Diskusi buku: Securing an IT Organization through Governance, Risk Management...
Diskusi buku: Securing an IT Organization through Governance, Risk Management...Diskusi buku: Securing an IT Organization through Governance, Risk Management...
Diskusi buku: Securing an IT Organization through Governance, Risk Management...
 
Gs Us Roadmap For A World Class Information Security Management System– Isoie...
Gs Us Roadmap For A World Class Information Security Management System– Isoie...Gs Us Roadmap For A World Class Information Security Management System– Isoie...
Gs Us Roadmap For A World Class Information Security Management System– Isoie...
 
Cobit 5 for information security
Cobit 5 for information securityCobit 5 for information security
Cobit 5 for information security
 
Compliance Framework
Compliance FrameworkCompliance Framework
Compliance Framework
 
Chapter 10 security standart
Chapter 10 security standartChapter 10 security standart
Chapter 10 security standart
 
Marcos cobi t -e-itil-v040811
Marcos cobi t -e-itil-v040811Marcos cobi t -e-itil-v040811
Marcos cobi t -e-itil-v040811
 
CISSPills #3.02
CISSPills #3.02CISSPills #3.02
CISSPills #3.02
 
gray_audit_presentation.ppt
gray_audit_presentation.pptgray_audit_presentation.ppt
gray_audit_presentation.ppt
 
201306 CIO NET The Value of IT Frameworks
201306 CIO NET The Value of IT Frameworks201306 CIO NET The Value of IT Frameworks
201306 CIO NET The Value of IT Frameworks
 
Cobit 2019 framework by ISACA
Cobit 2019 framework by ISACACobit 2019 framework by ISACA
Cobit 2019 framework by ISACA
 
ISE 204 IT Service Management Frameworks.pdf
ISE 204 IT Service Management Frameworks.pdfISE 204 IT Service Management Frameworks.pdf
ISE 204 IT Service Management Frameworks.pdf
 
COBIT
COBITCOBIT
COBIT
 

Mais de Abhinav Goyal

Mais de Abhinav Goyal (8)

Torture Group
Torture GroupTorture Group
Torture Group
 
Business Plan "We Care"
Business Plan "We Care"Business Plan "We Care"
Business Plan "We Care"
 
Leading In Turbulent Times Role Of Management Education At Isb, Hyd
Leading In Turbulent Times Role Of Management Education At Isb, HydLeading In Turbulent Times Role Of Management Education At Isb, Hyd
Leading In Turbulent Times Role Of Management Education At Isb, Hyd
 
Tech Talk (Productivity Enhancing Tips)
Tech Talk (Productivity Enhancing Tips)Tech Talk (Productivity Enhancing Tips)
Tech Talk (Productivity Enhancing Tips)
 
Contribution Of Telecome To Aggregate Output
Contribution Of Telecome To Aggregate OutputContribution Of Telecome To Aggregate Output
Contribution Of Telecome To Aggregate Output
 
Century Plwoods By Abhinav Goyal Sonali Gupta Anshu Ronita And Siddhesh
Century Plwoods By Abhinav Goyal Sonali Gupta Anshu Ronita And SiddheshCentury Plwoods By Abhinav Goyal Sonali Gupta Anshu Ronita And Siddhesh
Century Plwoods By Abhinav Goyal Sonali Gupta Anshu Ronita And Siddhesh
 
Future Of Erp
Future Of ErpFuture Of Erp
Future Of Erp
 
Sas 70 And Ites
Sas 70 And ItesSas 70 And Ites
Sas 70 And Ites
 

Último

Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
kauryashika82
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
heathfieldcps1
 
Spellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please PractiseSpellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please Practise
AnaAcapella
 
Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...
Association for Project Management
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
ciinovamais
 

Último (20)

Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
 
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docx
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
 
How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
 
Spatium Project Simulation student brief
Spatium Project Simulation student briefSpatium Project Simulation student brief
Spatium Project Simulation student brief
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Dyslexia AI Workshop for Slideshare.pptx
Dyslexia AI Workshop for Slideshare.pptxDyslexia AI Workshop for Slideshare.pptx
Dyslexia AI Workshop for Slideshare.pptx
 
Understanding Accommodations and Modifications
Understanding Accommodations and ModificationsUnderstanding Accommodations and Modifications
Understanding Accommodations and Modifications
 
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptxSKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17
 
Spellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please PractiseSpellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please Practise
 
Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 

Welingkar Presentation On Cobit And Iso 1799 And Bs 7799

  • 1. Information Security Governance: COBIT or ISO 17799/ BS 7799 Presented by- Abhinav Goyal AnjuBhadoria Charu Sharma Khyati Shah Shivangi Gupta ShreeyaDhingra Sonali Gupta Vishal Jain
  • 2.
  • 7. IT Governance and its importance
  • 8. International StandardsCobit is developed by ISACA and the IT Governance Institute (ITGI) in order to implement IT Governance in organizations Control Objectives for Information and Related Technology.
  • 9.
  • 12. Common Sense – maximize benefits of IT while providing IT governance and control.Executive Summary - “There is a method…” Framework - “The method is…” Control Objectives - “The minimum controls are…” Audit Guidelines - “Here’s how you audit…” Management Guidelines - “Here’s how you measure your performance…” Implementation Guide - “Here’s how you implement…” The Cobit Model
  • 13.
  • 18. 34 High Level Control Objectives
  • 19.
  • 20. Information Criteria: Effectiveness Efficiency Confidentiality Integrity Availability Compliance Reliability Business Processes PO1 Define a Strategic IT Plan PO2 Define the Information Architecture PO3 Determine Technological Direction PO4 Define the IT Organization and Relationships PO5 Manage the IT Investment PO6 Communicate Management Aims and Direction PO7 Manage Human Resources PO8 Ensure Compliance with External Requirements PO9 Assess Risks PO10 Manage Projects PO11 Manage Quality IT Resources Data Applications Technology Facilities People ME1 Monitor the Process ME2 Assess Internal Control Adequacy ME3 Obtain Independent Assurance ME4 Provide for Independent Audit Monitor & Evaluate Plan & Organize DS1 Define and Manage Service Levels DS2 Manage Third-Party Services DS3 Manage Performance and Capacity DS4 Ensure Continuous Service DS5 Ensure Systems Security DS6 Identify and Allocate Costs DS7 Educate and Train Users DS8 Assist and Advise Customers DS9 Manage the Configuration DS10 Manage Problems and Incidents DS11 Manage Data DS12 Manage Facilities DS13 Manage Operations Deliver & Support Acquire & Implement AI1 Identify Automated Solutions AI2 Acquire and Maintain Application Software AI3 Acquire and Maintain Technology Infrastructure AI4 Develop and Maintain Procedures AI5 Install and Accredit Systems AI6 Manage Changes
  • 21.
  • 22. Describes what needs to be taken into account when making IT related decisions and investments; helps balance risk and control investment.
  • 24. Provides clear expectations on minimum controls in IT environments
  • 26. Assurance over security and controls (internal & external providers)
  • 28. List of control objectives and minimum controls
  • 30. Self Assessment Tool for All GroupsUsers of COBIT
  • 31. BS 7799 ISO 17799 INTRODUCTION
  • 32. ISO 17799 / BS 7799 SECURITY PARAMETERS ORGANISATIONAL AND INFORMATION SECURITY STRUCTURE RISK ASSESSMENT AND TREATMENT ASSET MANAGEMENT SECURITY POLICY HUMAN RESOURCE SECURITY
  • 33. ISO 17799 / BS 7799 PHYSICAL SECURITY ACQUISITION, DEVELOPMENT AND MAINTAINANCE COMMUNICATION AND OPERATIONAL SECURITY INCIDENTAL MANAGEMENT BUSINESS CONTINUITY ACCESS CONTROL INFORMATION SYSTEMS COMPLIANCE
  • 35. ISO 17799 Overview
  • 36. ISO 17799 modules
  • 37. ISO 17799 Controls
  • 38. ISO 17799 Controls
  • 39. ISO 17799 Controls
  • 40. ISO 17799 Controls
  • 43. What do we want to achieve with IT?
  • 44. How we can achieve these IT goals
  • 45. How we can achieve these IT goals
  • 46. How we can achieve these IT goals:Where are the methods strong in?
  • 47. How can we achieve these IT goals:continuous IT improvement

Notas do Editor

  1. Investors Have Lost Trust and ConfidenceEnronAdelphia CommunicationsXeroxMartha StewartAccounting fraudsRestatementsAccounting irregularities. Activities of both ISACF and the ITGI will be handled by the renamed entity, ensuring that the leading-edge research, publishing andIT governance:IT governance is the responsibility of executives and the board of directors, and consists of the leadership, organisational structures and processes that ensure that the enterprise’s IT sustains and extends the organisation’s strategies and objectives.What is CobitControl Objectives for Information and related Technology (COBIT®) provides good practices across a domain and processframework and presents activities in a manageable and logical structure. COBIT’s good practices represent the consensus of experts.They are strongly focused more on control, less on execution. These practices will help optimise IT-enabled investments, ensureservice delivery and provide a measure against which to judge when things do go wrong.For IT to be successful in delivering against business requirements, management should put an internal control system or frameworkin place. The COBIT control framework contributes to these needs by:• Making a link to the business requirements• Organising IT activities into a generally accepted process model• Identifying the major IT resources to be leveraged• Defining the management control objectives to be consideredImportance of controlsControl - The policies, procedures, practices, and organizational structures designed to provide reasonable assurance that business objectives will be achieved and that undesired events will be prevented or detected and corrected.Increased Government Regulation(s) require focus on Enterprise Risk ManagementCOSO (Committee of Sponsoring Organizations) FrameworkDependence on Financial SystemsIncreased Need for Standard IT Processes and ProjectsRequirements for Enhanced IT Controls
  2. Originally COBIT was released and used primarily by the IT assurance community. After the addition of Management Guidelines in 1998, COBIT has become the internationally accepted framework for IT governance and control, providing management tools such as metrics and maturity models to complement the control framework.ISO/IEC 17799:2000-The Code of Practice for Information Security Management is an international standard, based on BS 7799-1. It is presented as best practice for implementing information security management.COBIT by its nature is broader and ISO/IEC 17799 tends to be deeper in the area of security.ISSUER- COBIT IT Governance Institute, USA .ISO/IEC 17799:2000 International Organization for Standardization and International Electrotechnical Commission Joint Technical Committee (ISO/IEC JTC 1), Switzerland