IT
Governance Institute Identifies Top Actions for Security Managers: Complimentary
Guidance Available at
www.isaca.org/topactions
Rolling
Meadows, IL, USA (21 September 2005)—The IT
Governance Institute recommends top actions for security managers and chief
information security officers (CISOs) in its latest research deliverable,
Information Security Governance—Top Actions
for Security Managers.
Available as a
complimentary slide presentation at
www.isaca.org/topactions,
Top Actions is an extension of
earlier ITGI research published in Information Security Governance: Guidance for Boards
of Directors and Executive Management. The presentation identifies
actions for security managers and CISOs to take to address 18 questions posed by
senior management in the book.
Each slide represents
one of the 18 questions designed to uncover information security issues and
determine how to successfully implement information security governance. The
slides contain considerations for security managers regarding the question,
sources to assist the security manager in determining the appropriate response,
evaluation and performance criteria to determine how effectively the enterprise
addresses the security considerations, and security program initiatives
detailing steps the enterprise should take.
Top
Actions specifically focuses
on:
Uncovering the information security issues in an enterprise from a business and management perspective
Addressing management’s perception of information security and security risk management issues
Positioning information security as a component of IT and business governance
Establishing what is required to ensure that information security governance is successfully implemented within the enterprise
“In today’s business
environment, information security is critical to enterprises,” said Everett
Johnson, CPA, international president of the IT Governance Institute and a
partner (retired) at Deloitte & Touche. “Too often, information security is
considered a technology issue, when it is actually a business management
responsibility. The advice in Top Actions
helps information security managers address the priorities and
requirements of the organization as a whole.”
The IT Governance Institute® (ITGI) (www.itgi.org) was established in 1998 to advance international thinking and standards in directing and controlling an enterprise’s information technology. Effective IT governance helps ensure that IT supports business goals, optimizes business investment in IT, and appropriately manages IT-related risks and opportunities. The IT Governance Institute developed Control Objectives for Information and related Technology (COBIT) and offers symposia, original research and case studies to assist enterprise leaders and boards of directors in their IT governance responsibilities.
Kristen Bertholomey, +1.847.590.7455,
kbertholomey@itgi.org
Deborah Vohasek, +1.847.590.7466,
dvohasek@itgi.org
ITGI
3701 Algonquin Road, Suite 1010
Rolling Meadows, IL 60008
USA