January 31, 2011 IT AUDIT VS Risk Assessment – 2 We were discussing which should be done first and someone said: The first has to be risk assessment as it is foundation of information…
January 31, 2011 IT AUDIT VS Risk Assessment – 1 We were discussing which should be done first and someone commented: Many times, we find that the Control Objectives and controls become prominent before…
January 16, 2011 Black Swan: “levels only experienced on average once every 500 to http://news.discovery.com/earth/megastorm-californias-other-big-one.html Just in the last 15 years, since microwave technology aboard satellites produced images of water vapor in the atmosphere, scientists have come to…
January 6, 2011 Risk due to network administrators Someone on a forum I subscribe to suggested that there is a major risk of network administrators misusing their privileges. Why admins rather than…
January 6, 2011 What drives the RA? Need or Fashion? A colleague in InfoSec made the following observation: My point – RA is a nice to have, but it is superfluous. It looks nice…