SlideShare a Scribd company logo

Use of the COBIT Security Baseline

Download as PPT, PDF
Barry Caplin
Barry Caplin

Use of the COBIT Security Baseline as a framework for an information security program at a large state agency. Presented at the 2005 MN Govt IT Symposium.

BusinessTechnology
1 of 41
COBIT Barry Caplin Chief Information Security Officer Minnesota Department of Human Services Christopher Buse Information Technology Audit Manager Minnesota Office of the Legislative Auditor
Agenda ,[object Object],[object Object],[object Object],[object Object]
About Us ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Information Security Governance Why Adopt a Framework?
Information Security Governance ,[object Object],[object Object],[object Object],[object Object]
Information Security Governance ,[object Object],[object Object],[object Object],[object Object],[object Object]
Information Security Governance ,[object Object],[object Object],[object Object],[object Object],[object Object]
Information Security Governance ,[object Object],[object Object],[object Object],[object Object],[object Object]
Information Security Governance ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Conflict
Information Security Governance Who needs Security Governance? We do!
Industry Best Practice ,[object Object],[object Object],[object Object],[object Object]
The 10000 Foot View Information Security Governance Hierarchy Information Lifecycle Management Compliance Information Policy Information Risk Management Information Security Governance Framework
COBIT What’s it all About?
What is COBIT ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Strengths ,[object Object],[object Object],[object Object],[object Object]
Support ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Information Sources ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Business Focus ,[object Object],[object Object],[object Object],[object Object],[object Object]
COBIT Framework ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Products ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Cost
Still Interested ,[object Object],[object Object],[object Object],[object Object]
COBIT as an Audit Tool Use of the COBIT Framework in the Office of the Legislative Auditor
Planning ,[object Object],[object Object],[object Object]
Reporting ,[object Object],[object Object]
COBIT as a Management Tool Use of the COBIT Security Baseline at the Department of Human Services
MN DHS ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
MN DHS ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
MN DHS ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
MN DHS ,[object Object],[object Object],[object Object],[object Object],[object Object]
COBIT Use in State ,[object Object],[object Object],[object Object]
COBIT and Security ,[object Object],[object Object],[object Object],[object Object],[object Object]
Maturity Model ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Initial Baseline ,[object Object],[object Object],[object Object],[object Object]
Implementation Steps ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Security Baseline Projects ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Security Baseline Projects ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Security Baseline Projects ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Information Lifecycle Management *From http://www.cacr.math.uwaterloo.ca/conferences/2005/psw/gingras.ppt
Supporting Work ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Discussion?

Recommended

ISO/IEC 27001:2005 naar ISO 27001:2013 Checklist
ISO/IEC 27001:2005 naar ISO 27001:2013 ChecklistISO/IEC 27001:2005 naar ISO 27001:2013 Checklist
ISO/IEC 27001:2005 naar ISO 27001:2013 ChecklistLloyd's Register Quality Assurance Nederland
 
ISO 27001 (v2013) Checklist
ISO 27001 (v2013) ChecklistISO 27001 (v2013) Checklist
ISO 27001 (v2013) ChecklistIvan Piskunov
 
Implementing a Security Framework based on ISO/IEC 27002
Implementing a Security Framework based on ISO/IEC 27002Implementing a Security Framework based on ISO/IEC 27002
Implementing a Security Framework based on ISO/IEC 27002pgpmikey
 
Presentation on iso 27001-2013, Internal Auditing and BCM
Presentation on iso 27001-2013, Internal Auditing and BCMPresentation on iso 27001-2013, Internal Auditing and BCM
Presentation on iso 27001-2013, Internal Auditing and BCMShantanu Rai
 
Iso 27001 metrics and implementation guide
Iso 27001 metrics and implementation guideIso 27001 metrics and implementation guide
Iso 27001 metrics and implementation guidemfmurat
 
Iso 27001 2013 Standard Requirements
Iso 27001 2013 Standard RequirementsIso 27001 2013 Standard Requirements
Iso 27001 2013 Standard RequirementsUppala Anand
 
Whitepaper iso 27001_isms | All about ISO 27001
Whitepaper iso 27001_isms | All about ISO 27001Whitepaper iso 27001_isms | All about ISO 27001
Whitepaper iso 27001_isms | All about ISO 27001Chandan Singh Ghodela
 
Best Practices in Auditing ISO/IEC 27001
Best Practices in Auditing ISO/IEC 27001Best Practices in Auditing ISO/IEC 27001
Best Practices in Auditing ISO/IEC 27001PECB
 

Recommended

ISO/IEC 27001:2005 naar ISO 27001:2013 Checklist
ISO/IEC 27001:2005 naar ISO 27001:2013 ChecklistISO/IEC 27001:2005 naar ISO 27001:2013 Checklist
ISO/IEC 27001:2005 naar ISO 27001:2013 ChecklistLloyd's Register Quality Assurance Nederland
 
ISO 27001 (v2013) Checklist
ISO 27001 (v2013) ChecklistISO 27001 (v2013) Checklist
ISO 27001 (v2013) ChecklistIvan Piskunov
 
Implementing a Security Framework based on ISO/IEC 27002
Implementing a Security Framework based on ISO/IEC 27002Implementing a Security Framework based on ISO/IEC 27002
Implementing a Security Framework based on ISO/IEC 27002pgpmikey
 
Presentation on iso 27001-2013, Internal Auditing and BCM
Presentation on iso 27001-2013, Internal Auditing and BCMPresentation on iso 27001-2013, Internal Auditing and BCM
Presentation on iso 27001-2013, Internal Auditing and BCMShantanu Rai
 
Iso 27001 metrics and implementation guide
Iso 27001 metrics and implementation guideIso 27001 metrics and implementation guide
Iso 27001 metrics and implementation guidemfmurat
 
Iso 27001 2013 Standard Requirements
Iso 27001 2013 Standard RequirementsIso 27001 2013 Standard Requirements
Iso 27001 2013 Standard RequirementsUppala Anand
 
Whitepaper iso 27001_isms | All about ISO 27001
Whitepaper iso 27001_isms | All about ISO 27001Whitepaper iso 27001_isms | All about ISO 27001
Whitepaper iso 27001_isms | All about ISO 27001Chandan Singh Ghodela
 
Best Practices in Auditing ISO/IEC 27001
Best Practices in Auditing ISO/IEC 27001Best Practices in Auditing ISO/IEC 27001
Best Practices in Auditing ISO/IEC 27001PECB
 
Iso 27001 certification
Iso 27001 certificationIso 27001 certification
Iso 27001 certificationramya119
 
ISO 27001:2013 Implementation procedure
ISO 27001:2013 Implementation procedureISO 27001:2013 Implementation procedure
ISO 27001:2013 Implementation procedureUppala Anand
 
Information Security Management Systems(ISMS) By Dr Wafula
Information Security Management Systems(ISMS) By Dr WafulaInformation Security Management Systems(ISMS) By Dr Wafula
Information Security Management Systems(ISMS) By Dr WafulaDiscover JKUAT
 
ISMS Part I
ISMS Part IISMS Part I
ISMS Part Ikhushboo
 
Information System Audit and Control
Information System Audit and ControlInformation System Audit and Control
Information System Audit and ControlAsad Raza
 
Isms
IsmsIsms
Ismspenetration Tester
 
How Does the New ISO 27001 Impact Your IT Risk Management Processes?
How Does the New ISO 27001 Impact Your IT Risk Management Processes?How Does the New ISO 27001 Impact Your IT Risk Management Processes?
How Does the New ISO 27001 Impact Your IT Risk Management Processes?Lars Neupart
 
Transitioning to iso 27001 2013
Transitioning to iso 27001 2013Transitioning to iso 27001 2013
Transitioning to iso 27001 2013SAIGlobalAssurance
 
Isms awareness presentation
Isms awareness presentationIsms awareness presentation
Isms awareness presentationPranay Kumar
 
Iso 27001 awareness
Iso 27001 awarenessIso 27001 awareness
Iso 27001 awarenessÃsħâr Ãâlâm
 
Iso 27001 Checklist
Iso 27001 ChecklistIso 27001 Checklist
Iso 27001 ChecklistCraig Willetts ISO Expert
 
IT Audit methodologies
IT Audit methodologiesIT Audit methodologies
IT Audit methodologiesgenetics
 
Infosec Audit Lecture_4
Infosec Audit Lecture_4Infosec Audit Lecture_4
Infosec Audit Lecture_4Obrina Candra, CISA, ISMS-LA
 
PECB Certified ISO 27001:2013 Lead Implementer by Kinverg
PECB Certified ISO 27001:2013 Lead Implementer by KinvergPECB Certified ISO 27001:2013 Lead Implementer by Kinverg
PECB Certified ISO 27001:2013 Lead Implementer by KinvergKinverg
 
Iso 27001 2013
Iso 27001 2013Iso 27001 2013
Iso 27001 2013Magda CHELLY, Ph.D, S-CISO, CISSP®
 
Iso27001 Audit Services
Iso27001 Audit ServicesIso27001 Audit Services
Iso27001 Audit Servicesmcloete
 
Iso 27001 2013 clause 6 - planning - by Software development company in india
Iso 27001 2013 clause 6 - planning - by Software development company in indiaIso 27001 2013 clause 6 - planning - by Software development company in india
Iso 27001 2013 clause 6 - planning - by Software development company in indiaiFour Consultancy
 
Popular Pitfalls In Isms Compliance
Popular Pitfalls In Isms CompliancePopular Pitfalls In Isms Compliance
Popular Pitfalls In Isms ComplianceRamkumar Ramachandran
 
ISO 27001:2013 - Changes
ISO 27001:2013 - ChangesISO 27001:2013 - Changes
ISO 27001:2013 - Changesn|u - The Open Security Community
 
CMMC Certification
CMMC CertificationCMMC Certification
CMMC CertificationControlCase
 
Alberta's Approach To An Itm Control Framework
Alberta's Approach To An Itm Control FrameworkAlberta's Approach To An Itm Control Framework
Alberta's Approach To An Itm Control FrameworkGovernment Technology Exhibition and Conference
 
Cobit 4.1 - DS2
Cobit 4.1 - DS2Cobit 4.1 - DS2
Cobit 4.1 - DS2Juliana Maria Lopes
 

More Related Content

What's hot

Iso 27001 certification
Iso 27001 certificationIso 27001 certification
Iso 27001 certificationramya119
 
ISO 27001:2013 Implementation procedure
ISO 27001:2013 Implementation procedureISO 27001:2013 Implementation procedure
ISO 27001:2013 Implementation procedureUppala Anand
 
Information Security Management Systems(ISMS) By Dr Wafula
Information Security Management Systems(ISMS) By Dr WafulaInformation Security Management Systems(ISMS) By Dr Wafula
Information Security Management Systems(ISMS) By Dr WafulaDiscover JKUAT
 
ISMS Part I
ISMS Part IISMS Part I
ISMS Part Ikhushboo
 
Information System Audit and Control
Information System Audit and ControlInformation System Audit and Control
Information System Audit and ControlAsad Raza
 
How Does the New ISO 27001 Impact Your IT Risk Management Processes?
How Does the New ISO 27001 Impact Your IT Risk Management Processes?How Does the New ISO 27001 Impact Your IT Risk Management Processes?
How Does the New ISO 27001 Impact Your IT Risk Management Processes?Lars Neupart
 
Transitioning to iso 27001 2013
Transitioning to iso 27001 2013Transitioning to iso 27001 2013
Transitioning to iso 27001 2013SAIGlobalAssurance
 
Isms awareness presentation
Isms awareness presentationIsms awareness presentation
Isms awareness presentationPranay Kumar
 
IT Audit methodologies
IT Audit methodologiesIT Audit methodologies
IT Audit methodologiesgenetics
 
PECB Certified ISO 27001:2013 Lead Implementer by Kinverg
PECB Certified ISO 27001:2013 Lead Implementer by KinvergPECB Certified ISO 27001:2013 Lead Implementer by Kinverg
PECB Certified ISO 27001:2013 Lead Implementer by KinvergKinverg
 
Iso27001 Audit Services
Iso27001 Audit ServicesIso27001 Audit Services
Iso27001 Audit Servicesmcloete
 
Iso 27001 2013 clause 6 - planning - by Software development company in india
Iso 27001 2013 clause 6 - planning - by Software development company in indiaIso 27001 2013 clause 6 - planning - by Software development company in india
Iso 27001 2013 clause 6 - planning - by Software development company in indiaiFour Consultancy
 
CMMC Certification
CMMC CertificationCMMC Certification
CMMC CertificationControlCase
 

What's hot (20)

Iso 27001 certification
Iso 27001 certificationIso 27001 certification
Iso 27001 certification
 
ISO 27001:2013 Implementation procedure
ISO 27001:2013 Implementation procedureISO 27001:2013 Implementation procedure
ISO 27001:2013 Implementation procedure
 
Information Security Management Systems(ISMS) By Dr Wafula
Information Security Management Systems(ISMS) By Dr WafulaInformation Security Management Systems(ISMS) By Dr Wafula
Information Security Management Systems(ISMS) By Dr Wafula
 
ISMS Part I
ISMS Part IISMS Part I
ISMS Part I
 
Information System Audit and Control
Information System Audit and ControlInformation System Audit and Control
Information System Audit and Control
 
Isms
IsmsIsms
Isms
 
How Does the New ISO 27001 Impact Your IT Risk Management Processes?
How Does the New ISO 27001 Impact Your IT Risk Management Processes?How Does the New ISO 27001 Impact Your IT Risk Management Processes?
How Does the New ISO 27001 Impact Your IT Risk Management Processes?
 
Transitioning to iso 27001 2013
Transitioning to iso 27001 2013Transitioning to iso 27001 2013
Transitioning to iso 27001 2013
 
Isms awareness presentation
Isms awareness presentationIsms awareness presentation
Isms awareness presentation
 
Iso 27001 awareness
Iso 27001 awarenessIso 27001 awareness
Iso 27001 awareness
 
Iso 27001 Checklist
Iso 27001 ChecklistIso 27001 Checklist
Iso 27001 Checklist
 
IT Audit methodologies
IT Audit methodologiesIT Audit methodologies
IT Audit methodologies
 
Infosec Audit Lecture_4
Infosec Audit Lecture_4Infosec Audit Lecture_4
Infosec Audit Lecture_4
 
PECB Certified ISO 27001:2013 Lead Implementer by Kinverg
PECB Certified ISO 27001:2013 Lead Implementer by KinvergPECB Certified ISO 27001:2013 Lead Implementer by Kinverg
PECB Certified ISO 27001:2013 Lead Implementer by Kinverg
 
Iso 27001 2013
Iso 27001 2013Iso 27001 2013
Iso 27001 2013
 
Iso27001 Audit Services
Iso27001 Audit ServicesIso27001 Audit Services
Iso27001 Audit Services
 
Iso 27001 2013 clause 6 - planning - by Software development company in india
Iso 27001 2013 clause 6 - planning - by Software development company in indiaIso 27001 2013 clause 6 - planning - by Software development company in india
Iso 27001 2013 clause 6 - planning - by Software development company in india
 
Popular Pitfalls In Isms Compliance
Popular Pitfalls In Isms CompliancePopular Pitfalls In Isms Compliance
Popular Pitfalls In Isms Compliance
 
ISO 27001:2013 - Changes
ISO 27001:2013 - ChangesISO 27001:2013 - Changes
ISO 27001:2013 - Changes
 
CMMC Certification
CMMC CertificationCMMC Certification
CMMC Certification
 

Viewers also liked

Guia de estudo para exame de certificacao do Cobit 4.1 v7
Guia de estudo para exame de certificacao do Cobit 4.1 v7Guia de estudo para exame de certificacao do Cobit 4.1 v7
Guia de estudo para exame de certificacao do Cobit 4.1 v7Rildo (@rildosan) Santos
 
101 01-f07 assessment checklist - rev 1 - soaf
101 01-f07 assessment checklist - rev 1 - soaf101 01-f07 assessment checklist - rev 1 - soaf
101 01-f07 assessment checklist - rev 1 - soafchelliah selvavishnu
 
Cobit 5 for information security
Cobit 5 for information securityCobit 5 for information security
Cobit 5 for information securityElkanouni Mohamed
 
Enterprise Information Systems Security: A Case Study in the Banking Sector
Enterprise Information Systems Security: A Case Study in the Banking SectorEnterprise Information Systems Security: A Case Study in the Banking Sector
Enterprise Information Systems Security: A Case Study in the Banking SectorCONFENIS 2012
 
Risk Analysis using open FAIR and Adoption of right Security Controls
Risk Analysis using open FAIR and Adoption of right Security ControlsRisk Analysis using open FAIR and Adoption of right Security Controls
Risk Analysis using open FAIR and Adoption of right Security ControlsPriyanka Aash
 
Project Risk register
Project Risk registerProject Risk register
Project Risk registerKashif Mastan
 
ISO 27001 - Information security user awareness training presentation - part 3
ISO 27001 - Information security user awareness training presentation - part 3ISO 27001 - Information security user awareness training presentation - part 3
ISO 27001 - Information security user awareness training presentation - part 3Tanmay Shinde
 
ISO/IEC 27001:2013 An Overview
ISO/IEC 27001:2013 An Overview ISO/IEC 27001:2013 An Overview
ISO/IEC 27001:2013 An Overview Ahmed Riad .
 
Practical Applications of Block Chain Technologies
Practical Applications of Block Chain Technologies Practical Applications of Block Chain Technologies
Practical Applications of Block Chain Technologies Priyanka Aash
 
Top 10 Essentials for Building a Powerful Security Dashboard
Top 10 Essentials for Building a Powerful Security DashboardTop 10 Essentials for Building a Powerful Security Dashboard
Top 10 Essentials for Building a Powerful Security DashboardTripwire
 

Viewers also liked (17)

Alberta's Approach To An Itm Control Framework
Alberta's Approach To An Itm Control FrameworkAlberta's Approach To An Itm Control Framework
Alberta's Approach To An Itm Control Framework
 
Cobit 4.1 - DS2
Cobit 4.1 - DS2Cobit 4.1 - DS2
Cobit 4.1 - DS2
 
Guia de estudo para exame de certificacao do Cobit 4.1 v7
Guia de estudo para exame de certificacao do Cobit 4.1 v7Guia de estudo para exame de certificacao do Cobit 4.1 v7
Guia de estudo para exame de certificacao do Cobit 4.1 v7
 
101 01-f07 assessment checklist - rev 1 - soaf
101 01-f07 assessment checklist - rev 1 - soaf101 01-f07 assessment checklist - rev 1 - soaf
101 01-f07 assessment checklist - rev 1 - soaf
 
Cobit 5 for information security
Cobit 5 for information securityCobit 5 for information security
Cobit 5 for information security
 
ISO 27002
ISO 27002ISO 27002
ISO 27002
 
Enterprise Information Systems Security: A Case Study in the Banking Sector
Enterprise Information Systems Security: A Case Study in the Banking SectorEnterprise Information Systems Security: A Case Study in the Banking Sector
Enterprise Information Systems Security: A Case Study in the Banking Sector
 
Iso 27002-2013
Iso 27002-2013Iso 27002-2013
Iso 27002-2013
 
It governance & cobit 5
It governance & cobit 5It governance & cobit 5
It governance & cobit 5
 
Integrated GRC
Integrated GRCIntegrated GRC
Integrated GRC
 
Risk Analysis using open FAIR and Adoption of right Security Controls
Risk Analysis using open FAIR and Adoption of right Security ControlsRisk Analysis using open FAIR and Adoption of right Security Controls
Risk Analysis using open FAIR and Adoption of right Security Controls
 
Project Risk register
Project Risk registerProject Risk register
Project Risk register
 
ISO 27001 - Information security user awareness training presentation - part 3
ISO 27001 - Information security user awareness training presentation - part 3ISO 27001 - Information security user awareness training presentation - part 3
ISO 27001 - Information security user awareness training presentation - part 3
 
ISO/IEC 27001:2013 An Overview
ISO/IEC 27001:2013 An Overview ISO/IEC 27001:2013 An Overview
ISO/IEC 27001:2013 An Overview
 
Practical Applications of Block Chain Technologies
Practical Applications of Block Chain Technologies Practical Applications of Block Chain Technologies
Practical Applications of Block Chain Technologies
 
Top 10 Essentials for Building a Powerful Security Dashboard
Top 10 Essentials for Building a Powerful Security DashboardTop 10 Essentials for Building a Powerful Security Dashboard
Top 10 Essentials for Building a Powerful Security Dashboard
 
ISO 27001 - Information Security Management System
ISO 27001 - Information Security Management SystemISO 27001 - Information Security Management System
ISO 27001 - Information Security Management System
 

Similar to Use of the COBIT Security Baseline

Security Lifecycle Management
Security Lifecycle ManagementSecurity Lifecycle Management
Security Lifecycle ManagementBarry Caplin
 
Gs Us Roadmap For A World Class Information Security Management System– Isoie...
Gs Us Roadmap For A World Class Information Security Management System– Isoie...Gs Us Roadmap For A World Class Information Security Management System– Isoie...
Gs Us Roadmap For A World Class Information Security Management System– Isoie...Tammy Clark
 
Governance and management of IT.pptx
Governance and management of IT.pptxGovernance and management of IT.pptx
Governance and management of IT.pptxPrashant Singh
 
Chapter 10 security standart
Chapter 10 security standartChapter 10 security standart
Chapter 10 security standartnewbie2019
 
D1 security and risk management v1.62
D1 security and risk management v1.62D1 security and risk management v1.62
D1 security and risk management v1.62AlliedConSapCourses
 
Planning for-and implementing ISO 27001
Planning for-and implementing ISO 27001Planning for-and implementing ISO 27001
Planning for-and implementing ISO 27001Yerlin Sturdivant
 
gray_audit_presentation.ppt
gray_audit_presentation.pptgray_audit_presentation.ppt
gray_audit_presentation.pptKhalilIdhman
 
Nine HIPAA Compliance Questions to ask Yourself
Nine HIPAA Compliance Questions to ask YourselfNine HIPAA Compliance Questions to ask Yourself
Nine HIPAA Compliance Questions to ask YourselfLERNER Consulting
 
ISO27001_COBIT_Students.pptx
ISO27001_COBIT_Students.pptxISO27001_COBIT_Students.pptx
ISO27001_COBIT_Students.pptxjojo82637
 
Kmicro Cybersecurity Offerings 2020
Kmicro Cybersecurity Offerings 2020Kmicro Cybersecurity Offerings 2020
Kmicro Cybersecurity Offerings 2020Manuel Guillen
 
Developing an Information Security Program
Developing an Information Security ProgramDeveloping an Information Security Program
Developing an Information Security ProgramShauna_Cox
 
Information Systems Security Review 2004
Information Systems Security Review 2004Information Systems Security Review 2004
Information Systems Security Review 2004Donald E. Hester
 
The Identity Project (Rhys Smith)
The Identity Project (Rhys Smith)The Identity Project (Rhys Smith)
The Identity Project (Rhys Smith)JISC.AM
 
Compliance Framework
Compliance FrameworkCompliance Framework
Compliance Frameworkbarnetdh
 
Using Modelling and Simulation for Policy Decision Support in Identity Manage...
Using Modelling and Simulation for Policy Decision Support in Identity Manage...Using Modelling and Simulation for Policy Decision Support in Identity Manage...
Using Modelling and Simulation for Policy Decision Support in Identity Manage...gueste4e93e3
 
Solve the exercise in security management.pdf
Solve the exercise in security management.pdfSolve the exercise in security management.pdf
Solve the exercise in security management.pdfsdfghj21
 
EUCI Mapping Cybersecurity to CIP
EUCI Mapping Cybersecurity to CIPEUCI Mapping Cybersecurity to CIP
EUCI Mapping Cybersecurity to CIPScott Baron
 

Similar to Use of the COBIT Security Baseline (20)

Security Lifecycle Management
Security Lifecycle ManagementSecurity Lifecycle Management
Security Lifecycle Management
 
Gs Us Roadmap For A World Class Information Security Management System– Isoie...
Gs Us Roadmap For A World Class Information Security Management System– Isoie...Gs Us Roadmap For A World Class Information Security Management System– Isoie...
Gs Us Roadmap For A World Class Information Security Management System– Isoie...
 
Governance and management of IT.pptx
Governance and management of IT.pptxGovernance and management of IT.pptx
Governance and management of IT.pptx
 
Chapter 10 security standart
Chapter 10 security standartChapter 10 security standart
Chapter 10 security standart
 
D1 security and risk management v1.62
D1 security and risk management v1.62D1 security and risk management v1.62
D1 security and risk management v1.62
 
Planning for-and implementing ISO 27001
Planning for-and implementing ISO 27001Planning for-and implementing ISO 27001
Planning for-and implementing ISO 27001
 
gray_audit_presentation.ppt
gray_audit_presentation.pptgray_audit_presentation.ppt
gray_audit_presentation.ppt
 
CISSPills #3.02
CISSPills #3.02CISSPills #3.02
CISSPills #3.02
 
Nine HIPAA Compliance Questions to ask Yourself
Nine HIPAA Compliance Questions to ask YourselfNine HIPAA Compliance Questions to ask Yourself
Nine HIPAA Compliance Questions to ask Yourself
 
Accountability Corbit Overview 06262007
Accountability Corbit Overview 06262007Accountability Corbit Overview 06262007
Accountability Corbit Overview 06262007
 
ISO27001_COBIT_Students.pptx
ISO27001_COBIT_Students.pptxISO27001_COBIT_Students.pptx
ISO27001_COBIT_Students.pptx
 
Kmicro Cybersecurity Offerings 2020
Kmicro Cybersecurity Offerings 2020Kmicro Cybersecurity Offerings 2020
Kmicro Cybersecurity Offerings 2020
 
Developing an Information Security Program
Developing an Information Security ProgramDeveloping an Information Security Program
Developing an Information Security Program
 
Information Systems Security Review 2004
Information Systems Security Review 2004Information Systems Security Review 2004
Information Systems Security Review 2004
 
The Identity Project (Rhys Smith)
The Identity Project (Rhys Smith)The Identity Project (Rhys Smith)
The Identity Project (Rhys Smith)
 
Compliance Framework
Compliance FrameworkCompliance Framework
Compliance Framework
 
Using Modelling and Simulation for Policy Decision Support in Identity Manage...
Using Modelling and Simulation for Policy Decision Support in Identity Manage...Using Modelling and Simulation for Policy Decision Support in Identity Manage...
Using Modelling and Simulation for Policy Decision Support in Identity Manage...
 
Solve the exercise in security management.pdf
Solve the exercise in security management.pdfSolve the exercise in security management.pdf
Solve the exercise in security management.pdf
 
EUCI Mapping Cybersecurity to CIP
EUCI Mapping Cybersecurity to CIPEUCI Mapping Cybersecurity to CIP
EUCI Mapping Cybersecurity to CIP
 
Cobit 41 framework
Cobit 41 frameworkCobit 41 framework
Cobit 41 framework
 

More from Barry Caplin

Healing healthcare security
Healing healthcare securityHealing healthcare security
Healing healthcare securityBarry Caplin
 
It’s not If but When 20160503
It’s not If but When 20160503It’s not If but When 20160503
It’s not If but When 20160503Barry Caplin
 
Dreaded Embedded sec360 5-17-16
Dreaded Embedded sec360 5-17-16Dreaded Embedded sec360 5-17-16
Dreaded Embedded sec360 5-17-16Barry Caplin
 
It’s not if but when 20160503
It’s not if but when 20160503It’s not if but when 20160503
It’s not if but when 20160503Barry Caplin
 
Wearing Your Heart On Your Sleeve - Literally!
Wearing Your Heart On Your Sleeve - Literally!Wearing Your Heart On Your Sleeve - Literally!
Wearing Your Heart On Your Sleeve - Literally!Barry Caplin
 
CISOs are from Mars, CIOs are from Venus
CISOs are from Mars, CIOs are from VenusCISOs are from Mars, CIOs are from Venus
CISOs are from Mars, CIOs are from VenusBarry Caplin
 
Online Self Defense - Passwords
Online Self Defense - PasswordsOnline Self Defense - Passwords
Online Self Defense - PasswordsBarry Caplin
 
The CISO Guide – How Do You Spell CISO?
The CISO Guide – How Do You Spell CISO?The CISO Guide – How Do You Spell CISO?
The CISO Guide – How Do You Spell CISO?Barry Caplin
 
Bullying and Cyberbullying
Bullying and CyberbullyingBullying and Cyberbullying
Bullying and CyberbullyingBarry Caplin
 
3 factors of fail sec360 5-15-13
3 factors of fail sec360 5-15-133 factors of fail sec360 5-15-13
3 factors of fail sec360 5-15-13Barry Caplin
 
Tech smart preschool parent 2 13
Tech smart preschool parent 2 13Tech smart preschool parent 2 13
Tech smart preschool parent 2 13Barry Caplin
 
Embracing the IT Consumerization Imperative NG Security
Embracing the IT Consumerization Imperative NG SecurityEmbracing the IT Consumerization Imperative NG Security
Embracing the IT Consumerization Imperative NG SecurityBarry Caplin
 
Online Self Defense
Online Self DefenseOnline Self Defense
Online Self DefenseBarry Caplin
 
Embracing the IT Consumerization Imperitive
Embracing the IT Consumerization ImperitiveEmbracing the IT Consumerization Imperitive
Embracing the IT Consumerization ImperitiveBarry Caplin
 
Embracing the IT Consumerization Imperitive
Embracing the IT Consumerization ImperitiveEmbracing the IT Consumerization Imperitive
Embracing the IT Consumerization ImperitiveBarry Caplin
 
Stuff my ciso says
Stuff my ciso saysStuff my ciso says
Stuff my ciso saysBarry Caplin
 
IT Consumerization – iPad’ing the Enterprise or BYO Malware?
IT Consumerization – iPad’ing the Enterprise or BYO Malware?IT Consumerization – iPad’ing the Enterprise or BYO Malware?
IT Consumerization – iPad’ing the Enterprise or BYO Malware?Barry Caplin
 
Toys in the office 11
Toys in the office 11Toys in the office 11
Toys in the office 11Barry Caplin
 
Accidental Insider
Accidental InsiderAccidental Insider
Accidental InsiderBarry Caplin
 
Teens 2.0 - Teens and Social Networks
Teens 2.0 - Teens and Social NetworksTeens 2.0 - Teens and Social Networks
Teens 2.0 - Teens and Social NetworksBarry Caplin
 

More from Barry Caplin (20)

Healing healthcare security
Healing healthcare securityHealing healthcare security
Healing healthcare security
 
It’s not If but When 20160503
It’s not If but When 20160503It’s not If but When 20160503
It’s not If but When 20160503
 
Dreaded Embedded sec360 5-17-16
Dreaded Embedded sec360 5-17-16Dreaded Embedded sec360 5-17-16
Dreaded Embedded sec360 5-17-16
 
It’s not if but when 20160503
It’s not if but when 20160503It’s not if but when 20160503
It’s not if but when 20160503
 
Wearing Your Heart On Your Sleeve - Literally!
Wearing Your Heart On Your Sleeve - Literally!Wearing Your Heart On Your Sleeve - Literally!
Wearing Your Heart On Your Sleeve - Literally!
 
CISOs are from Mars, CIOs are from Venus
CISOs are from Mars, CIOs are from VenusCISOs are from Mars, CIOs are from Venus
CISOs are from Mars, CIOs are from Venus
 
Online Self Defense - Passwords
Online Self Defense - PasswordsOnline Self Defense - Passwords
Online Self Defense - Passwords
 
The CISO Guide – How Do You Spell CISO?
The CISO Guide – How Do You Spell CISO?The CISO Guide – How Do You Spell CISO?
The CISO Guide – How Do You Spell CISO?
 
Bullying and Cyberbullying
Bullying and CyberbullyingBullying and Cyberbullying
Bullying and Cyberbullying
 
3 factors of fail sec360 5-15-13
3 factors of fail sec360 5-15-133 factors of fail sec360 5-15-13
3 factors of fail sec360 5-15-13
 
Tech smart preschool parent 2 13
Tech smart preschool parent 2 13Tech smart preschool parent 2 13
Tech smart preschool parent 2 13
 
Embracing the IT Consumerization Imperative NG Security
Embracing the IT Consumerization Imperative NG SecurityEmbracing the IT Consumerization Imperative NG Security
Embracing the IT Consumerization Imperative NG Security
 
Online Self Defense
Online Self DefenseOnline Self Defense
Online Self Defense
 
Embracing the IT Consumerization Imperitive
Embracing the IT Consumerization ImperitiveEmbracing the IT Consumerization Imperitive
Embracing the IT Consumerization Imperitive
 
Embracing the IT Consumerization Imperitive
Embracing the IT Consumerization ImperitiveEmbracing the IT Consumerization Imperitive
Embracing the IT Consumerization Imperitive
 
Stuff my ciso says
Stuff my ciso saysStuff my ciso says
Stuff my ciso says
 
IT Consumerization – iPad’ing the Enterprise or BYO Malware?
IT Consumerization – iPad’ing the Enterprise or BYO Malware?IT Consumerization – iPad’ing the Enterprise or BYO Malware?
IT Consumerization – iPad’ing the Enterprise or BYO Malware?
 
Toys in the office 11
Toys in the office 11Toys in the office 11
Toys in the office 11
 
Accidental Insider
Accidental InsiderAccidental Insider
Accidental Insider
 
Teens 2.0 - Teens and Social Networks
Teens 2.0 - Teens and Social NetworksTeens 2.0 - Teens and Social Networks
Teens 2.0 - Teens and Social Networks
 

Recently uploaded

SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 MonthsSEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 MonthsIndeedSEO
 
Eluru Call Girls Service ☎ ️93326-06886 ❤️‍🔥 Enjoy 24/7 Escort Service
Eluru Call Girls Service ☎ ️93326-06886 ❤️‍🔥 Enjoy 24/7 Escort ServiceEluru Call Girls Service ☎ ️93326-06886 ❤️‍🔥 Enjoy 24/7 Escort Service
Eluru Call Girls Service ☎ ️93326-06886 ❤️‍🔥 Enjoy 24/7 Escort ServiceDamini Dixit
 
Call Girls In Majnu Ka Tilla 959961~3876 Shot 2000 Night 8000
Call Girls In Majnu Ka Tilla 959961~3876 Shot 2000 Night 8000Call Girls In Majnu Ka Tilla 959961~3876 Shot 2000 Night 8000
Call Girls In Majnu Ka Tilla 959961~3876 Shot 2000 Night 8000dlhescort
 
RSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors DataRSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors DataExhibitors Data
 
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesMysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesDipal Arora
 
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort Service
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort ServiceMalegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort Service
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort ServiceDamini Dixit
 
Falcon Invoice Discounting: The best investment platform in india for investors
Falcon Invoice Discounting: The best investment platform in india for investorsFalcon Invoice Discounting: The best investment platform in india for investors
Falcon Invoice Discounting: The best investment platform in india for investorsFalcon Invoice Discounting
 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxWorkforce Group
 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...Aggregage
 
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...lizamodels9
 
Marel Q1 2024 Investor Presentation from May 8, 2024
Marel Q1 2024 Investor Presentation from May 8, 2024Marel Q1 2024 Investor Presentation from May 8, 2024
Marel Q1 2024 Investor Presentation from May 8, 2024Marel
 
Business Model Canvas (BMC)- A new venture concept
Business Model Canvas (BMC)- A new venture conceptBusiness Model Canvas (BMC)- A new venture concept
Business Model Canvas (BMC)- A new venture conceptP&CO
 
Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...
Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...
Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...Anamikakaur10
 
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...lizamodels9
 
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...amitlee9823
 
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRLBAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRLkapoorjyoti4444
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756dollysharma2066
 
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756dollysharma2066
 

Recently uploaded (20)

SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 MonthsSEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
 
Eluru Call Girls Service ☎ ️93326-06886 ❤️‍🔥 Enjoy 24/7 Escort Service
Eluru Call Girls Service ☎ ️93326-06886 ❤️‍🔥 Enjoy 24/7 Escort ServiceEluru Call Girls Service ☎ ️93326-06886 ❤️‍🔥 Enjoy 24/7 Escort Service
Eluru Call Girls Service ☎ ️93326-06886 ❤️‍🔥 Enjoy 24/7 Escort Service
 
Call Girls In Majnu Ka Tilla 959961~3876 Shot 2000 Night 8000
Call Girls In Majnu Ka Tilla 959961~3876 Shot 2000 Night 8000Call Girls In Majnu Ka Tilla 959961~3876 Shot 2000 Night 8000
Call Girls In Majnu Ka Tilla 959961~3876 Shot 2000 Night 8000
 
RSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors DataRSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors Data
 
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesMysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
 
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort Service
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort ServiceMalegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort Service
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort Service
 
Falcon Invoice Discounting platform in india
Falcon Invoice Discounting platform in indiaFalcon Invoice Discounting platform in india
Falcon Invoice Discounting platform in india
 
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabiunwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
 
Falcon Invoice Discounting: The best investment platform in india for investors
Falcon Invoice Discounting: The best investment platform in india for investorsFalcon Invoice Discounting: The best investment platform in india for investors
Falcon Invoice Discounting: The best investment platform in india for investors
 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptx
 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
 
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
 
Marel Q1 2024 Investor Presentation from May 8, 2024
Marel Q1 2024 Investor Presentation from May 8, 2024Marel Q1 2024 Investor Presentation from May 8, 2024
Marel Q1 2024 Investor Presentation from May 8, 2024
 
Business Model Canvas (BMC)- A new venture concept
Business Model Canvas (BMC)- A new venture conceptBusiness Model Canvas (BMC)- A new venture concept
Business Model Canvas (BMC)- A new venture concept
 
Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...
Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...
Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...
 
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
 
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
 
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRLBAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
 
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
 

Use of the COBIT Security Baseline

  • 1. COBIT Barry Caplin Chief Information Security Officer Minnesota Department of Human Services Christopher Buse Information Technology Audit Manager Minnesota Office of the Legislative Auditor
  • 2.
  • 3.
  • 4. Information Security Governance Why Adopt a Framework?
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10. Information Security Governance Who needs Security Governance? We do!
  • 11.
  • 12. The 10000 Foot View Information Security Governance Hierarchy Information Lifecycle Management Compliance Information Policy Information Risk Management Information Security Governance Framework
  • 13. COBIT What’s it all About?
  • 14.
  • 15.
  • 16.
  • 17.
  • 18.
  • 19.
  • 20.
  • 21. Cost
  • 22.
  • 23. COBIT as an Audit Tool Use of the COBIT Framework in the Office of the Legislative Auditor
  • 24.
  • 25.
  • 26. COBIT as a Management Tool Use of the COBIT Security Baseline at the Department of Human Services
  • 27.
  • 28.
  • 29.
  • 30.
  • 31.
  • 32.
  • 33.
  • 34.
  • 35.
  • 36.
  • 37.
  • 38.
  • 39. Information Lifecycle Management *From http://www.cacr.math.uwaterloo.ca/conferences/2005/psw/gingras.ppt
  • 40.