The Codex of Business Writing Software for Real-World Solutions 2.pptx
Security architecture rajagiri talk march 2011
1. Security Architecture Prof. K Subramanian SM(IEEE, USA), SMACM(USA), FIETE, SMCSI,MAIMA,MAIS(USA),MCFE(USA) Director & Professor, Advanced Center for Informatics & Innovative Learning (ACIIL), IGNOU Honorary IT Adviser to CAG of India Ex-DDG(NIC), Ministry of Comm. & IT Emeritus President, eInformation Systems, Security, Audit Association(eISSA) President, Cyber Society of India(Cysi)
15. Assurance Stakeholders Stakeholders for business assurance Board of Directors Management Staff/Employees Organisation Customers Public Suppliers Enforcement & regulatory authorities Owner Creditors Shareholders Insurers Business partners
16.
17.
18. Operational Integration Professional Integration (HR) Emotional/Cultural Integration ICT & Government Business & Services Integration Multi Technology coexistence and seamless integration Information Assurance Quality, Currency, Customization/Personalization ICE is the sole integrator IT Governance is Important
22. Enabling to rapidly move up the Governance Evolution Staircase Strategy/Policy People Process Technology 3. Transaction Competition Confidentiality/privacy Fee for transaction E-authentication Self-services Skill set changes Portfolio mgmt. Sourcing Inc. business staff BPR Relationship mgmt. Online interfaces Channel mgmt. Legacy sys. links Security Information access 24x7 infrastructure Sourcing Funding stream allocations Agency identity “ Big Browser” Job structures Relocation/telecommuting Organization Performance accountability Multiple-programs skills Privacy reduces Integrated services Change value chain New processes/services Change relationships (G2G, G2B, G2C, G2E) New applications New data structures Time 2. Interaction Searchable Database Public response/ email Content mgmt. Increased support staff Governance Knowledge mgmt. E-mail best prac. Content mgmt. Metadata Data synch. Search engine E-mail 1. Presence Publish Existing Streamline processes Web site Markup Trigger 4. Transformation Cost/ Complexity Define policy and outsource execution Retain monitoring and control Outsource service delivery staff Outsource process execution staff Outsource customer facing processes Outsource backend processes Applications Infrastructure Value 5. Outsourcing Constituent Evolve PPP model
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33. Calder- Moir IT Governance Framework 3/7/2009 IMT Ghaziabad Lecture Prof. KS@2009 March 2009
34.
35. 5th December 2007 Cyber assurance for Financial services IT Services Objectives and Certification Framework 2(1)(zd)(d) 2(1)(zd)(b) 2(1)(zd)(a) 2(1)(zd)(c) Indian IT Act reference Reliability of information Compliance Availability Integrity Confidentiality Efficiency Effectiveness IT Act COBIT Control Theory Framework Attributes
36.
37. Importance of Group Standards -no one standard meets all requirements ISO 27001/BS7799 Vs COBIT Vs CMM & PCMM Vs ITIL Mission Business Objectives Business Risks Applicable Risks Internal Controls Review
44. 3/7/2009 IMT Ghaziabad Lecture Prof. KS@2009 March 2009 Assurance in the PPP Environment
45. THANK YOU For Interaction: Prof. K. Subramanian [email_address] [email_address] [email_address] Tele:011-29533068;23219857 Let us Assure Good Cyber Governance & Business Assurance in Cyber Era
Editor's Notes
Cyber Governance & AssuranceCyber Governance & Business Assurance may 14,20103/7/2009 Prof. KS@2010 U21G webminarProf. KS@2009 IMT Ghaziabad Lecture march 7 2009
CXOs & Business Assurance Focus Prof. K. Subramanian 22nd Feb 2006 Security to Assurance ISO 27001 Launch Delhi 04/11/09 Prof. KS@2009, IOD Lecture, March 22, 2009 esecurity Governance~Corporate Governance
Cyber Governance & AssuranceCyber Governance & Business Assurance may 14,20103/7/2009 Prof. KS@2010 U21G webminarProf. KS@2009 IMT Ghaziabad Lecture march 7 2009
CXOs & Business Assurance Focus Prof. K. Subramanian 22nd Feb 2006 Security to Assurance ISO 27001 Launch Delhi
Cyber Governance & AssuranceCyber Governance & Business Assurance may 14,20103/7/2009 Prof. KS@2010 U21G webminarProf. KS@2009 IMT Ghaziabad Lecture march 7 2009 Corporate Governance & Assurance 29th November 2007 Prof. K. Subramanian @October 2007
Cyber Governance & AssuranceCyber Governance & Business Assurance may 14,20103/7/2009 Prof. KS@2010 U21G webminarProf. KS@2009 IMT Ghaziabad Lecture march 7 2009
Cyber Governance & AssuranceCyber Governance & Business Assurance may 14,20103/7/2009 Prof. KS@2010 U21G webminarProf. KS@2009 IMT Ghaziabad Lecture march 7 2009
Cyber Governance & AssuranceCyber Governance & Business Assurance may 14,20103/7/2009 Prof. KS@2010 U21G webminarProf. KS@2009 IMT Ghaziabad Lecture march 7 2009
Cyber Governance & AssuranceCyber Governance & Business Assurance may 14,20103/7/2009 Prof. KS@2010 U21G webminarProf. KS@2009 IMT Ghaziabad Lecture march 7 2009
Cyber Governance & AssuranceCyber Governance & Business Assurance may 14,20103/7/2009 Prof. KS@2010 U21G webminarProf. KS@2009 IMT Ghaziabad Lecture march 7 2009 IT-Governanc e--> Corporate Governance 29th November 2005 Prof. K. Subramanian @2005 06/29/06 Prof. KS@may 2006--NPC Sikkim Program eGOV Project Management
Cyber Governance & AssuranceCyber Governance & Business Assurance may 14,20103/7/2009 Prof. KS@2010 U21G webminarProf. KS@2009 IMT Ghaziabad Lecture march 7 2009 IT-Governanc e--> Corporate Governance 29th November 2005 Prof. K. Subramanian @2005 06/29/06 Prof. KS@may 2006--NPC Sikkim Program eGOV Project Management
Cyber Governance & AssuranceCyber Governance & Business Assurance may 14,20103/7/2009 Prof. KS@2010 U21G webminarProf. KS@2009 IMT Ghaziabad Lecture march 7 2009 Corporate Goverance & Assurance 29th November 2007 Prof. K. Subramanian @October 2007
Cyber Governance & AssuranceCyber Governance & Business Assurance may 14,20103/7/2009 Prof. KS@2010 U21G webminarProf. KS@2009 IMT Ghaziabad Lecture march 7 2009 IT-Governanc e--> Corporate Governance 29th November 2005 Prof. K. Subramanian @2005
Cyber Governance & AssuranceCyber Governance & Business Assurance may 14,20103/7/2009 Prof. KS@2010 U21G webminarProf. KS@2009 IMT Ghaziabad Lecture march 7 2009 IT-Governanc e--> Corporate Governance 29th November 2005 Prof. K. Subramanian @2005
Cyber Governance & AssuranceCyber Governance & Business Assurance may 14,20103/7/2009 Prof. KS@2010 U21G webminarProf. KS@2009 IMT Ghaziabad Lecture march 7 2009 eGOV Project Governance Panel 08/04/11 Prof. KS@ sept 2007 ICISA New delhi
Cyber Governance & AssuranceCyber Governance & Business Assurance may 14,20103/7/2009 Prof. KS@2010 U21G webminarProf. KS@2009 IMT Ghaziabad Lecture march 7 2009
Cyber Governance & AssuranceCyber Governance & Business Assurance may 14,20103/7/2009 Prof. KS@2010 U21G webminarProf. KS@2009 IMT Ghaziabad Lecture march 7 2009
Cyber Governance & AssuranceCyber Governance & Business Assurance may 14,20103/7/2009 Prof. KS@2010 U21G webminarProf. KS@2009 IMT Ghaziabad Lecture march 7 2009
Cyber Governance & AssuranceCyber Governance & Business Assurance may 14,20103/7/2009 Prof. KS@2010 U21G webminarProf. KS@2009 IMT Ghaziabad Lecture march 7 2009 IT-Governanc e--> Corporate Governance 29th November 2005 Prof. K. Subramanian @2005
Cyber Governance & AssuranceCyber Governance & Business Assurance may 14,20103/7/2009 Prof. KS@2010 U21G webminarProf. KS@2009 IMT Ghaziabad Lecture march 7 2009
Cyber Governance & AssuranceCyber Governance & Business Assurance may 14,20103/7/2009 Prof. KS@2010 U21G webminarProf. KS@2009 IMT Ghaziabad Lecture march 7 2009
Cyber Governance & AssuranceCyber Governance & Business Assurance may 14,20103/7/2009 Prof. KS@2010 U21G webminarProf. KS@2009 IMT Ghaziabad Lecture march 7 2009
Cyber Governance & AssuranceCyber Governance & Business Assurance may 14,20103/7/2009 Prof. KS@2010 U21G webminarProf. KS@2009 IMT Ghaziabad Lecture march 7 2009
Cyber Governance & AssuranceCyber Governance & Business Assurance may 14,20103/7/2009 Prof. KS@2010 U21G webminarProf. KS@2009 IMT Ghaziabad Lecture march 7 2009
Cyber Governance & AssuranceCyber Governance & Business Assurance may 14,20103/7/2009 Prof. KS@2010 U21G webminarProf. KS@2009 IMT Ghaziabad Lecture march 7 2009 By defining the scope of the threat one can identify the various attacks that can happen such as vulnerability exploitation, privilege abuse, social engineering, reaching for a jewel, etc.
Cyber Governance & AssuranceCyber Governance & Business Assurance may 14,20103/7/2009 Prof. KS@2010 U21G webminarProf. KS@2009 IMT Ghaziabad Lecture march 7 2009 Cybr assurance-Tne need for Technologists & Business of 'morrow 27/11/2007 Prof. KS SUNY BUF Lecture 27th November 2007
Cyber Governance & AssuranceCyber Governance & Business Assurance may 14,20103/7/2009 Prof. KS@2010 U21G webminarProf. KS@2009 IMT Ghaziabad Lecture march 7 2009 Cybr assurance-Tne need for Technologists & Business of 'morrow 27/11/2007 Prof. KS SUNY BUF Lecture 27th November 2007
eGOV Project Governance Panel 08/04/11 Prof. KS@ sept 2007 ICISA New delhi
Cyber Governance & AssuranceCyber Governance & Business Assurance may 14,20103/7/2009 Prof. KS@2010 U21G webminarProf. KS@2009 IMT Ghaziabad Lecture march 7 2009 Cybr assurance-Tne need for Technologists & Business of 'morrow 27/11/2007 Prof. KS SUNY BUF Lecture 27th November 2007
Cyber Governance & AssuranceCyber Governance & Business Assurance may 14,20103/7/2009 Prof. KS@2010 U21G webminarProf. KS@2009 IMT Ghaziabad Lecture march 7 2009 Cybr assurance-Tne need for Technologists & Business of 'morrow 27/11/2007 Prof. KS SUNY BUF Lecture 27th November 2007
Cyber Governance & AssuranceCyber Governance & Business Assurance may 14,20103/7/2009 Prof. KS@2010 U21G webminarProf. KS@2009 IMT Ghaziabad Lecture march 7 2009 Cybr assurance-Tne need for Technologists & Business of 'morrow 27/11/2007 Prof. KS SUNY BUF Lecture 27th November 2007 The development was guided by the Software Engineering Institute’s efforts in the late 80’s in building maturity models for software development. By using such a scale, an organization can determine where it is, define where it wants to go and, if it identifies a gap, it can do an analysis to translate the findings into projects. Reference points can be added to the scale. Comparisons can be performed with what others are doing, if that data is available, and the organization can determine where emerging international standards and industry best practices are pointing for the effective management of security and control.
Cyber Governance & AssuranceCyber Governance & Business Assurance may 14,20103/7/2009 Prof. KS@2010 U21G webminarProf. KS@2009 IMT Ghaziabad Lecture march 7 2009
Cybr assurance-Tne need for Technologists & Business of 'morrow 27/11/2007 Prof. KS SUNY BUF Lecture 27th November 2007
Cyber Governance & AssuranceCyber Governance & Business Assurance may 14,20103/7/2009 Prof. KS@2010 U21G webminarProf. KS@2009 IMT Ghaziabad Lecture march 7 2009 Cybr assurance-Tne need for Technologists & Business of 'morrow 27/11/2007 Prof. KS SUNY BUF Lecture 27th November 2007