SlideShare a Scribd company logo
I.T. GOVERNANCE
CobiT 4.1
OPERATIONS
(CUSTOMER SERVICE, ECT)
GOVERNANCE & COMPLIANCE TOPOLOGY
Information Systems & Security Management
COMPLIANCE OBLIGATIONS
(PCI-DSS, HIPAA, FISMA, SOX)
MARKET GOALS & OBJECTIVES
(GROWTH)
Monitor and
Evaluate
Acquire and
Implement
Plan and
Organize
Deliver and
Support
ISO:IEC 27001:2005
Information Security Management Standard
NIST
(Security Standards)
ANNEX A
11 Control Groups
(ISO/IEC 27002)
4 Information security management system
5 Management responsibility
6 Internal ISMS audits
7 Management review of the ISMS
8 ISMS Improvement
5 Information Security Requirements
CIS
(Center of Internet Security)
Authored by; Jason P. Rusch - CISSP, CISM, CISA | www.infosec-rusch.com | jason@infosec-rusch.com
PO1 Define Strategic IT Direction
PO2 Define the Information Architecture
PO3 Determine Technological Direction
PO4 Define the IT Processes/Org.
PO5 Manage the IT Investment
PO6 Communicate Mgt. Direction
PO7 Manage IT Human Resources
PO8 Manage Quality
PO9 Assess and Manage IT Risks
PO10 Manage Projects
DS1 Define/Manage Service Levels
DS2 Manage Third-party Services
DS3 Manage Performance/Capacity
DS4 Ensure Continuous Service
DS5 Ensure Systems Security
DS6 Identify/Allocate Costs
DS7 Educate and Train Users
DS8 Manage Service Incidents
DS9 Manage the Configuration
DS10 Manage Problems
DS11 Manage Data
DS12 Manage Physical Environment
DS13 Manage Operations
ME1 Mon./Evaluate IT Processes
ME2 Mon./Evaluate Internal Control
ME3 Regulatory Compliance
ME4 Provide IT Governance
AI1 Identify Automated Solutions
AI2 Acquire/Maintain App. Soft.
AI3 Acquire/Maintain Infrastruct
AI4 Enable Operation and Use
AI5 Procure IT Resources
AI6 Manage Changes
AI7 Install/Accredit Solutions

More Related Content

Similar to Cobit & ISO 27002 Governance Topology

Iso27001- Nashwan Mustafa
Iso27001- Nashwan MustafaIso27001- Nashwan Mustafa
Iso27001- Nashwan Mustafa
Fahmi Albaheth
 
Sarwono sutikno forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...
Sarwono sutikno   forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...Sarwono sutikno   forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...
Sarwono sutikno forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Isms awareness presentation
Isms awareness presentationIsms awareness presentation
Isms awareness presentation
Pranay Kumar
 
PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...
PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...
PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...
PECB
 
ISO_ 27001:2022 Controls & Clauses.pptx
ISO_ 27001:2022 Controls & Clauses.pptxISO_ 27001:2022 Controls & Clauses.pptx
ISO_ 27001:2022 Controls & Clauses.pptx
foram74
 
Valuendo cyberwar and security (jan 2012) handout
Valuendo cyberwar and security (jan 2012) handoutValuendo cyberwar and security (jan 2012) handout
Valuendo cyberwar and security (jan 2012) handout
Marc Vael
 
Tatakelola Teknologi Informasi
Tatakelola Teknologi InformasiTatakelola Teknologi Informasi
Tatakelola Teknologi Informasi
Cahyo Darujati
 
PECB Webinar: The alignment of Information Security in Service Management
PECB Webinar: The alignment of Information Security in Service ManagementPECB Webinar: The alignment of Information Security in Service Management
PECB Webinar: The alignment of Information Security in Service Management
PECB
 
mm CGEIT Best Practices and Concepts
mm CGEIT Best Practices and Conceptsmm CGEIT Best Practices and Concepts
mm CGEIT Best Practices and Concepts
Andrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
we45 ISO-27001 Case Study
we45 ISO-27001 Case Studywe45 ISO-27001 Case Study
we45 ISO-27001 Case Study
we45
 
ISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process Overview
Shankar Subramaniyan
 
Cybersecurity Frameworks for DMZCON23 230905.pdf
Cybersecurity Frameworks for DMZCON23 230905.pdfCybersecurity Frameworks for DMZCON23 230905.pdf
Cybersecurity Frameworks for DMZCON23 230905.pdf
Andrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
Chapter 10 security standart
Chapter 10 security standartChapter 10 security standart
Chapter 10 security standart
newbie2019
 
I Syed, Sr. Consultant - Enterprise Information Security Governance, Risk, Co...
I Syed, Sr. Consultant - Enterprise Information Security Governance, Risk, Co...I Syed, Sr. Consultant - Enterprise Information Security Governance, Risk, Co...
I Syed, Sr. Consultant - Enterprise Information Security Governance, Risk, Co...
IftikharUddin Syed CRISC, EHCE, ITIL, M.S. IT Security
 
Compliance Framework
Compliance FrameworkCompliance Framework
Compliance Framework
barnetdh
 
SecureAware® - Automated Risk and Compliance Solution
SecureAware® - Automated Risk and Compliance SolutionSecureAware® - Automated Risk and Compliance Solution
SecureAware® - Automated Risk and Compliance Solution
GBBLUME
 
Sudarsan Jayaraman - Open information security management maturity model
Sudarsan Jayaraman  - Open information security management maturity modelSudarsan Jayaraman  - Open information security management maturity model
Sudarsan Jayaraman - Open information security management maturity model
nooralmousa
 
ISO 27001
ISO 27001ISO 27001
ISMS Part I
ISMS Part IISMS Part I
ISMS Part I
khushboo
 
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to KnowCMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
PECB
 

Similar to Cobit & ISO 27002 Governance Topology (20)

Iso27001- Nashwan Mustafa
Iso27001- Nashwan MustafaIso27001- Nashwan Mustafa
Iso27001- Nashwan Mustafa
 
Sarwono sutikno forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...
Sarwono sutikno   forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...Sarwono sutikno   forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...
Sarwono sutikno forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...
 
Isms awareness presentation
Isms awareness presentationIsms awareness presentation
Isms awareness presentation
 
PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...
PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...
PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...
 
ISO_ 27001:2022 Controls & Clauses.pptx
ISO_ 27001:2022 Controls & Clauses.pptxISO_ 27001:2022 Controls & Clauses.pptx
ISO_ 27001:2022 Controls & Clauses.pptx
 
Valuendo cyberwar and security (jan 2012) handout
Valuendo cyberwar and security (jan 2012) handoutValuendo cyberwar and security (jan 2012) handout
Valuendo cyberwar and security (jan 2012) handout
 
Tatakelola Teknologi Informasi
Tatakelola Teknologi InformasiTatakelola Teknologi Informasi
Tatakelola Teknologi Informasi
 
PECB Webinar: The alignment of Information Security in Service Management
PECB Webinar: The alignment of Information Security in Service ManagementPECB Webinar: The alignment of Information Security in Service Management
PECB Webinar: The alignment of Information Security in Service Management
 
mm CGEIT Best Practices and Concepts
mm CGEIT Best Practices and Conceptsmm CGEIT Best Practices and Concepts
mm CGEIT Best Practices and Concepts
 
we45 ISO-27001 Case Study
we45 ISO-27001 Case Studywe45 ISO-27001 Case Study
we45 ISO-27001 Case Study
 
ISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process Overview
 
Cybersecurity Frameworks for DMZCON23 230905.pdf
Cybersecurity Frameworks for DMZCON23 230905.pdfCybersecurity Frameworks for DMZCON23 230905.pdf
Cybersecurity Frameworks for DMZCON23 230905.pdf
 
Chapter 10 security standart
Chapter 10 security standartChapter 10 security standart
Chapter 10 security standart
 
I Syed, Sr. Consultant - Enterprise Information Security Governance, Risk, Co...
I Syed, Sr. Consultant - Enterprise Information Security Governance, Risk, Co...I Syed, Sr. Consultant - Enterprise Information Security Governance, Risk, Co...
I Syed, Sr. Consultant - Enterprise Information Security Governance, Risk, Co...
 
Compliance Framework
Compliance FrameworkCompliance Framework
Compliance Framework
 
SecureAware® - Automated Risk and Compliance Solution
SecureAware® - Automated Risk and Compliance SolutionSecureAware® - Automated Risk and Compliance Solution
SecureAware® - Automated Risk and Compliance Solution
 
Sudarsan Jayaraman - Open information security management maturity model
Sudarsan Jayaraman  - Open information security management maturity modelSudarsan Jayaraman  - Open information security management maturity model
Sudarsan Jayaraman - Open information security management maturity model
 
ISO 27001
ISO 27001ISO 27001
ISO 27001
 
ISMS Part I
ISMS Part IISMS Part I
ISMS Part I
 
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to KnowCMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
 

More from Jason Rusch - CISSP CGEIT CISM CISA GNSA

NIST sp800 53-v4 Topology
NIST sp800 53-v4 TopologyNIST sp800 53-v4 Topology
NIST sp800 53-v4 Topology
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
CSA v4 Topology
CSA v4 TopologyCSA v4 Topology
ISO.IEC 27001 27002-2013
ISO.IEC 27001 27002-2013ISO.IEC 27001 27002-2013
ISO.IEC 27000 Series Map
ISO.IEC 27000 Series MapISO.IEC 27000 Series Map
Cobit v5 High Level Controls Topology
Cobit v5 High Level Controls TopologyCobit v5 High Level Controls Topology
Cobit v5 High Level Controls Topology
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
GLBA Topology
GLBA TopologyGLBA Topology
HIPAA Topology
HIPAA TopologyHIPAA Topology
ISO.IEC_27001-27002-2013 Topology
ISO.IEC_27001-27002-2013 TopologyISO.IEC_27001-27002-2013 Topology
ISO.IEC_27001-27002-2013 Topology
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
PCI-DSS DESV Topology
PCI-DSS DESV TopologyPCI-DSS DESV Topology
DATA PROTECTION LAWS OF THE WORLD
DATA PROTECTION LAWS OF THE WORLDDATA PROTECTION LAWS OF THE WORLD
DATA PROTECTION LAWS OF THE WORLD
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
Common Security Framework Summary
Common Security Framework SummaryCommon Security Framework Summary
Common Security Framework Summary
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
Information_Governance_Risk_Compliance_Frameworks (v5)
Information_Governance_Risk_Compliance_Frameworks (v5)Information_Governance_Risk_Compliance_Frameworks (v5)
Information_Governance_Risk_Compliance_Frameworks (v5)
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
SOX Titles Topology
SOX Titles TopologySOX Titles Topology
ITIL v3 Topology
ITIL v3 TopologyITIL v3 Topology
HITRUST CSF Topology
HITRUST CSF TopologyHITRUST CSF Topology
HIPAA Topology
HIPAA TopologyHIPAA Topology
GLBA Topology
GLBA TopologyGLBA Topology
COSO ERM Topology
COSO ERM TopologyCOSO ERM Topology
Octave Topology
Octave TopologyOctave Topology
FFIEC I.T. Booklets Topology
FFIEC I.T. Booklets TopologyFFIEC I.T. Booklets Topology
FFIEC I.T. Booklets Topology
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 

More from Jason Rusch - CISSP CGEIT CISM CISA GNSA (20)

NIST sp800 53-v4 Topology
NIST sp800 53-v4 TopologyNIST sp800 53-v4 Topology
NIST sp800 53-v4 Topology
 
CSA v4 Topology
CSA v4 TopologyCSA v4 Topology
CSA v4 Topology
 
ISO.IEC 27001 27002-2013
ISO.IEC 27001 27002-2013ISO.IEC 27001 27002-2013
ISO.IEC 27001 27002-2013
 
ISO.IEC 27000 Series Map
ISO.IEC 27000 Series MapISO.IEC 27000 Series Map
ISO.IEC 27000 Series Map
 
Cobit v5 High Level Controls Topology
Cobit v5 High Level Controls TopologyCobit v5 High Level Controls Topology
Cobit v5 High Level Controls Topology
 
GLBA Topology
GLBA TopologyGLBA Topology
GLBA Topology
 
HIPAA Topology
HIPAA TopologyHIPAA Topology
HIPAA Topology
 
ISO.IEC_27001-27002-2013 Topology
ISO.IEC_27001-27002-2013 TopologyISO.IEC_27001-27002-2013 Topology
ISO.IEC_27001-27002-2013 Topology
 
PCI-DSS DESV Topology
PCI-DSS DESV TopologyPCI-DSS DESV Topology
PCI-DSS DESV Topology
 
DATA PROTECTION LAWS OF THE WORLD
DATA PROTECTION LAWS OF THE WORLDDATA PROTECTION LAWS OF THE WORLD
DATA PROTECTION LAWS OF THE WORLD
 
Common Security Framework Summary
Common Security Framework SummaryCommon Security Framework Summary
Common Security Framework Summary
 
Information_Governance_Risk_Compliance_Frameworks (v5)
Information_Governance_Risk_Compliance_Frameworks (v5)Information_Governance_Risk_Compliance_Frameworks (v5)
Information_Governance_Risk_Compliance_Frameworks (v5)
 
SOX Titles Topology
SOX Titles TopologySOX Titles Topology
SOX Titles Topology
 
ITIL v3 Topology
ITIL v3 TopologyITIL v3 Topology
ITIL v3 Topology
 
HITRUST CSF Topology
HITRUST CSF TopologyHITRUST CSF Topology
HITRUST CSF Topology
 
HIPAA Topology
HIPAA TopologyHIPAA Topology
HIPAA Topology
 
GLBA Topology
GLBA TopologyGLBA Topology
GLBA Topology
 
COSO ERM Topology
COSO ERM TopologyCOSO ERM Topology
COSO ERM Topology
 
Octave Topology
Octave TopologyOctave Topology
Octave Topology
 
FFIEC I.T. Booklets Topology
FFIEC I.T. Booklets TopologyFFIEC I.T. Booklets Topology
FFIEC I.T. Booklets Topology
 

Recently uploaded

Business storytelling: key ingredients to a story
Business storytelling: key ingredients to a storyBusiness storytelling: key ingredients to a story
Business storytelling: key ingredients to a story
Alexandra Fulford
 
Taurus Zodiac Sign: Unveiling the Traits, Dates, and Horoscope Insights of th...
Taurus Zodiac Sign: Unveiling the Traits, Dates, and Horoscope Insights of th...Taurus Zodiac Sign: Unveiling the Traits, Dates, and Horoscope Insights of th...
Taurus Zodiac Sign: Unveiling the Traits, Dates, and Horoscope Insights of th...
my Pandit
 
The Most Inspiring Entrepreneurs to Follow in 2024.pdf
The Most Inspiring Entrepreneurs to Follow in 2024.pdfThe Most Inspiring Entrepreneurs to Follow in 2024.pdf
The Most Inspiring Entrepreneurs to Follow in 2024.pdf
thesiliconleaders
 
The latest Heat Pump Manual from Newentide
The latest Heat Pump Manual from NewentideThe latest Heat Pump Manual from Newentide
The latest Heat Pump Manual from Newentide
JoeYangGreatMachiner
 
Dpboss Matka Guessing Satta Matta Matka Kalyan Chart Indian Matka
Dpboss Matka Guessing Satta Matta Matka Kalyan Chart Indian MatkaDpboss Matka Guessing Satta Matta Matka Kalyan Chart Indian Matka
Dpboss Matka Guessing Satta Matta Matka Kalyan Chart Indian Matka
➒➌➎➏➑➐➋➑➐➐Dpboss Matka Guessing Satta Matka Kalyan Chart Indian Matka
 
一比一原版新西兰奥塔哥大学毕业证(otago毕业证)如何办理
一比一原版新西兰奥塔哥大学毕业证(otago毕业证)如何办理一比一原版新西兰奥塔哥大学毕业证(otago毕业证)如何办理
一比一原版新西兰奥塔哥大学毕业证(otago毕业证)如何办理
taqyea
 
GKohler - Retail Scavenger Hunt Presentation
GKohler - Retail Scavenger Hunt PresentationGKohler - Retail Scavenger Hunt Presentation
GKohler - Retail Scavenger Hunt Presentation
GraceKohler1
 
Digital Marketing with a Focus on Sustainability
Digital Marketing with a Focus on SustainabilityDigital Marketing with a Focus on Sustainability
Digital Marketing with a Focus on Sustainability
sssourabhsharma
 
How MJ Global Leads the Packaging Industry.pdf
How MJ Global Leads the Packaging Industry.pdfHow MJ Global Leads the Packaging Industry.pdf
How MJ Global Leads the Packaging Industry.pdf
MJ Global
 
Digital Transformation Frameworks: Driving Digital Excellence
Digital Transformation Frameworks: Driving Digital ExcellenceDigital Transformation Frameworks: Driving Digital Excellence
Digital Transformation Frameworks: Driving Digital Excellence
Operational Excellence Consulting
 
Pitch Deck Teardown: Kinnect's $250k Angel deck
Pitch Deck Teardown: Kinnect's $250k Angel deckPitch Deck Teardown: Kinnect's $250k Angel deck
Pitch Deck Teardown: Kinnect's $250k Angel deck
HajeJanKamps
 
Top mailing list providers in the USA.pptx
Top mailing list providers in the USA.pptxTop mailing list providers in the USA.pptx
Top mailing list providers in the USA.pptx
JeremyPeirce1
 
Innovation Management Frameworks: Your Guide to Creativity & Innovation
Innovation Management Frameworks: Your Guide to Creativity & InnovationInnovation Management Frameworks: Your Guide to Creativity & Innovation
Innovation Management Frameworks: Your Guide to Creativity & Innovation
Operational Excellence Consulting
 
NIMA2024 | De toegevoegde waarde van DEI en ESG in campagnes | Nathalie Lam |...
NIMA2024 | De toegevoegde waarde van DEI en ESG in campagnes | Nathalie Lam |...NIMA2024 | De toegevoegde waarde van DEI en ESG in campagnes | Nathalie Lam |...
NIMA2024 | De toegevoegde waarde van DEI en ESG in campagnes | Nathalie Lam |...
BBPMedia1
 
Call8328958814 satta matka Kalyan result satta guessing
Call8328958814 satta matka Kalyan result satta guessingCall8328958814 satta matka Kalyan result satta guessing
Call8328958814 satta matka Kalyan result satta guessing
➑➌➋➑➒➎➑➑➊➍
 
The Steadfast and Reliable Bull: Taurus Zodiac Sign
The Steadfast and Reliable Bull: Taurus Zodiac SignThe Steadfast and Reliable Bull: Taurus Zodiac Sign
The Steadfast and Reliable Bull: Taurus Zodiac Sign
my Pandit
 
Best Competitive Marble Pricing in Dubai - ☎ 9928909666
Best Competitive Marble Pricing in Dubai - ☎ 9928909666Best Competitive Marble Pricing in Dubai - ☎ 9928909666
Best Competitive Marble Pricing in Dubai - ☎ 9928909666
Stone Art Hub
 
Industrial Tech SW: Category Renewal and Creation
Industrial Tech SW:  Category Renewal and CreationIndustrial Tech SW:  Category Renewal and Creation
Industrial Tech SW: Category Renewal and Creation
Christian Dahlen
 
Dpboss Matka Guessing Satta Matta Matka Kalyan Chart Satta Matka
Dpboss Matka Guessing Satta Matta Matka Kalyan Chart Satta MatkaDpboss Matka Guessing Satta Matta Matka Kalyan Chart Satta Matka
Dpboss Matka Guessing Satta Matta Matka Kalyan Chart Satta Matka
➒➌➎➏➑➐➋➑➐➐Dpboss Matka Guessing Satta Matka Kalyan Chart Indian Matka
 
Part 2 Deep Dive: Navigating the 2024 Slowdown
Part 2 Deep Dive: Navigating the 2024 SlowdownPart 2 Deep Dive: Navigating the 2024 Slowdown
Part 2 Deep Dive: Navigating the 2024 Slowdown
jeffkluth1
 

Recently uploaded (20)

Business storytelling: key ingredients to a story
Business storytelling: key ingredients to a storyBusiness storytelling: key ingredients to a story
Business storytelling: key ingredients to a story
 
Taurus Zodiac Sign: Unveiling the Traits, Dates, and Horoscope Insights of th...
Taurus Zodiac Sign: Unveiling the Traits, Dates, and Horoscope Insights of th...Taurus Zodiac Sign: Unveiling the Traits, Dates, and Horoscope Insights of th...
Taurus Zodiac Sign: Unveiling the Traits, Dates, and Horoscope Insights of th...
 
The Most Inspiring Entrepreneurs to Follow in 2024.pdf
The Most Inspiring Entrepreneurs to Follow in 2024.pdfThe Most Inspiring Entrepreneurs to Follow in 2024.pdf
The Most Inspiring Entrepreneurs to Follow in 2024.pdf
 
The latest Heat Pump Manual from Newentide
The latest Heat Pump Manual from NewentideThe latest Heat Pump Manual from Newentide
The latest Heat Pump Manual from Newentide
 
Dpboss Matka Guessing Satta Matta Matka Kalyan Chart Indian Matka
Dpboss Matka Guessing Satta Matta Matka Kalyan Chart Indian MatkaDpboss Matka Guessing Satta Matta Matka Kalyan Chart Indian Matka
Dpboss Matka Guessing Satta Matta Matka Kalyan Chart Indian Matka
 
一比一原版新西兰奥塔哥大学毕业证(otago毕业证)如何办理
一比一原版新西兰奥塔哥大学毕业证(otago毕业证)如何办理一比一原版新西兰奥塔哥大学毕业证(otago毕业证)如何办理
一比一原版新西兰奥塔哥大学毕业证(otago毕业证)如何办理
 
GKohler - Retail Scavenger Hunt Presentation
GKohler - Retail Scavenger Hunt PresentationGKohler - Retail Scavenger Hunt Presentation
GKohler - Retail Scavenger Hunt Presentation
 
Digital Marketing with a Focus on Sustainability
Digital Marketing with a Focus on SustainabilityDigital Marketing with a Focus on Sustainability
Digital Marketing with a Focus on Sustainability
 
How MJ Global Leads the Packaging Industry.pdf
How MJ Global Leads the Packaging Industry.pdfHow MJ Global Leads the Packaging Industry.pdf
How MJ Global Leads the Packaging Industry.pdf
 
Digital Transformation Frameworks: Driving Digital Excellence
Digital Transformation Frameworks: Driving Digital ExcellenceDigital Transformation Frameworks: Driving Digital Excellence
Digital Transformation Frameworks: Driving Digital Excellence
 
Pitch Deck Teardown: Kinnect's $250k Angel deck
Pitch Deck Teardown: Kinnect's $250k Angel deckPitch Deck Teardown: Kinnect's $250k Angel deck
Pitch Deck Teardown: Kinnect's $250k Angel deck
 
Top mailing list providers in the USA.pptx
Top mailing list providers in the USA.pptxTop mailing list providers in the USA.pptx
Top mailing list providers in the USA.pptx
 
Innovation Management Frameworks: Your Guide to Creativity & Innovation
Innovation Management Frameworks: Your Guide to Creativity & InnovationInnovation Management Frameworks: Your Guide to Creativity & Innovation
Innovation Management Frameworks: Your Guide to Creativity & Innovation
 
NIMA2024 | De toegevoegde waarde van DEI en ESG in campagnes | Nathalie Lam |...
NIMA2024 | De toegevoegde waarde van DEI en ESG in campagnes | Nathalie Lam |...NIMA2024 | De toegevoegde waarde van DEI en ESG in campagnes | Nathalie Lam |...
NIMA2024 | De toegevoegde waarde van DEI en ESG in campagnes | Nathalie Lam |...
 
Call8328958814 satta matka Kalyan result satta guessing
Call8328958814 satta matka Kalyan result satta guessingCall8328958814 satta matka Kalyan result satta guessing
Call8328958814 satta matka Kalyan result satta guessing
 
The Steadfast and Reliable Bull: Taurus Zodiac Sign
The Steadfast and Reliable Bull: Taurus Zodiac SignThe Steadfast and Reliable Bull: Taurus Zodiac Sign
The Steadfast and Reliable Bull: Taurus Zodiac Sign
 
Best Competitive Marble Pricing in Dubai - ☎ 9928909666
Best Competitive Marble Pricing in Dubai - ☎ 9928909666Best Competitive Marble Pricing in Dubai - ☎ 9928909666
Best Competitive Marble Pricing in Dubai - ☎ 9928909666
 
Industrial Tech SW: Category Renewal and Creation
Industrial Tech SW:  Category Renewal and CreationIndustrial Tech SW:  Category Renewal and Creation
Industrial Tech SW: Category Renewal and Creation
 
Dpboss Matka Guessing Satta Matta Matka Kalyan Chart Satta Matka
Dpboss Matka Guessing Satta Matta Matka Kalyan Chart Satta MatkaDpboss Matka Guessing Satta Matta Matka Kalyan Chart Satta Matka
Dpboss Matka Guessing Satta Matta Matka Kalyan Chart Satta Matka
 
Part 2 Deep Dive: Navigating the 2024 Slowdown
Part 2 Deep Dive: Navigating the 2024 SlowdownPart 2 Deep Dive: Navigating the 2024 Slowdown
Part 2 Deep Dive: Navigating the 2024 Slowdown
 

Cobit & ISO 27002 Governance Topology

  • 1. I.T. GOVERNANCE CobiT 4.1 OPERATIONS (CUSTOMER SERVICE, ECT) GOVERNANCE & COMPLIANCE TOPOLOGY Information Systems & Security Management COMPLIANCE OBLIGATIONS (PCI-DSS, HIPAA, FISMA, SOX) MARKET GOALS & OBJECTIVES (GROWTH) Monitor and Evaluate Acquire and Implement Plan and Organize Deliver and Support ISO:IEC 27001:2005 Information Security Management Standard NIST (Security Standards) ANNEX A 11 Control Groups (ISO/IEC 27002) 4 Information security management system 5 Management responsibility 6 Internal ISMS audits 7 Management review of the ISMS 8 ISMS Improvement 5 Information Security Requirements CIS (Center of Internet Security) Authored by; Jason P. Rusch - CISSP, CISM, CISA | www.infosec-rusch.com | jason@infosec-rusch.com PO1 Define Strategic IT Direction PO2 Define the Information Architecture PO3 Determine Technological Direction PO4 Define the IT Processes/Org. PO5 Manage the IT Investment PO6 Communicate Mgt. Direction PO7 Manage IT Human Resources PO8 Manage Quality PO9 Assess and Manage IT Risks PO10 Manage Projects DS1 Define/Manage Service Levels DS2 Manage Third-party Services DS3 Manage Performance/Capacity DS4 Ensure Continuous Service DS5 Ensure Systems Security DS6 Identify/Allocate Costs DS7 Educate and Train Users DS8 Manage Service Incidents DS9 Manage the Configuration DS10 Manage Problems DS11 Manage Data DS12 Manage Physical Environment DS13 Manage Operations ME1 Mon./Evaluate IT Processes ME2 Mon./Evaluate Internal Control ME3 Regulatory Compliance ME4 Provide IT Governance AI1 Identify Automated Solutions AI2 Acquire/Maintain App. Soft. AI3 Acquire/Maintain Infrastruct AI4 Enable Operation and Use AI5 Procure IT Resources AI6 Manage Changes AI7 Install/Accredit Solutions