San Francisco Isaca Fall Security Conference G32 A Modest Via Cobi T Proposal 4.2

•Download as PPT, PDF•

2 likes•197 views

The document maps the control objectives of ITIL V3, ISO/IEC 27002, and CobiT 4.1 frameworks across each process area. It provides mappings for four process areas: Acquire and Implement (AI), Deliver and Support (DS), Monitor and Evaluate (ME), and Plan and Organize (PO). For each process area, it lists the relevant control objectives from each framework and the associated section numbers to show how they correspond to one another. It concludes by thanking the audience and providing contact information for the author.

G32
The Changing Influences of Social
Media, WikiLeaks and Whistleblowers
A Modest Proposal: The Future of IT Auditing
by
Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives
• AI (Acquire & Implement)
• 1, 2, 3 & 4 --- 6 & 7
• DS (Deliver & Support)
• 3, 4, & 5 --- 8, 9, 10, 11, 12 & 13
• ME (Monitor & Evaluate)
• 1&2
• PO (Plan & Organize)
• 1, 2, & 3 --- 5 & 6 --- 8, 9, & 10

2

Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control
Objectives: Acquire and Implement (AI)

3

Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control
Objectives: Acquire and Implement (AI)

4

Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control
Objectives: Acquire and Implement (AI)

5

Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control
Objectives: Acquire and Implement (AI)

6

Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control
Objectives: Acquire and Implement (AI)

7

Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control
Objectives: Acquire and Implement (AI)

8

Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control
Objectives: Acquire and Implement (AI)

9

Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control
Objectives: Acquire and Implement (AI)

10

Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control
Objectives: Acquire and Implement (AI)

11

Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control
Objectives: Acquire and Implement (AI)

12

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Deliver and Support (DS)

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Deliver and Support (DS)

16

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Deliver and Support (DS)

17

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Deliver and Support (DS)

18

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Deliver and Support (DS)

19

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Deliver and Support (DS)

20

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Deliver and Support (DS)

21

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Deliver and Support (DS)

22

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Deliver and Support (DS)

23

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Deliver and Support (DS)

24

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Deliver and Support (DS)

25

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Deliver and Support (DS)

26

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Deliver and Support (DS)

27

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Deliver and Support (DS)

28

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Deliver and Support (DS)

29

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Deliver and Support (DS)

30

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Deliver and Support (DS)

31

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Deliver and Support (DS)

32

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Deliver and Support (DS)

33

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Monitor and Evaluate (ME)

34

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Monitor and Evaluate (ME)

35

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Monitor and Evaluate (ME)

36

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Monitor and Evaluate (ME)

37

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Monitor and Evaluate (ME)

38

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Plan & Organize (PO)

39

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Plan & Organize (PO)

40

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Plan & Organize (PO)

41

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Plan & Organize (PO)

42

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Plan & Organize (PO)

43

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Plan & Organize (PO)

44

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Plan & Organize (PO)

45

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Plan & Organize (PO)

46

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Plan & Organize (PO)

47

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Plan & Organize (PO)

48

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Plan & Organize (PO)

49

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Plan & Organize (PO)

50

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Plan & Organize (PO)

51

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Plan & Organize (PO)

52

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Plan & Organize (PO)

53

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Plan & Organize (PO)

54

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Plan & Organize (PO)

55

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Plan & Organize (PO)

56

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Plan & Organize (PO)

57

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Plan & Organize (PO)

58

Summary, Conclusions & Questions

Thank you all for your courteous time and attention today:

• Please Note: We’ll be open to and available for discussing any & all areas
addressed during this presentation.

Respectfully yours,

Pw Carey
Consultant CISA-CISSP
Compliance Partners, LLC
1250 Grove Avenue, Suite 200
Barrington, IL 60010
pwc.pwcarey@gmail.com/
pwcarey@complysys.com
650-278-3731 or 224-633-1378
Fax: 847-381-2067

59

Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives References
1. Aligning Cob iT® 4.1, ITIL® V3 and ISO/IEC 27002 for Business Benefit ® A Management Briefing From
ITGI and OGC

Reservation of Rights
© 2008 ITGI. All rights reserved. No part of this publication may be used, copied, reproduced, modified,
distributed, displayed, stored in a retrieval system, or transmitted in any form by any means (electronic,
mechanical, photocopying, recording or otherwise), without the prior written authorisation of ITGI.

Reproduction and use of all or portions of this publication are solely permitted for academic, internal and non-
commercial use and for consulting/advisory engagements, and must include full attribution of the material’s
source. No other right or permission is granted with respect to this work.

© Crown Copyright material 2008, published in conjunction with the Office of Government Commerce, is
reproduced with the permission of the controller of HMSO and Queen’s Printer for Scotland.

ISACA and ITGI are registered trademarks of ISACA. Co b i T® is a registered trademark of ISACA and ITGI.
ITIL® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other
countries. IT Infrastructure Library® is a Registered Trade Mark of the Office of Government Commerce in
the United Kingdom and other countries.

Copies of ISO/IEC 27002:2005 and all ISO standards can be purchased from the American National Standards
Institute (ANSI) at http://webstore.ansi.org, phone: +1.212.642.4980; BSI in the UK (www.bsi-
global.com/shop.html); and ISO (www.iso.org/iso/store.htm).

60

This document discusses the changing influences of social media, WikiLeaks, and whistleblowers on the future of IT auditing. It covers topics such as the impact of social media protests like BART, WikiLeaks' role in exposing government and corporate secrets, the emergence of whistleblowing sites like OpenLeaks, and hacktivist groups like Anonymous and LulzSec. It also addresses growth in whistleblowers reporting financial and tax fraud, and challenges facing auditors in detecting abuse and fraud by top executives.

C24 Fraud In The Workplace 3 Mock Trials)[1]

Pw Carey

The document summarizes key aspects of Eli Lilly's audit committee charter and compliance program for monitoring sales and marketing activities. It notes that Lilly conducts risk-based monitoring and auditing of sales and marketing functions. However, a prosecution witness alleges that Lilly salespeople used tactics like planted questions at physician events to promote off-label uses of the drug Zyprexa, despite risks of weight gain.

San Francisco Isaca 2010 Fall Security Conference C24 Fraud In The Workplac...

Pw Carey

1) The document discusses Cressey's Fraud Triad which outlines the three factors that commonly lead to fraud: perceived unshareable financial need, perceived opportunity, and rationalization. 2) It provides an overview of common mistakes made by whistleblowers and steps that should be taken when exposing wrongdoing. 3) The document outlines the typical steps involved in a mock trial, including opening statements, witness questioning, closing arguments, and the jury deliberating to reach a verdict.

San Francisco Isaca Fall Security Conference G32 Wiki Leaks Social Media &amp...

Pw Carey

San Francisco Isaca Fall Security Conference G32 A Modest Via Cobi T Proposal...

Pw Carey

The document maps the control objectives of ITIL V3, ISO/IEC 27002, and CobiT 4.1 frameworks. It provides mappings for each process area (Acquire and Implement, Deliver and Support, Monitor and Evaluate, Plan and Organize) and lists the relevant control objectives from each framework. Tables and diagrams are used to visually depict the mappings between frameworks. The document aims to show alignments between the frameworks to benefit business.

ISACA San Francisco 2011 Fall Security Conference G32 A Modest Proposal

Pw Carey

The document maps the control objectives of ITIL V3, ISO/IEC 27002, and CobiT 4.1 frameworks across each process area. It provides mappings for four process areas: Acquire and Implement (AI), Deliver and Support (DS), Monitor and Evaluate (ME), and Plan and Organize (PO). For each process area, it lists the relevant control objectives from each framework and the associated page numbers where the mappings are described in detail. It concludes by thanking the audience and providing contact information for the author.

Wijs sein beleidsplan stappen(1)

Sonja Morbé

Tcd 2014 onsdag_03 ocean rig_presight_tp i risikoovervaaking

Mintra Trainingportal - Training for the Oil and Gas Industry

The document maps the control objectives of ITIL V3, ISO/IEC 27002, and CobiT 4.1 frameworks across each process area. It provides mappings for four process areas: Acquire and Implement (AI), Deliver and Support (DS), Monitor and Evaluate (ME), and Plan and Organize (PO). For each process area, it lists the relevant control objectives from each framework and the associated page numbers where the mappings are described in detail. It concludes by thanking the audience and providing contact information for the author.

Wijs sein beleidsplan stappen(1)

Sonja Morbé

Tcd 2014 onsdag_03 ocean rig_presight_tp i risikoovervaaking

Mintra Trainingportal - Training for the Oil and Gas Industry

Slideshare

ajgordon2

SlideShare is an online platform launched in 2006 that allows users to share and embed presentations, including documents in PDF or OpenOffice format. Presentations on SlideShare can include images, graphics, text and videos. Users can post comments on slides and search for materials using keywords. Embedded presentations through SlideShare can help encourage learning by providing a visual stimulus for viewers.

2013 09 Trainingportal Kundekveld - Kurs brukerkontoMintra Trainingportal - Training for the Oil and Gas Industry

Pedagogisk design (e-læring) - Presentasjon hos Innovasjon Norge

Mintra Trainingportal - Training for the Oil and Gas Industry

Ccf31072014Edmond Khzam Díaz

Tcd2015 pecha kucha_eni_arbeid i kalde omgivelser

Mintra Trainingportal - Training for the Oil and Gas Industry

Aniversario de comaja

Eduardo Goncalvez

Actions during amidah

torahteachers

This document discusses the opening and closing prayers of the Amidah (also known as the Shmoneh Esrei). It explores the historical development of these prayers and how their wording and placement has changed over time. Specifically, it analyzes the differences between the pre-Amidah blessing of G'ulah and the concluding Kaddish prayer, as well as how transitional prayers like Tachanunim help structure the sections of the Amidah. The document aims to provide context around the purpose and meaning behind various prayers within the Amidah service.

พลังแห่งจักรวาลanong

Tcd 2014 pecha_kucha 02 safetec

Mintra Trainingportal - Training for the Oil and Gas Industry

Tcd2015 lars voigt djelert er det godt nok

Mintra Trainingportal - Training for the Oil and Gas Industry

Cosas que debería mejorar mi cole

valensaenz

El estudiante propone varias mejoras para su escuela, incluyendo la instalación de aires acondicionados, una cancha propia en mejor estado, ampliar la biblioteca para que los estudiantes también puedan sacar libros, actualizar los computadores de la sala de informática, implementar transporte escolar, aumentar el tiempo del descanso, agregar una cafetería, y mejorar la limpieza y suministros de los baños.

2011 GMC Yukon For Sale In Marshfield WI | Wheelers Automotive

Wheelers Automotive

Tcd2015 pecha kucha_mintra_fast track_fse

Mintra Trainingportal - Training for the Oil and Gas Industry

ISO/IEC 27001:2022 – What are the changes?

PECB

ISO/IEC 27001 is the main standard that aims to enhance an organization’s information security. Amongst others, the webinar covers: • ISO/IEC 27001 & ISO/IEC 27002, catching up with history • Quick recap on the ISO/IEC 27002:2022 • From ISO/IEC 27002 to the ISO/IEC 27001 updates • Some considerations & consequences of the update • What's up next with ISO/IEC 27001, in practice? Presenters: Peter Geelen Peter Geelen is the director and managing consultant at CyberMinute and Owner of Quest for Security, Belgium. Over more than 20 years, Peter has built strong experience in enterprise security & architecture, Identity & Access management, but also privacy, information & data protection, cyber- and cloud security. Last few years, the focus is on ISO/IEC 27001 and other ISO certification mechanisms. Peter is accredited Lead Auditor for ISO/IEC 27001, ISO 9001, PECB Trainer and Fellow in Privacy. Committed to continuous learning, Peter holds renowned security certificates as certified ISO/IEC 27701 lead implementer and lead auditor, ISO/IEC 27001 Master, Sr. Lead Cybersecurity Manager, ISO/IEC 27002 lead manager, ISO/IEC 27701 Lead Implementer, cDPO, Risk management, Lead Incident Mgr., Disaster Recovery, and many more. Stefan Mathuvis Stefan Mathuvis, is owner & senior consultant at Quality Management & Auditing BV, Zonhoven, Belgium. With over 20 years of experience, Stefan built strong experience in quality management systems, Information Security management systems, GDPR, data privacy & data protection. Stefan is accredited ISO/IEC 27001 Lead Auditor and operates as a third party auditor for DQS Belgium. Dividing his time between consultancy, training & third party auditing on an international scale, Stefan remains in touch with the issues of today allowing him to assist clients in their needs for Information Security and Data Privacy. Date: November 9, 2022 ------------------------------------------------------------------------------- Find out more about ISO training and certification services Training: https://pecb.com/whitepaper/isoiec-270022022--information-security-cybersecurity-and-privacy-protection https://pecb.com/article/isoiec-27001---what-are-the-main-changes-in-2022 https://pecb.com/article/investing-in-information-security-awareness Webinars: https://pecb.com/webinars Article: https://pecb.com/article Whitepaper: https://pecb.com/whitepaper ------------------------------------------------------------------------------- For more information about PECB: Website: https://pecb.com/ LinkedIn: https://www.linkedin.com/company/pecb/ Facebook: https://www.facebook.com/PECBInternational/ Slideshare: http://www.slideshare.net/PECBCERTIFICATION

ITSM Foundation Course Material

stefanhenry

ITSM is one of the most popular and globally acknowledge IT service management certification for IT professionals. ITSM certification is offered to professionals who qualify in the ISO/IEC 20000 exam. To make this certification achievable, Simplilearn brings to you online ITSM training that lets you prepare for the ISO/IEC 20000 exam at your pace and from your own place. This presentation on ITSM includes all important topics based on the ISO/IEC 20000 exam. Each slide is prepared by our certified and experienced ITSM trainers. Understand all the service management processes including resolution process, control process, release process, service delivery process and relationship process through this ITSM training reference material. Improve your knowledge and enhance your confidence towards attaining the ITSM certification with Simplilearn.

ITIL and ISO 20000: Fundamentals and necessary compliance Synergies

PECB

The world of Information Technology (IT) is voluminous, fast paced, innovative and very exciting! You have to love IT to make it work! To love IT you must live IT, to live IT you must embrace a design for success and understand business impacts from system failures (not just the hardware). To embrace a design for success and mitigate system failures you need a formal structure and independent validation. This webinar will introduce you to the structure and choices within the ITIL fundamentals (Information Technology Infrastructure Library fundamentals) and a mechanism to validate the performance of the implemented ITIL structure compliant with the ISO 20000 standard (Information Technology -- Service management -- Part 1: Service management system requirements). The object of this webinar is to excite you about a formal IT structure and encourage you to be fearless about independently validating your service management arrangements. Main points covered: - Introducing an IT structure for service delivery and a case for IT system validation - ITIL component options for IT service provision structure - ISO 20000 as an IT service provision validation mechanism - Synergy of ISO 20000 requirements and mandatory ITIL components Presenter: Eugene is an accomplished high-calibre sustainability and resilience authority, professional engineer and Fellow of the Business Continuity Institute (BCI). With over 25 years of hands-on experience he has developed and improved corporate resilience for a number of organisations from various sectors. His accomplishments include delivery of legislative & regulatory compliance requirements, implementation of ITIL, service, business continuity, information security, quality & risk management systems. In addition Eugene has many years of experience auditing ISO management systems. Eugene has represented the UK Institute of Directors (IoD) on the British Standards Institute (BSI) technical committees responsible for developing ISO resilience standards. He has published many thought provoking articles and a book chapter endorsing the importance of standards as the foundation for good organisational practice. Eugene is an experienced design engineer, implementer, exercise facilitator, trainer and auditor with internationally gifted credentials. Listen to the recorded webinar here: https://youtu.be/2CmWnNtFrcY

Cobit5 owerwiev and implementation proposal

Emilio Gratton

CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know

PECB

New data protection regulations have significantly impacted the way that businesses collect, store, and handle clients’ personal information. Considering the continuously increasing importance of data protection and privacy in today’s world, businesses should be up to speed with their data privacy policies and procedures. The webinar covers: 1. ISO/IEC 27001 – Information Security Framework Key requirements under CCPA, CPRA, GDPR • ISO/IEC 27005 – Information Security Risk Management • ISO/IEC 27035 – Information Security Incident Management • ISO/IEC 22301 & 27031 - Business Continuity Management (BCM) 2. Alternative Frameworks • CMMC - Cybersecurity Maturity Model Certification • NIST CSF Cybersecurity Framework • ISO/IEC 27032 – Guidelines for Cybersecurity 3. Supplier Management Date: April 21, 2021 Recorded Webinar: https://youtu.be/bi3tvvhGV1s

Presentation_P5_4560310_ISO_19650_inWebGIS.pdf

Arief Rahman

The document discusses implementing a Common Data Environment (CDE) in web GIS to enable ISO 19650 compliant workflows for web services. It presents a case study of a Dutch infrastructure project involving both GIS and BIM data. It then summarizes the key components of a CDE according to ISO 19650 standards, including states, metadata, and access privileges. Finally, it proposes a reference implementation in ArcGIS Online utilizing existing features to configure a CDE solution and allow ISO 19650 compliant workflows for web services.

Bs 0 2011 principles of standardisation

Normdocs

This document provides principles for how standards are developed and maintained in Britain. It outlines the role of BSI as the national standards body and how standards committees are formed and operate. The document also discusses principles for standards content, drafting, publishing, and maintaining standards over time. The goal is to establish a framework that allows flexibility while supporting common expectations.

Cobit® 5 Comparação com Cobit® 4

brunise

Pré Lançamento: COBIT 5 Uma prévia do Manual COBIT® 5 framework está disponível! “COBIT 5 fornece um quadro global que auxilia as empresas a atingir os seus objetivos para a governança corporativa e gestão de TI. Simplificando, isso ajuda as empresas a criar valor para a TI, mantendo um equilíbrio entre a realização dos benefícios e otimizando os níveis de risco e utilização de recursos. Confira as novidades dessa versão em relação à versão anterior: Veja mais informações em: brunise.com.br

Cobit5 compare-with-4.1

AVASP - Ambiente Virtual de Aprendizado de São Paulo

The document summarizes the key changes between COBIT 5 and previous versions like COBIT 4.1. Some of the major changes discussed include: 1) COBIT 5 introduces new principles for governance of enterprise IT. 2) There is an increased focus on enablers in COBIT 5 like principles, policies and organizational structure. 3) COBIT 5 features a new process reference model with new and modified processes covering both business and IT activities end-to-end. 4) COBIT 5 integrates practices and activities from previous versions into a single framework and model. 5) COBIT 5 introduces a revised goals cascade and provides examples of goals and metrics.

Viewers also liked

Slideshare

ajgordon2

2013 09 Trainingportal Kundekveld - Kurs brukerkontoMintra Trainingportal - Training for the Oil and Gas Industry

Pedagogisk design (e-læring) - Presentasjon hos Innovasjon Norge

Mintra Trainingportal - Training for the Oil and Gas Industry

Ccf31072014Edmond Khzam Díaz

Tcd2015 pecha kucha_eni_arbeid i kalde omgivelser

Mintra Trainingportal - Training for the Oil and Gas Industry

Aniversario de comaja

Eduardo Goncalvez

Actions during amidah

torahteachers

พลังแห่งจักรวาลanong

Tcd 2014 pecha_kucha 02 safetec

Mintra Trainingportal - Training for the Oil and Gas Industry

Tcd2015 lars voigt djelert er det godt nok

Mintra Trainingportal - Training for the Oil and Gas Industry

Cosas que debería mejorar mi cole

valensaenz

2011 GMC Yukon For Sale In Marshfield WI | Wheelers Automotive

Wheelers Automotive

Tcd2015 pecha kucha_mintra_fast track_fse

Mintra Trainingportal - Training for the Oil and Gas Industry

Viewers also liked (13)

Slideshare

2013 09 Trainingportal Kundekveld - Kurs brukerkonto

Pedagogisk design (e-læring) - Presentasjon hos Innovasjon Norge

Ccf31072014

Tcd2015 pecha kucha_eni_arbeid i kalde omgivelser

Aniversario de comaja

Actions during amidah

พลังแห่งจักรวาล

Tcd 2014 pecha_kucha 02 safetec

Tcd2015 lars voigt djelert er det godt nok

Cosas que debería mejorar mi cole

2011 GMC Yukon For Sale In Marshfield WI | Wheelers Automotive

Tcd2015 pecha kucha_mintra_fast track_fse

Similar to San Francisco Isaca Fall Security Conference G32 A Modest Via Cobi T Proposal 4.2

ISO/IEC 27001:2022 – What are the changes?

PECB

ITSM Foundation Course Material

stefanhenry

ITIL and ISO 20000: Fundamentals and necessary compliance Synergies

PECB

Cobit5 owerwiev and implementation proposal

Emilio Gratton

CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know

PECB

Presentation_P5_4560310_ISO_19650_inWebGIS.pdf

Arief Rahman

Bs 0 2011 principles of standardisation

Normdocs

Cobit® 5 Comparação com Cobit® 4

brunise

Cobit5 compare-with-4.1

AVASP - Ambiente Virtual de Aprendizado de São Paulo

Similar to San Francisco Isaca Fall Security Conference G32 A Modest Via Cobi T Proposal 4.2 (9)

ISO/IEC 27001:2022 – What are the changes?

ITSM Foundation Course Material

ITIL and ISO 20000: Fundamentals and necessary compliance Synergies

Cobit5 owerwiev and implementation proposal

CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know

Presentation_P5_4560310_ISO_19650_inWebGIS.pdf

Bs 0 2011 principles of standardisation

Cobit® 5 Comparação com Cobit® 4

Cobit5 compare-with-4.1

San Francisco Isaca Fall Security Conference G32 A Modest Via Cobi T Proposal 4.2

1. G32 The Changing Influences of Social Media, WikiLeaks and Whistleblowers A Modest Proposal: The Future of IT Auditing by Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives

2. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives • AI (Acquire & Implement) • 1, 2, 3 & 4 --- 6 & 7 • DS (Deliver & Support) • 3, 4, & 5 --- 8, 9, 10, 11, 12 & 13 • ME (Monitor & Evaluate) • 1&2 • PO (Plan & Organize) • 1, 2, & 3 --- 5 & 6 --- 8, 9, & 10 2

3. Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control Objectives: Acquire and Implement (AI) 3

4. Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control Objectives: Acquire and Implement (AI) 4

5. Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control Objectives: Acquire and Implement (AI) 5

6. Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control Objectives: Acquire and Implement (AI) 6

7. Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control Objectives: Acquire and Implement (AI) 7

8. Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control Objectives: Acquire and Implement (AI) 8

9. Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control Objectives: Acquire and Implement (AI) 9

10. Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control Objectives: Acquire and Implement (AI) 10

11. Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control Objectives: Acquire and Implement (AI) 11

12. Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control Objectives: Acquire and Implement (AI) 12

13. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS)

14. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS)

15. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS)

16. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 16

17. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 17

18. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 18

19. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 19

20. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 20

21. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 21

22. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 22

23. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 23

24. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 24

25. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 25

26. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 26

27. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 27

28. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 28

29. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 29

30. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 30

31. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 31

32. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 32

33. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Deliver and Support (DS) 33

34. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Monitor and Evaluate (ME) 34

35. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Monitor and Evaluate (ME) 35

36. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Monitor and Evaluate (ME) 36

37. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Monitor and Evaluate (ME) 37

38. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Monitor and Evaluate (ME) 38

39. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 39

40. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 40

41. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 41

42. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 42

43. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 43

44. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 44

45. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 45

46. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 46

47. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 47

48. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 48

49. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 49

50. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 50

51. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 51

52. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 52

53. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 53

54. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 54

55. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 55

56. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 56

57. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 57

58. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives: Plan & Organize (PO) 58

59. Summary, Conclusions & Questions Thank you all for your courteous time and attention today: • Please Note: We’ll be open to and available for discussing any & all areas addressed during this presentation. Respectfully yours, Pw Carey Consultant CISA-CISSP Compliance Partners, LLC 1250 Grove Avenue, Suite 200 Barrington, IL 60010 pwc.pwcarey@gmail.com/ pwcarey@complysys.com 650-278-3731 or 224-633-1378 Fax: 847-381-2067 59

60. Mapping ITIL V3 and ISO/IEC 27002 With CobiT 4.1 Control Objectives References 1. Aligning Cob iT® 4.1, ITIL® V3 and ISO/IEC 27002 for Business Benefit ® A Management Briefing From ITGI and OGC Reservation of Rights © 2008 ITGI. All rights reserved. No part of this publication may be used, copied, reproduced, modified, distributed, displayed, stored in a retrieval system, or transmitted in any form by any means (electronic, mechanical, photocopying, recording or otherwise), without the prior written authorisation of ITGI. Reproduction and use of all or portions of this publication are solely permitted for academic, internal and non- commercial use and for consulting/advisory engagements, and must include full attribution of the material’s source. No other right or permission is granted with respect to this work. © Crown Copyright material 2008, published in conjunction with the Office of Government Commerce, is reproduced with the permission of the controller of HMSO and Queen’s Printer for Scotland. ISACA and ITGI are registered trademarks of ISACA. Co b i T® is a registered trademark of ISACA and ITGI. ITIL® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries. IT Infrastructure Library® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries. Copies of ISO/IEC 27002:2005 and all ISO standards can be purchased from the American National Standards Institute (ANSI) at http://webstore.ansi.org, phone: +1.212.642.4980; BSI in the UK (www.bsi- global.com/shop.html); and ISO (www.iso.org/iso/store.htm). 60

San Francisco Isaca Fall Security Conference G32 A Modest Via Cobi T Proposal 4.2

Recommended

Recommended

More Related Content

Viewers also liked

Viewers also liked (13)

Similar to San Francisco Isaca Fall Security Conference G32 A Modest Via Cobi T Proposal 4.2

Similar to San Francisco Isaca Fall Security Conference G32 A Modest Via Cobi T Proposal 4.2 (9)

San Francisco Isaca Fall Security Conference G32 A Modest Via Cobi T Proposal 4.2