The document maps the control objectives of ITIL V3, ISO/IEC 27002, and CobiT 4.1 frameworks across each process area. It provides mappings for four process areas: Acquire and Implement (AI), Deliver and Support (DS), Monitor and Evaluate (ME), and Plan and Organize (PO). For each process area, it lists the relevant control objectives from each framework and the associated section numbers to show how they correspond to one another. It concludes by thanking the audience and providing contact information for the author.
San Francisco Isaca Fall Security Conference G32 Wiki Leaks Social Media &...Pw Carey
This document discusses the changing influences of social media, WikiLeaks, and whistleblowers on the future of IT auditing. It covers topics such as the impact of social media protests like BART, WikiLeaks' role in exposing government and corporate secrets, the emergence of whistleblowing sites like OpenLeaks, and hacktivist groups like Anonymous and LulzSec. It also addresses growth in whistleblowers reporting financial and tax fraud, and challenges facing auditors in detecting abuse and fraud by top executives.
C24 Fraud In The Workplace 3 Mock Trials)[1]Pw Carey
The document summarizes key aspects of Eli Lilly's audit committee charter and compliance program for monitoring sales and marketing activities. It notes that Lilly conducts risk-based monitoring and auditing of sales and marketing functions. However, a prosecution witness alleges that Lilly salespeople used tactics like planted questions at physician events to promote off-label uses of the drug Zyprexa, despite risks of weight gain.
San Francisco Isaca 2010 Fall Security Conference C24 Fraud In The Workplac...Pw Carey
1) The document discusses Cressey's Fraud Triad which outlines the three factors that commonly lead to fraud: perceived unshareable financial need, perceived opportunity, and rationalization.
2) It provides an overview of common mistakes made by whistleblowers and steps that should be taken when exposing wrongdoing.
3) The document outlines the typical steps involved in a mock trial, including opening statements, witness questioning, closing arguments, and the jury deliberating to reach a verdict.
San Francisco Isaca Fall Security Conference G32 A Modest Via Cobi T Proposal...Pw Carey
The document maps the control objectives of ITIL V3, ISO/IEC 27002, and CobiT 4.1 frameworks. It provides mappings for each process area (Acquire and Implement, Deliver and Support, Monitor and Evaluate, Plan and Organize) and lists the relevant control objectives from each framework. Tables and diagrams are used to visually depict the mappings between frameworks. The document aims to show alignments between the frameworks to benefit business.
ISACA San Francisco 2011 Fall Security Conference G32 A Modest ProposalPw Carey
The document maps the control objectives of ITIL V3, ISO/IEC 27002, and CobiT 4.1 frameworks across each process area. It provides mappings for four process areas: Acquire and Implement (AI), Deliver and Support (DS), Monitor and Evaluate (ME), and Plan and Organize (PO). For each process area, it lists the relevant control objectives from each framework and the associated page numbers where the mappings are described in detail. It concludes by thanking the audience and providing contact information for the author.
TCD 2014: Ocean Rig/PreSight - Bruk av Trainingportal i KPI-system for barriere- og storulykke/risikoovervåking (Lars Helge Strand, Training Supervisor i Ocean Rig og Karl Erik Dahl, Offshore Energy Products)
San Francisco Isaca Fall Security Conference G32 Wiki Leaks Social Media &...Pw Carey
This document discusses the changing influences of social media, WikiLeaks, and whistleblowers on the future of IT auditing. It covers topics such as the impact of social media protests like BART, WikiLeaks' role in exposing government and corporate secrets, the emergence of whistleblowing sites like OpenLeaks, and hacktivist groups like Anonymous and LulzSec. It also addresses growth in whistleblowers reporting financial and tax fraud, and challenges facing auditors in detecting abuse and fraud by top executives.
C24 Fraud In The Workplace 3 Mock Trials)[1]Pw Carey
The document summarizes key aspects of Eli Lilly's audit committee charter and compliance program for monitoring sales and marketing activities. It notes that Lilly conducts risk-based monitoring and auditing of sales and marketing functions. However, a prosecution witness alleges that Lilly salespeople used tactics like planted questions at physician events to promote off-label uses of the drug Zyprexa, despite risks of weight gain.
San Francisco Isaca 2010 Fall Security Conference C24 Fraud In The Workplac...Pw Carey
1) The document discusses Cressey's Fraud Triad which outlines the three factors that commonly lead to fraud: perceived unshareable financial need, perceived opportunity, and rationalization.
2) It provides an overview of common mistakes made by whistleblowers and steps that should be taken when exposing wrongdoing.
3) The document outlines the typical steps involved in a mock trial, including opening statements, witness questioning, closing arguments, and the jury deliberating to reach a verdict.
San Francisco Isaca Fall Security Conference G32 A Modest Via Cobi T Proposal...Pw Carey
The document maps the control objectives of ITIL V3, ISO/IEC 27002, and CobiT 4.1 frameworks. It provides mappings for each process area (Acquire and Implement, Deliver and Support, Monitor and Evaluate, Plan and Organize) and lists the relevant control objectives from each framework. Tables and diagrams are used to visually depict the mappings between frameworks. The document aims to show alignments between the frameworks to benefit business.
ISACA San Francisco 2011 Fall Security Conference G32 A Modest ProposalPw Carey
The document maps the control objectives of ITIL V3, ISO/IEC 27002, and CobiT 4.1 frameworks across each process area. It provides mappings for four process areas: Acquire and Implement (AI), Deliver and Support (DS), Monitor and Evaluate (ME), and Plan and Organize (PO). For each process area, it lists the relevant control objectives from each framework and the associated page numbers where the mappings are described in detail. It concludes by thanking the audience and providing contact information for the author.
TCD 2014: Ocean Rig/PreSight - Bruk av Trainingportal i KPI-system for barriere- og storulykke/risikoovervåking (Lars Helge Strand, Training Supervisor i Ocean Rig og Karl Erik Dahl, Offshore Energy Products)
SlideShare is an online platform launched in 2006 that allows users to share and embed presentations, including documents in PDF or OpenOffice format. Presentations on SlideShare can include images, graphics, text and videos. Users can post comments on slides and search for materials using keywords. Embedded presentations through SlideShare can help encourage learning by providing a visual stimulus for viewers.
This document discusses the opening and closing prayers of the Amidah (also known as the Shmoneh Esrei). It explores the historical development of these prayers and how their wording and placement has changed over time. Specifically, it analyzes the differences between the pre-Amidah blessing of G'ulah and the concluding Kaddish prayer, as well as how transitional prayers like Tachanunim help structure the sections of the Amidah. The document aims to provide context around the purpose and meaning behind various prayers within the Amidah service.
El estudiante propone varias mejoras para su escuela, incluyendo la instalación de aires acondicionados, una cancha propia en mejor estado, ampliar la biblioteca para que los estudiantes también puedan sacar libros, actualizar los computadores de la sala de informática, implementar transporte escolar, aumentar el tiempo del descanso, agregar una cafetería, y mejorar la limpieza y suministros de los baños.
2011 GMC Yukon For Sale In Marshfield WI | Wheelers AutomotiveWheelers Automotive
2011 GMC Yukon brochure provided by Wheelers Automotive in Marshfield, WI. Find the 2011 GMC Yukon for sale in Wisconsin. Call us about our current sales and incentives at (715) 502-4350. http://www.wheelergm.com
ISO/IEC 27001 is the main standard that aims to enhance an organization’s information security.
Amongst others, the webinar covers:
• ISO/IEC 27001 & ISO/IEC 27002, catching up with history
• Quick recap on the ISO/IEC 27002:2022
• From ISO/IEC 27002 to the ISO/IEC 27001 updates
• Some considerations & consequences of the update
• What's up next with ISO/IEC 27001, in practice?
Presenters:
Peter Geelen
Peter Geelen is the director and managing consultant at CyberMinute and Owner of Quest for Security, Belgium. Over more than 20 years, Peter has built strong experience in enterprise security & architecture, Identity & Access management, but also privacy, information & data protection, cyber- and cloud security. Last few years, the focus is on ISO/IEC 27001 and other ISO certification mechanisms. Peter is accredited Lead Auditor for ISO/IEC 27001, ISO 9001, PECB Trainer and Fellow in Privacy. Committed to continuous learning, Peter holds renowned security certificates as certified ISO/IEC 27701 lead implementer and lead auditor, ISO/IEC 27001 Master, Sr. Lead Cybersecurity Manager, ISO/IEC 27002 lead manager, ISO/IEC 27701 Lead Implementer, cDPO, Risk management, Lead Incident Mgr., Disaster Recovery, and many more.
Stefan Mathuvis
Stefan Mathuvis, is owner & senior consultant at Quality Management & Auditing BV, Zonhoven, Belgium. With over 20 years of experience, Stefan built strong experience in quality management systems, Information Security management systems, GDPR, data privacy & data protection. Stefan is accredited ISO/IEC 27001 Lead Auditor and operates as a third party auditor for DQS Belgium. Dividing his time between consultancy, training & third party auditing on an international scale, Stefan remains in touch with the issues of today allowing him to assist clients in their needs for Information Security and Data Privacy.
Date: November 9, 2022
-------------------------------------------------------------------------------
Find out more about ISO training and certification services
Training: https://pecb.com/whitepaper/isoiec-270022022--information-security-cybersecurity-and-privacy-protection
https://pecb.com/article/isoiec-27001---what-are-the-main-changes-in-2022
https://pecb.com/article/investing-in-information-security-awareness
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
Whitepaper: https://pecb.com/whitepaper
-------------------------------------------------------------------------------
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternational/
Slideshare: http://www.slideshare.net/PECBCERTIFICATION
ITSM is one of the most popular and globally acknowledge IT service management certification for IT professionals. ITSM certification is offered to professionals who qualify in the ISO/IEC 20000 exam. To make this certification achievable, Simplilearn brings to you online ITSM training that lets you prepare for the ISO/IEC 20000 exam at your pace and from your own place. This presentation on ITSM includes all important topics based on the ISO/IEC 20000 exam. Each slide is prepared by our certified and experienced ITSM trainers. Understand all the service management processes including resolution process, control process, release process, service delivery process and relationship process through this ITSM training reference material. Improve your knowledge and enhance your confidence towards attaining the ITSM certification with Simplilearn.
ITIL and ISO 20000: Fundamentals and necessary compliance SynergiesPECB
The world of Information Technology (IT) is voluminous, fast paced, innovative and very exciting!
You have to love IT to make it work!
To love IT you must live IT, to live IT you must embrace a design for success and understand business impacts from system failures (not just the hardware). To embrace a design for success and mitigate system failures you need a formal structure and independent validation.
This webinar will introduce you to the structure and choices within the ITIL fundamentals (Information Technology Infrastructure Library fundamentals) and a mechanism to validate the performance of the implemented ITIL structure compliant with the ISO 20000 standard (Information Technology -- Service management -- Part 1: Service management system requirements). The object of this webinar is to excite you about a formal IT structure and encourage you to be fearless about independently validating your service management arrangements.
Main points covered:
- Introducing an IT structure for service delivery and a case for IT system validation
- ITIL component options for IT service provision structure
- ISO 20000 as an IT service provision validation mechanism
- Synergy of ISO 20000 requirements and mandatory ITIL components
Presenter:
Eugene is an accomplished high-calibre sustainability and resilience authority, professional engineer and Fellow of the Business Continuity Institute (BCI). With over 25 years of hands-on experience he has developed and improved corporate resilience for a number of organisations from various sectors. His accomplishments include delivery of legislative & regulatory compliance requirements, implementation of ITIL, service, business continuity, information security, quality & risk management systems. In addition Eugene has many years of experience auditing ISO management systems. Eugene has represented the UK Institute of Directors (IoD) on the British Standards Institute (BSI) technical committees responsible for developing ISO resilience standards. He has published many thought provoking articles and a book chapter endorsing the importance of standards as the foundation for good organisational practice. Eugene is an experienced design engineer, implementer, exercise facilitator, trainer and auditor with internationally gifted credentials.
Listen to the recorded webinar here:
https://youtu.be/2CmWnNtFrcY
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to KnowPECB
New data protection regulations have significantly impacted the way that businesses collect, store, and handle clients’ personal information.
Considering the continuously increasing importance of data protection and privacy in today’s world, businesses should be up to speed with their data privacy policies and procedures.
The webinar covers:
1. ISO/IEC 27001 – Information Security Framework Key requirements under CCPA, CPRA, GDPR
• ISO/IEC 27005 – Information Security Risk Management
• ISO/IEC 27035 – Information Security Incident Management
• ISO/IEC 22301 & 27031 - Business Continuity Management (BCM)
2. Alternative Frameworks
• CMMC - Cybersecurity Maturity Model Certification
• NIST CSF Cybersecurity Framework
• ISO/IEC 27032 – Guidelines for Cybersecurity
3. Supplier Management
Date: April 21, 2021
Recorded Webinar: https://youtu.be/bi3tvvhGV1s
The document discusses implementing a Common Data Environment (CDE) in web GIS to enable ISO 19650 compliant workflows for web services. It presents a case study of a Dutch infrastructure project involving both GIS and BIM data. It then summarizes the key components of a CDE according to ISO 19650 standards, including states, metadata, and access privileges. Finally, it proposes a reference implementation in ArcGIS Online utilizing existing features to configure a CDE solution and allow ISO 19650 compliant workflows for web services.
This document provides principles for how standards are developed and maintained in Britain. It outlines the role of BSI as the national standards body and how standards committees are formed and operate. The document also discusses principles for standards content, drafting, publishing, and maintaining standards over time. The goal is to establish a framework that allows flexibility while supporting common expectations.
Pré Lançamento: COBIT 5
Uma prévia do Manual COBIT® 5 framework está disponível!
“COBIT 5 fornece um quadro global que auxilia as empresas a atingir os seus objetivos para a governança corporativa e gestão de TI. Simplificando, isso ajuda as empresas a criar valor para a TI, mantendo um equilíbrio entre a realização dos benefícios e otimizando os níveis de risco e utilização de recursos.
Confira as novidades dessa versão em relação à versão anterior:
Veja mais informações em: brunise.com.br
The document summarizes the key changes between COBIT 5 and previous versions like COBIT 4.1. Some of the major changes discussed include:
1) COBIT 5 introduces new principles for governance of enterprise IT.
2) There is an increased focus on enablers in COBIT 5 like principles, policies and organizational structure.
3) COBIT 5 features a new process reference model with new and modified processes covering both business and IT activities end-to-end.
4) COBIT 5 integrates practices and activities from previous versions into a single framework and model.
5) COBIT 5 introduces a revised goals cascade and provides examples of goals and metrics.
SlideShare is an online platform launched in 2006 that allows users to share and embed presentations, including documents in PDF or OpenOffice format. Presentations on SlideShare can include images, graphics, text and videos. Users can post comments on slides and search for materials using keywords. Embedded presentations through SlideShare can help encourage learning by providing a visual stimulus for viewers.
This document discusses the opening and closing prayers of the Amidah (also known as the Shmoneh Esrei). It explores the historical development of these prayers and how their wording and placement has changed over time. Specifically, it analyzes the differences between the pre-Amidah blessing of G'ulah and the concluding Kaddish prayer, as well as how transitional prayers like Tachanunim help structure the sections of the Amidah. The document aims to provide context around the purpose and meaning behind various prayers within the Amidah service.
El estudiante propone varias mejoras para su escuela, incluyendo la instalación de aires acondicionados, una cancha propia en mejor estado, ampliar la biblioteca para que los estudiantes también puedan sacar libros, actualizar los computadores de la sala de informática, implementar transporte escolar, aumentar el tiempo del descanso, agregar una cafetería, y mejorar la limpieza y suministros de los baños.
2011 GMC Yukon For Sale In Marshfield WI | Wheelers AutomotiveWheelers Automotive
2011 GMC Yukon brochure provided by Wheelers Automotive in Marshfield, WI. Find the 2011 GMC Yukon for sale in Wisconsin. Call us about our current sales and incentives at (715) 502-4350. http://www.wheelergm.com
ISO/IEC 27001 is the main standard that aims to enhance an organization’s information security.
Amongst others, the webinar covers:
• ISO/IEC 27001 & ISO/IEC 27002, catching up with history
• Quick recap on the ISO/IEC 27002:2022
• From ISO/IEC 27002 to the ISO/IEC 27001 updates
• Some considerations & consequences of the update
• What's up next with ISO/IEC 27001, in practice?
Presenters:
Peter Geelen
Peter Geelen is the director and managing consultant at CyberMinute and Owner of Quest for Security, Belgium. Over more than 20 years, Peter has built strong experience in enterprise security & architecture, Identity & Access management, but also privacy, information & data protection, cyber- and cloud security. Last few years, the focus is on ISO/IEC 27001 and other ISO certification mechanisms. Peter is accredited Lead Auditor for ISO/IEC 27001, ISO 9001, PECB Trainer and Fellow in Privacy. Committed to continuous learning, Peter holds renowned security certificates as certified ISO/IEC 27701 lead implementer and lead auditor, ISO/IEC 27001 Master, Sr. Lead Cybersecurity Manager, ISO/IEC 27002 lead manager, ISO/IEC 27701 Lead Implementer, cDPO, Risk management, Lead Incident Mgr., Disaster Recovery, and many more.
Stefan Mathuvis
Stefan Mathuvis, is owner & senior consultant at Quality Management & Auditing BV, Zonhoven, Belgium. With over 20 years of experience, Stefan built strong experience in quality management systems, Information Security management systems, GDPR, data privacy & data protection. Stefan is accredited ISO/IEC 27001 Lead Auditor and operates as a third party auditor for DQS Belgium. Dividing his time between consultancy, training & third party auditing on an international scale, Stefan remains in touch with the issues of today allowing him to assist clients in their needs for Information Security and Data Privacy.
Date: November 9, 2022
-------------------------------------------------------------------------------
Find out more about ISO training and certification services
Training: https://pecb.com/whitepaper/isoiec-270022022--information-security-cybersecurity-and-privacy-protection
https://pecb.com/article/isoiec-27001---what-are-the-main-changes-in-2022
https://pecb.com/article/investing-in-information-security-awareness
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
Whitepaper: https://pecb.com/whitepaper
-------------------------------------------------------------------------------
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternational/
Slideshare: http://www.slideshare.net/PECBCERTIFICATION
ITSM is one of the most popular and globally acknowledge IT service management certification for IT professionals. ITSM certification is offered to professionals who qualify in the ISO/IEC 20000 exam. To make this certification achievable, Simplilearn brings to you online ITSM training that lets you prepare for the ISO/IEC 20000 exam at your pace and from your own place. This presentation on ITSM includes all important topics based on the ISO/IEC 20000 exam. Each slide is prepared by our certified and experienced ITSM trainers. Understand all the service management processes including resolution process, control process, release process, service delivery process and relationship process through this ITSM training reference material. Improve your knowledge and enhance your confidence towards attaining the ITSM certification with Simplilearn.
ITIL and ISO 20000: Fundamentals and necessary compliance SynergiesPECB
The world of Information Technology (IT) is voluminous, fast paced, innovative and very exciting!
You have to love IT to make it work!
To love IT you must live IT, to live IT you must embrace a design for success and understand business impacts from system failures (not just the hardware). To embrace a design for success and mitigate system failures you need a formal structure and independent validation.
This webinar will introduce you to the structure and choices within the ITIL fundamentals (Information Technology Infrastructure Library fundamentals) and a mechanism to validate the performance of the implemented ITIL structure compliant with the ISO 20000 standard (Information Technology -- Service management -- Part 1: Service management system requirements). The object of this webinar is to excite you about a formal IT structure and encourage you to be fearless about independently validating your service management arrangements.
Main points covered:
- Introducing an IT structure for service delivery and a case for IT system validation
- ITIL component options for IT service provision structure
- ISO 20000 as an IT service provision validation mechanism
- Synergy of ISO 20000 requirements and mandatory ITIL components
Presenter:
Eugene is an accomplished high-calibre sustainability and resilience authority, professional engineer and Fellow of the Business Continuity Institute (BCI). With over 25 years of hands-on experience he has developed and improved corporate resilience for a number of organisations from various sectors. His accomplishments include delivery of legislative & regulatory compliance requirements, implementation of ITIL, service, business continuity, information security, quality & risk management systems. In addition Eugene has many years of experience auditing ISO management systems. Eugene has represented the UK Institute of Directors (IoD) on the British Standards Institute (BSI) technical committees responsible for developing ISO resilience standards. He has published many thought provoking articles and a book chapter endorsing the importance of standards as the foundation for good organisational practice. Eugene is an experienced design engineer, implementer, exercise facilitator, trainer and auditor with internationally gifted credentials.
Listen to the recorded webinar here:
https://youtu.be/2CmWnNtFrcY
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to KnowPECB
New data protection regulations have significantly impacted the way that businesses collect, store, and handle clients’ personal information.
Considering the continuously increasing importance of data protection and privacy in today’s world, businesses should be up to speed with their data privacy policies and procedures.
The webinar covers:
1. ISO/IEC 27001 – Information Security Framework Key requirements under CCPA, CPRA, GDPR
• ISO/IEC 27005 – Information Security Risk Management
• ISO/IEC 27035 – Information Security Incident Management
• ISO/IEC 22301 & 27031 - Business Continuity Management (BCM)
2. Alternative Frameworks
• CMMC - Cybersecurity Maturity Model Certification
• NIST CSF Cybersecurity Framework
• ISO/IEC 27032 – Guidelines for Cybersecurity
3. Supplier Management
Date: April 21, 2021
Recorded Webinar: https://youtu.be/bi3tvvhGV1s
The document discusses implementing a Common Data Environment (CDE) in web GIS to enable ISO 19650 compliant workflows for web services. It presents a case study of a Dutch infrastructure project involving both GIS and BIM data. It then summarizes the key components of a CDE according to ISO 19650 standards, including states, metadata, and access privileges. Finally, it proposes a reference implementation in ArcGIS Online utilizing existing features to configure a CDE solution and allow ISO 19650 compliant workflows for web services.
This document provides principles for how standards are developed and maintained in Britain. It outlines the role of BSI as the national standards body and how standards committees are formed and operate. The document also discusses principles for standards content, drafting, publishing, and maintaining standards over time. The goal is to establish a framework that allows flexibility while supporting common expectations.
Pré Lançamento: COBIT 5
Uma prévia do Manual COBIT® 5 framework está disponível!
“COBIT 5 fornece um quadro global que auxilia as empresas a atingir os seus objetivos para a governança corporativa e gestão de TI. Simplificando, isso ajuda as empresas a criar valor para a TI, mantendo um equilíbrio entre a realização dos benefícios e otimizando os níveis de risco e utilização de recursos.
Confira as novidades dessa versão em relação à versão anterior:
Veja mais informações em: brunise.com.br
The document summarizes the key changes between COBIT 5 and previous versions like COBIT 4.1. Some of the major changes discussed include:
1) COBIT 5 introduces new principles for governance of enterprise IT.
2) There is an increased focus on enablers in COBIT 5 like principles, policies and organizational structure.
3) COBIT 5 features a new process reference model with new and modified processes covering both business and IT activities end-to-end.
4) COBIT 5 integrates practices and activities from previous versions into a single framework and model.
5) COBIT 5 introduces a revised goals cascade and provides examples of goals and metrics.
Similar to San Francisco Isaca Fall Security Conference G32 A Modest Via Cobi T Proposal 4.2 (9)
San Francisco Isaca Fall Security Conference G32 A Modest Via Cobi T Proposal 4.2
1. G32
The Changing Influences of Social
Media, WikiLeaks and Whistleblowers
A Modest Proposal: The Future of IT Auditing
by
Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives
3. Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control
Objectives: Acquire and Implement (AI)
3
4. Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control
Objectives: Acquire and Implement (AI)
4
5. Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control
Objectives: Acquire and Implement (AI)
5
6. Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control
Objectives: Acquire and Implement (AI)
6
7. Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control
Objectives: Acquire and Implement (AI)
7
8. Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control
Objectives: Acquire and Implement (AI)
8
9. Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control
Objectives: Acquire and Implement (AI)
9
10. Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control
Objectives: Acquire and Implement (AI)
10
11. Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control
Objectives: Acquire and Implement (AI)
11
12. Mapping ITIL V3 & ISO/IEC 27002 W/CobiT 4.1 Control
Objectives: Acquire and Implement (AI)
12
13. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Deliver and Support (DS)
14. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Deliver and Support (DS)
15. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Deliver and Support (DS)
16. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Deliver and Support (DS)
16
17. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Deliver and Support (DS)
17
18. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Deliver and Support (DS)
18
19. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Deliver and Support (DS)
19
20. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Deliver and Support (DS)
20
21. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Deliver and Support (DS)
21
22. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Deliver and Support (DS)
22
23. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Deliver and Support (DS)
23
24. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Deliver and Support (DS)
24
25. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Deliver and Support (DS)
25
26. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Deliver and Support (DS)
26
27. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Deliver and Support (DS)
27
28. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Deliver and Support (DS)
28
29. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Deliver and Support (DS)
29
30. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Deliver and Support (DS)
30
31. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Deliver and Support (DS)
31
32. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Deliver and Support (DS)
32
33. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Deliver and Support (DS)
33
34. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Monitor and Evaluate (ME)
34
35. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Monitor and Evaluate (ME)
35
36. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Monitor and Evaluate (ME)
36
37. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Monitor and Evaluate (ME)
37
38. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Monitor and Evaluate (ME)
38
39. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Plan & Organize (PO)
39
40. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Plan & Organize (PO)
40
41. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Plan & Organize (PO)
41
42. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Plan & Organize (PO)
42
43. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Plan & Organize (PO)
43
44. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Plan & Organize (PO)
44
45. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Plan & Organize (PO)
45
46. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Plan & Organize (PO)
46
47. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Plan & Organize (PO)
47
48. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Plan & Organize (PO)
48
49. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Plan & Organize (PO)
49
50. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Plan & Organize (PO)
50
51. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Plan & Organize (PO)
51
52. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Plan & Organize (PO)
52
53. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Plan & Organize (PO)
53
54. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Plan & Organize (PO)
54
55. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Plan & Organize (PO)
55
56. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Plan & Organize (PO)
56
57. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Plan & Organize (PO)
57
58. Mapping ITIL V3 and ISO/IEC 27002 With
CobiT 4.1 Control Objectives: Plan & Organize (PO)
58
59. Summary, Conclusions & Questions
Thank you all for your courteous time and attention today:
• Please Note: We’ll be open to and available for discussing any & all areas
addressed during this presentation.
Respectfully yours,
Pw Carey
Consultant CISA-CISSP
Compliance Partners, LLC
1250 Grove Avenue, Suite 200
Barrington, IL 60010
pwc.pwcarey@gmail.com/
pwcarey@complysys.com
650-278-3731 or 224-633-1378
Fax: 847-381-2067
59