Securing an IT organization through governance, risk management, and audit

Content: Cybersecurity Risk ManagementCybersecurityCybersecurity Risk ManagementManaging ICT Security Risk through Governance, Control, and AuditImplementing Best Practices Using a Single Cybersecurity FrameworkChapter SummaryCase ProjectIntroduction to the Framework for Improving Critical InfrastructureCybersecurityOverview of the FrameworkFramework CoreFramework Implementation TiersFramework ProfileFramework Is Descriptive and Not PrescriptiveStructure of the Book's Presentation of the FrameworkChapter SummaryCase ProjectIdentify FunctionIdentify Function OverviewAsset Management CategoryBusiness Environment CategoryGovernance CategoryRisk Assessment CategoryRisk Management CategoryRisk Management PlanImplementing Risk ManagementRisk Handling StrategiesLinking COBIT to the Identify FunctionChapter SummaryCase ProjectProtect FunctionProtect Function OverviewAccess Control CategoryAwareness and Training CategoryData Security CategoryInformation Protection Processes and Procedures CategoryMaintenanceProtective TechnologyLinking COBIT to the Protect FunctionChapter SummaryCase ProjectDetect FunctionDetect Function OverviewAnomalies and Events CategorySecurity Continuous Monitoring CategoryDetection Processes CategoryChapter SummaryCase ProjectRespond FunctionRespond Function OverviewResponse Planning CategoryCommunications CategoryAnalysis CategoryMitigation CategoryImprovement CategoryChapter SummaryCase ProjectRecover FunctionDistinguishing between Business Continuity and Disaster RecoveryImprovement CategoryCommunications CategoryChapter SummaryCase ProjectThe COBIT FrameworkAssumptionsIT GovernanceFramework ModelPractical Technical Scenarios (PTSs)What Drives COBIT 5Framework PrinciplesOther Governance Frameworks and Best PracticesCase ProjectDecomposition of FrameworkFramework Principles: CreationDefinition of Categories and Seven EnablersControl IssueNavigation IssueCase ProjectFramework Structure's Generic DomainsCOBIT's Framework StructurePlanning and OrganizationAcquisition and ImplementationDelivery and SupportMonitoringCase ProjectDecomposition of COBIT 5Purpose of COBIT Control Objectives and PrinciplesPrinciple 1: Installing the Integrated IT Architectural FrameworkPrinciple 2: What Do Stakeholders Value?Principle 3: The Business Context FocusPrinciple 4: Managing RiskPrinciple 5: Measuring PerformanceCase ProjectCOBIT Management GuidelinesEnterprise ManagementRisk ManagementStatus of IT SystemsContinuous ImprovementCase ProjectCOBIT Management DashboardPerformance MeasurementIT Control ProfilingAwarenessBenchmarkingCase ProjectWhat COBIT Sets Out to AccomplishAdaptability to Existing FrameworksConstituency of Governance for FinanceConstituency of Governance for ITCase ProjectInternal AuditsPurpose of Internal AuditsRoles That Potentially Use COBITApproaches to Using COBIT in an Internal AuditTypes of Audits Which Can Be Facilitated Using COBITAdvantages of Using COBIT in Internal AuditsCase ProjectTying It All TogetherCOBIT Works with Sarbanes-Oxley (SOx)COBIT Works with GETITProcess Assessment Model (PAM)Case ProjectReferences