CCS

Many companies, especially Japanese companies, have implemented information security with bottom up approach, starting from implementing piece by piece security controls. As increase the number of information security incidents and spread its impact, ...

A method is introduced to measure the risk of being non-compliant and the cost of reducing the risk by performing internal audits with the help of automated audit tools. Risk exposure of a business process is defined in terms of the prevalence of non-...

Assurance accreditation of agile, interconnected IT landscapes is a great challenge, and is currently often cited as one of the show-stoppers for the adoption of modern IT architectures (e.g. agile, model-driven, process-led SOA and Cloud) in mission ...

The ongoing financial markets debacle and the global economic context advocate enhancing the governance of the companies and, de facto, improving the elaboration and the understanding of employees' responsibilities. Furthermore, the moral aspects of the ...

Advanced methodologies for compliance such as CobiT identify a number of maturity levels that must be reached: first the existence of an infrastructure for the enforcement of security controls; second, the ability to continuously monitor and audit ...

Recent research [12] has suggested that traditional top down security policy models are too rigid to cope with changes in dynamic operational environments. There is a need for greater flexibility in security policies to protect information appropriately ...

The widespread diffusion of the Internet as the platform for accessing distributed services makes available a huge amount of personal data, and a corresponding concern and demand from users, as well as legislation, for solutions providing users with ...

Rather than treating security as an independent technical concern, it should be considered as just another risk that needs to be managed alongside all other business risks. An Internal Controls approach to security risk management is proposed whereby ...