Robert Clark Director of Internal Auditing Georgia Institute of Technology Jack Suess VP of Information Technology University of Maryland, Baltimore County. What Every CBO Should Know About IT Security. Monday, July 10, 2006. Overview.
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
Jack SuessVP of Information TechnologyUniversity of Maryland, Baltimore County
Monday, July 10, 2006
Org. structure (e.g., Board, policies, mgmt’s risk appetite
Objectives in Strategy, Operations, Reporting,Compliance
What can go wrong?
Likelihood and impact of risks
How to manage risks? (Share, avoid, reduce, accept?)
Procedures to ensure risk mitigation is effective
Education & awareness of policies, effective practices
Mgmt reviews & Auditors assess
MANAGEMENTCOBIT: Evaluation of Three Key Areas
Detailed security standard; organized into ten major sections: