Scribd Logo
Importer

Bienvenue sur Scribd !

  • COBIT Security Assets

    Transféré par

    Alan Mudary
    15 vues5 pages
    Assets as Security in COBIT

    Copyright

    © © All Rights Reserved

    Formats disponibles

    XLS, PDF, TXT ou lisez en ligne sur Scribd

    Avez-vous trouvé ce document utile ?

    Ce contenu est-il inapproprié ?

    Signaler ce document
    Assets as Security in COBIT

    Droits d'auteur :

    © All Rights Reserved
    Téléchargez comme XLS, PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    15 vues5 pages

    COBIT Security Assets

    Transféré par

    Alan Mudary
    Assets as Security in COBIT

    Droits d'auteur :

    © All Rights Reserved
    Téléchargez comme XLS, PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    sur 5

    Po.

    COBIT Control Objective Task

    Ensure asset management system and process for


    hardware and software
    1 DS/09/01 Configuration Recording

    1.1 Ensure tools and processes are used to track hardware


    and software status from acquisition through the
    production status

    Computer Hardware Management


    Ensure there is a process to inform users about the units
    laptop security procedures
    6 DS/07/03 Security Principles and Awareness Training

    Software
    Ensure adequate and current software licenses/records
    exist
    2 DS/09/05 Unauthorized Software

    Ensure there is a process/policy to install software on


    business computers
    2.1

    Ensure periodic audits of user's computers

    2.2

    Ensure there is a process to for users to acquire


    additional software.
    2.3

    Ensure the use of enterprise pricing agreements to buy


    software
    3 AI/01/13 Procurement Control

    Virus Protection
    Ensure tha Standards are implemented on all machines,
    Malicious Software Prevention, Detection and has current definitions and appropriate settings
    1 DS/05/19
    Correction
    Detail Business Owner Team Date Priority Comment

    Computer Hardware Management

    Software

    Virus Protection
    Po. COBIT Control Objective

    1 PO/07/03 Roles and Responsibilities

    1.1

    2 PO/04/10 Segregation of duties

    7 DS/05/05 Management Review of User Accounts

    8 PO/04/07 Ownership and Custodianship

    9 DS/05/03 Security of online access to data

    10 AI/06/06 Authorized Maintenance

    11 PO/06/11 Communication of IT-Security


    Awareness

    11.1

    12 DS/07/03 Security Principles and Awareness


    Training

    12.1
    Task

    Identify SSA and backup SSA

    Identify the responsible for following systems:

    Identify responsibilities at the unit and at the division or enterprise level

    Ensure user and administrative access is reviewed periodically by


    business owners and IT management

    Identify business process owners of critical applications

    Define and maintain appropriate security levels

    Verify security is implemented for batch-control of jobs regarding legacy


    applications. Should not be too broad.

    Ensure proper security education

    Ensure regular communication process with unit personnel (unit security


    newsletter/web page)

    Ensure system security items are included with employee orientation

    Ensure ongoing security education of users


    Detail

    Vous aimerez peut-être aussi