Information Security Awareness

Size: px
Start display at page:

Download "Information Security Awareness"

Transcription

1 TASSCC Annual Conference 2008 Information Security Awareness -Beyond New Employee Orientation- 1 William Tompkins, CISSP, CBCP Teacher Retirement System of Texas August 11, 2008

2 William Tompkins William Tompkins is Information Security Officer at Teacher Retirement System of Texas. He has more than 25 years of technical, managerial and consulting experience in information technology and more than 17 years in information security. He is a Certified Information Systems Security Professional and a Certified Business Continuity Professional. He was the Manager of Texas Department of Transportation s Information Security Section and Project Manager of the Information Security Program which was selected as Computer Security Program of the Year 1994 by CSI (Computer Security Institute). William was elected to the ISSA Hall of Fame in 2006 by the ISSA International Board of Directors. (Information Systems Security Association) Mr. Tompkins holds two Bachelor of Science degrees, Psychology and Computer Information Science, from Troy State University in Alabama and Certification in Risk Management from University of Texas at Austin Division of Continuing Education. 2

3 By the end of this session you will be able to identify: How to... Ensure employees are really aware of security policies and their responsibilities Build and/or maintain security awareness program that is effective through the whole life of employees. Comprehensive Effective Security Awareness Program 3

4 Information Security Awareness Program Goal To make people understand the value of the information they handle and the need to protect it 4

5 Information Security Awareness Providing Awareness, leads to Understanding Change in Attitude Change in Behavior! 5

6 Management may ask, Why implement a security awareness campaign? Communicate policy to the user community and encourage compliance Mitigate the Security versus Usability equation Defend against social engineering threat components User awareness enhances the overall security profile 6

7 Employees ask, Why have Awareness Education? To increase awareness of Information Security practices To provide a better understanding of Information Security 7

8 The Good News... Computer users want to learn more about how to protect themselves and their computers 8

9 Know your audience Executives and Senior Managers/Directors Business Unit Managers & Team Leaders Regular Staff, Temp Hires & Contractors 9

10 Types of message NEO (New Employee Orientation) Business Unit specific Recurring Hot topics home user, recent events (organization impact ; IT industry impact ) Posters Walkthrough (Report to exec & Reward to Users) Inform users of InfoSec activities 10

11 N E O (New Employee Orientation) Best Practices = Good Habits Examples: Protect access to your electronic accounts Avoid computer malware Perform routine backup procedures Policy 11

12 Employees ask, Why is security needed? Manage Risk sensitive information financial loss loss of credibility failure to produce reliable information legal liability Compliance Requirements Law Policy 12

13 Laws & Policies Industry standards Government regulations Organization policy 13

14 Information Security Responsibilities IT Department Dotted line security Network, Database, Storage and backup Printers and Print distribution Logging and monitoring Secure programming 14

15 Sell Security Day-to-Day To be effective Use marketing concepts Advertising Branding 15

16 Advertising Convert your security policies to three to five concepts and taglines that can be reinforced on a continual basis in a variety of media. 16

17 Once words have left your mouth, you can never take them back! Protect TRS member information 17

18 You can't unring a bell or squeeze toothpaste back into the tube. And You can t untalk about Protected Health Information 18

19 Create a brand Once you have your brand, think about how to communicate your three to five concepts. 19

20 Sample Concepts Protect printouts & access to them Copies made by whom ing to?? Active distribution of data to proper recipients Appropriate attachments 20

21 How to Reinforce the message Prizes gift certificates / Thank You letter from CEO Surveys annually; user assist in developing Reminders Chalkboard & TRS-News Posters Recurring s & Intranet Highlights 21

22 Perform ongoing assessment Don t wait for your next audit Test it yourself, or work with a vendor Continual testing Ongoing feedback and revision loops Assessment is key to identifying what works and what doesn't. 22

23 Summary Security information has value; both personally and professionally Security policies exist for business-driven reasons and they are enforced for everyone Security solutions can impact usability; communicate before solutions are implemented Security awareness is a long term process 23

24 Q U E S T I O N S? Thank You William A. Tompkins (512)

25 Assessment COBIT doesn't have a section dedicated to information security awareness and training, but there are specific references to it in the following sections: PO6 Communicate management aims and direction. PO7 Manage IT human resources. DS5 Ensure systems security. DS7 Educate and train users. 25

26 Assessment The COBIT maturity model for training (DS7 - Educate and Train Users) specifies the following requirements for each of its 5 maturity levels: 26

27 COBIT - DS7 Educate and Train Users Level 0 -- Non-Existent Initial/Ad Hoc Repeatable but Intuitive Defined Process Managed and Measurable Optimized Requirement There is a complete lack of any training and education program. Employees have been identifying and attending training courses on their own. Some of these training courses have addressed the issues of ethical conduct, system security awareness and security practices. Informal training and education classes are taught... Some of the classes address the issues of ethical conduct and system security awareness and practices. Formal classes are given to employees in ethical conduct and in system security awareness and practices. Most training and education processes are monitored... All employees receive ethical conduct and system security awareness training. All employees receive the appropriate level of system security practices training in protecting against harm from failures affecting availability, confidentiality and integrity. Management monitors compliance... Sufficient budgets, resources, facilities and instructors are provided for the training and education programs. There is a positive attitude with respect to ethical conduct and system security principles. 27

Security Awareness Compliance Requirements. Last Updated: Oct 01, 2015

Security Awareness Compliance Requirements. Last Updated: Oct 01, 2015 Security Awareness Compliance Requirements Last Updated: Oct 01, 2015 info@securingthehuman.org http://www.securingthehuman.org 1. Executive Summary The purpose of this document is to identify different

More information

Thank You! Contents. Promoting SmartDollar... 3. Implementing SmartDollar... 4. SmartDollar Resource Center... 6. Internal Communications...

Thank You! Contents. Promoting SmartDollar... 3. Implementing SmartDollar... 4. SmartDollar Resource Center... 6. Internal Communications... Promotion Guide Thank You! Thank you for adding SmartDollar to your benefits program. You are changing lives by helping your employees take control of their money and get on track for retirement! SmartDollar

More information

Information Security Risk Management

Information Security Risk Management Information Security Risk Management Based on ISO/IEC 17799 Houman Sadeghi Kaji Spread Spectrum Communication System PhD., Cisco Certified Network Professional Security Specialist BS7799 LA info@houmankaji.net

More information

Education as a defense strategy. Jeannette Jarvis Group Program Manager PSS Security Microsoft

Education as a defense strategy. Jeannette Jarvis Group Program Manager PSS Security Microsoft Education as a defense strategy Jeannette Jarvis Group Program Manager PSS Security Microsoft Introduction to End User Security Awareness End User Security Awareness Challenges Understanding End User

More information

Corporate Compliance and Ethics Program Effective as adopted on February 21, 2012

Corporate Compliance and Ethics Program Effective as adopted on February 21, 2012 Corporate Compliance and Ethics Program Effective as adopted on February 21, 2012 Page 1 of 7 SECTION 1. STATEMENT OF INTENT As a specialty pharmaceutical company and diagnostic laboratory, Prometheus

More information

Security Awareness: Looking Beyond Regulations

Security Awareness: Looking Beyond Regulations Security Awareness: Looking Beyond Regulations Over the years, security experts have religiously advocated that people are the weakest link in information security. Although the importance of security

More information

Oregon Secretary of State Security Awareness Program Strategic Plan Recommendation

Oregon Secretary of State Security Awareness Program Strategic Plan Recommendation Oregon Secretary of State Security Awareness Program Prepared by: Information Systems Division On: July 31, 2008 - Focused on Security. Dedicated to Success. - Revised 9/4/2008 4:30 PM Document History...

More information

Measuring and Evaluating Results

Measuring and Evaluating Results Introduction Measuring and evaluating results will provide you and your associates with the vital information you need for making key strategic and tactical decisions prior to, at and after the trade shows,

More information

DEVELOPING A CYBERSECURITY POLICY ARCHITECTURE

DEVELOPING A CYBERSECURITY POLICY ARCHITECTURE TECHNICAL PROPOSAL DEVELOPING A CYBERSECURITY POLICY ARCHITECTURE A White Paper Sandy Bacik, CISSP, CISM, ISSMP, CGEIT July 2011 7/8/2011 II355868IRK ii Study of the Integration Cost of Wind and Solar

More information

HIPAA Myths. WEDI Regional Affiliates. Chris Apgar, CISSP Apgar & Associates

HIPAA Myths. WEDI Regional Affiliates. Chris Apgar, CISSP Apgar & Associates HIPAA Myths WEDI Regional Affiliates Chris Apgar, CISSP Apgar & Associates Overview Missed Regulatory Requirements Common HIPAA Privacy Myths Common HIPAA Security Myths Other Related Myths Finding the

More information

10 Business Tips. For Effectively Developing and Managing a Small Law Firm. Toni Halleen, SchaeferHalleen LLC. August 2014

10 Business Tips. For Effectively Developing and Managing a Small Law Firm. Toni Halleen, SchaeferHalleen LLC. August 2014 10 Business Tips For Effectively Developing and Managing a Small Law Firm Toni Halleen, SchaeferHalleen LLC August 2014 A. Introduction Is managing a small law firm is different from any other kind of

More information

Chapter 1 The Scope of Corporate Finance

Chapter 1 The Scope of Corporate Finance Chapter 1 The Scope of Corporate Finance MULTIPLE CHOICE 1. One of the tasks for financial managers when identifying projects that increase firm value is to identify those projects where a. marginal benefits

More information

IT Governance: The benefits of an Information Security Management System

IT Governance: The benefits of an Information Security Management System IT Governance: The benefits of an Information Security Management System Katerina Cai, CISSP Hewlett-Packard 2004 Hewlett-Packard Development Company, L.P. The information contained herein is subject to

More information

REQUEST FOR BOARD ACTION

REQUEST FOR BOARD ACTION REQUEST FOR BOARD ACTION HENDERSON COUNTY BOARD OF COMMISSIONERS MEETING DATE: 23 March 2005 SUBJECT: ATTACHMENT(S): HIPAA 1. Proposed Resolution adopting policies 2. Proposed policies SUMMARY OF REQUEST:

More information

Recommended Pre-Survey Communications Assigned To Task Due Date

Recommended Pre-Survey Communications Assigned To Task Due Date Communications Plan Creating a communications plan is crucial to the success of your survey and to receiving a higher response rate. Within this section you will find suggested timelines for distributing

More information

Workshop agenda. Data Quality Metrics and IT Governance. Today s purpose. Icebreaker. Audience Contract. Today s Purpose

Workshop agenda. Data Quality Metrics and IT Governance. Today s purpose. Icebreaker. Audience Contract. Today s Purpose Workshop agenda Strategic Data Quality Management Data Quality Metrics and IT Governance Today s purpose data quality metrics Conclusion Presenter: Micheal Axelsen Director Information Systems Consulting

More information

Case Study: Hiring a licensed Security Provider

Case Study: Hiring a licensed Security Provider Case Study: Hiring a licensed Security Provider Company Profile McCann Investigations is a full service private investigation firm providing complete case solutions by employing cutting-edge computer forensics

More information

COMPLIANCE PROGRAM ASSESSMENT FORM

COMPLIANCE PROGRAM ASSESSMENT FORM Person Completing Assessment: Title of Person Completing Assessment: Date Assessment Completed: COMPLIANCE PROGRAM ASSESSMENT FORM Element 1: Designated Compliance Officer in Compliance Committee A. Has

More information

Sample Lesson How to Brush Your Teeth

Sample Lesson How to Brush Your Teeth 6 55 Sample Lesson How to Brush Your Teeth 6 56 How to Brush Your Teeth In a prior lesson you have learned about human body and hair hygiene practices. Now we will look at special care given to the teeth

More information

This article describes how these seven enablers have contributed towards better information security management at HDFC Bank.

This article describes how these seven enablers have contributed towards better information security management at HDFC Bank. Information Security Management at HDFC Bank: Contribution of Seven Enablers By Vishal Salvi, CISM, and Avinash W. Kadam, CISA, CISM, CGEIT, CRISC, CBCP, CISSP, CSSLP HDFC Bank was incorporated in August

More information

Marketing Management

Marketing Management Marketing Management Draft 2001 Delta Epsilon Chi Competitive Events for this competitive event are used to define the parameters of the written exam and other activities that are part of the overall competition.

More information

(Company Name) SECURITY AWARENESS PROGRAM INFORMATION, PHYSICAL AND PERSONAL SECURITY. 2001. Melissa Guenther, LLC. All rights reserved.

(Company Name) SECURITY AWARENESS PROGRAM INFORMATION, PHYSICAL AND PERSONAL SECURITY. 2001. Melissa Guenther, LLC. All rights reserved. (Company Name) SECURITY AWARENESS PROGRAM INFORMATION, PHYSICAL AND PERSONAL SECURITY Company Policies Security Awareness Program Purposes Integrate Define Feedback Activities Elicit Implement Employees

More information

Email Marketing Strategy Guide NewZapp.co.uk - 2007. Introduction. Where are you now?

Email Marketing Strategy Guide NewZapp.co.uk - 2007. Introduction. Where are you now? Email Marketing Strategy Guide NewZapp.co.uk - 2007 Introduction In recent years Email Marketing has seen huge growth in the UK and worldwide. In this document we ll look at the key areas of an Email Marketing

More information

Distance Education Committee DE Faculty Survey - Student Technical Support () No. of responses = 98

Distance Education Committee DE Faculty Survey - Student Technical Support () No. of responses = 98 Distance Education Committee DE Faculty Survey - Student Technical Support () No. of responses = 98 Survey Results Legend Question text Relative Frequencies of answers Std. Dev. Mean Median Quantile 0%

More information

How to plan marketing communications?

How to plan marketing communications? 10 Minute Guide How to plan marketing communications? Membership Services Moor Hall, Cookham Maidenhead Berkshire, SL6 9QH, UK Telephone: 01628 427500 www.cim.co.uk/marketingresources The Chartered Institute

More information

Risk-Ops at Scale: Framework Operationalization to Address Business Risk

Risk-Ops at Scale: Framework Operationalization to Address Business Risk SESSION ID: GRC-T08 Risk-Ops at Scale: Framework Operationalization to Address Business Risk Eddie Block Chief Information Security Officer State of Texas @jurishacker Nancy Rainosek Statewide GRC Program

More information

Accounting Course Descriptions

Accounting Course Descriptions Accounting Course Descriptions ACCT 210: Financial Accounting (3) (F, S, SS) As the introductory course for the accounting degree program, the course introduces the basic framework of accounting to all

More information

OMNI TECHNICAL SOLUTIONS. Business Ethics, Compliance, Anti-Corruption and Anti-Money Laundering Policy

OMNI TECHNICAL SOLUTIONS. Business Ethics, Compliance, Anti-Corruption and Anti-Money Laundering Policy OMNI TECHNICAL SOLUTIONS Business Ethics, Compliance, Anti-Corruption and Anti-Money Laundering Policy Updated: September 2015 Table of Contents 1. Introduction... 2 2. Business Ethics... 3 2.1 Compliance...

More information

Oct 29 th, 2013 Importance of Security Awareness training John Ecken

Oct 29 th, 2013 Importance of Security Awareness training John Ecken Oct 29 th, 2013 Importance of Security Awareness training John Ecken WELCOME About Me What is Security Awareness? Importance of Security Awareness What should be included in a Security Awareness program

More information

REQUEST FOR PROPOSALS. Administrative Support Services. Issue Date: November 10, 2025. Letters of Intent: November 17, 2015

REQUEST FOR PROPOSALS. Administrative Support Services. Issue Date: November 10, 2025. Letters of Intent: November 17, 2015 REQUEST FOR PROPOSALS Administrative Support Services Issue Date: November 10, 2025 Letters of Intent: November 17, 2015 Closing Date: November 27, 2015 12:00p.m. EST Overview The International Association

More information

1000 SERIES SCHOOL-COMMUNITY RELATIONS

1000 SERIES SCHOOL-COMMUNITY RELATIONS 1000 SERIES SCHOOL-COMMUNITY RELATIONS 1001 Statement of Guiding Principles 1002 Information Program 1003 Releases to News Media Internal Unit News 1004 School Personnel and Public Relations 1005 Citizen

More information

1. Collection and Use of Personal Information

1. Collection and Use of Personal Information MyMuCo Privacy Policy Effective Date: July 1, 2014 Welcome to MyMuCo a community for musicians and music students. Your privacy is important to MyMuCo, so we ve developed a Privacy Policy that covers how

More information

It is clear the postal mail is still very relevant in today's marketing environment.

It is clear the postal mail is still very relevant in today's marketing environment. Email and Mobile Digital channels have many strengths, but they also have weaknesses. For example, many companies routinely send out emails as a part of their marketing campaigns. But people receive hundreds

More information

HIPAA MYTHS: DON T ALWAYS BELIEVE WHAT YOU HEAR. Chris Apgar, CISSP

HIPAA MYTHS: DON T ALWAYS BELIEVE WHAT YOU HEAR. Chris Apgar, CISSP HIPAA MYTHS: DON T ALWAYS BELIEVE WHAT YOU HEAR Chris Apgar, CISSP 2015 OVERVIEW Missed Regulatory Requirements Common HIPAA Privacy Myths Common HIPAA Security Myths Other Related Myths Finding the Right

More information

Roger s Cyber Security and Compliance Mini-Guide

Roger s Cyber Security and Compliance Mini-Guide Roger s Cyber Security and Compliance Mini-Guide A Mini Guide for Small and Medium Business and not for profit organisations. By Roger Smith Managed Service Provider and Cyber Security Coach R & I ICT

More information

North Texas ISSA CISO Roundtable

North Texas ISSA CISO Roundtable North Texas ISSA CISO Roundtable Roundtable Topic Threat Against Our Well Being The Most Effective Methods in Combating and Responding to the Cyber Attack Event Sponsor Moderator and Panelists David Stanton

More information

APPS APPS MEDIA MEDIA SOCIAL SOCIAL ENGINE ENGINE SEARCH SEARCH MARKETING MARKETING WEB DESIGN ADVERTISING WEB DESIGN & REPORTING & REPORTING

APPS APPS MEDIA MEDIA SOCIAL SOCIAL ENGINE ENGINE SEARCH SEARCH MARKETING MARKETING WEB DESIGN ADVERTISING WEB DESIGN & REPORTING & REPORTING WEB DESIGN & DEVELOPMENT SEARCH OPTIMIZATION PAY-PER-CLICK ADVERTISING SOCIAL MEDIA APPS CALL LISTENING & REPORTING WEB DESIGN & DEVELOPMENT SEARCH OPTIMIZATION PAY-PER-CLICK INTERNET LEAD GENERATION APPS

More information

Effective Marketing Solutions for your Small Business

Effective Marketing Solutions for your Small Business COMMUNITY TECHNOLOGY CENTER PASSAIC COUNTY COMMUNITY COLLEGE Teacher: Lucia Gheorghiu Effective Marketing Solutions for your Small Business Ideas for Today and Tomorrow Dr. Lucia Gheorghiu 1 Effective

More information

Request for Proposal. Supporting Document 3 of 4. Contract and Relationship Management for the Education Service Payroll

Request for Proposal. Supporting Document 3 of 4. Contract and Relationship Management for the Education Service Payroll Request for Proposal Supporting Document 3 of 4 Contract and Relationship December 2007 Table of Contents 1 Introduction 3 2 Governance 4 2.1 Education Governance Board 4 2.2 Education Capability Board

More information

2015 WSSFC Practice Management Track Session 5 Creating a Firm Marketing Plan and Sticking to it

2015 WSSFC Practice Management Track Session 5 Creating a Firm Marketing Plan and Sticking to it ` 2015 WSSFC Practice Management Track Session 5 Creating a Firm Marketing Plan and Sticking to it Jeffrey S. Krause. Solfecta, Waterford About the Presenter... Jeffrey S. Krause is an attorney and co-owner

More information

The Security Overview section describes the FDA Information Security program, consisting of several focus areas whose objectives are to keep FDA

The Security Overview section describes the FDA Information Security program, consisting of several focus areas whose objectives are to keep FDA The FDA Intranet Information Security Program Website is a resource where employees can find the most current information on IT security, the FDA awareness program, who to contact with questions and more.

More information

Software Testing as a Managed Service An Engagement model to extend business operations

Software Testing as a Managed Service An Engagement model to extend business operations Software Testing as a Managed Service An Engagement model to extend business operations Author: Harmanjit Singh Chopra (Project Test Lead) Co-Author: Saroj Patnaik (GM - Testing) Author s Biography Harmanjit

More information

8/28/2015. How to Manage Records. Overview. Learning Objectives. Do you have? Does your office look like this?

8/28/2015. How to Manage Records. Overview. Learning Objectives. Do you have? Does your office look like this? How to Manage Records Records Management Services State of Michigan Overview Common Recordkeeping Problems Risk Management Keeping Records Storing Records Destroying Records Getting Organized Learning

More information

ASAE s Job Task Analysis Strategic Level Competencies

ASAE s Job Task Analysis Strategic Level Competencies ASAE s Job Task Analysis Strategic Level Competencies During 2013, ASAE funded an extensive, psychometrically valid study to document the competencies essential to the practice of association management

More information

Build (develop) and document Acceptance Transition to production (installation) Operations and maintenance support (postinstallation)

Build (develop) and document Acceptance Transition to production (installation) Operations and maintenance support (postinstallation) It is a well-known fact in computer security that security problems are very often a direct result of software bugs. That leads security researches to pay lots of attention to software engineering. The

More information

Designing and Implementing Your Communication s Dashboard: Lessons Learned

Designing and Implementing Your Communication s Dashboard: Lessons Learned Designing and Implementing Your Communication s Dashboard: Lessons Learned By Katie Delahaye Paine President, Paine & Partners Contact Information: Katie Delahaye Paine CEO KDPaine & Partners Durham, NH

More information

Marketing: Promotion Basics

Marketing: Promotion Basics Name: Class: Date Taken: Total Possible Marks: 39 Marketing: Promotion Basics Complete the following questions in the time allowed by your teacher Write a short, accurate definition for each of the following

More information

The Next Generation of Security Leaders

The Next Generation of Security Leaders The Next Generation of Security Leaders In an increasingly complex cyber world, there is a growing need for information security leaders who possess the breadth and depth of expertise necessary to establish

More information

Chief Information Officer

Chief Information Officer Security manager Job description Job title Security manager Location Wellington Group Organisation Development Business unit / team IT Solutions Grade and salary range Pay Group 1, Pay Band 6 Reports to

More information

ETHICS AS CULTURE. Presented by the Council of Public Relations Firms

ETHICS AS CULTURE. Presented by the Council of Public Relations Firms ETHICS AS CULTURE Presented by the Council of Public Relations Firms 2 Introduction NOW MORE THAN EVER, OUR PROFESSION HAS AN OBLIGATION NOT ONLY TO OFFER OUR CLIENTS SOUND COMMUNICATIONS COUNSEL, BUT

More information

Market Research. What is market research? 2. Why conduct market research?

Market Research. What is market research? 2. Why conduct market research? What is market research? Market Research Successful businesses have extensive knowledge of their customers and their competitors. Market research is the process of gathering information which will make

More information

Principal Certification Course Catalog

Principal Certification Course Catalog Principal Certification Course Catalog 100% Online Coursework TEXAS 1 PRINCIPAL CERTIFICATION COURSE CATALOG iteachtexas Principal Certification Course Catalog 4 8 10 Syllabus The modular Principal preparation

More information

Build It and They Will Come: Employee Wellness Programming that Works

Build It and They Will Come: Employee Wellness Programming that Works Build It and They Will Come: Employee Wellness Programming that Works Kristi Bracewell, BSc Certified Worksite Wellness Manager Owner, Totasola, LLC Fundamentals Understand the importance of developing

More information

Cybersecurity Best Practices in Mortgage Banking. Article by Jim Deitch October 2015

Cybersecurity Best Practices in Mortgage Banking. Article by Jim Deitch October 2015 Cybersecurity Best Practices in Mortgage Banking Article by Jim Deitch Cybersecurity Best Practices in Mortgage Banking BY JIM DEITCH Jim Deitch Recent high-profile cyberattacks have clearly demonstrated

More information

Corporate Security Awareness. The Common Sense of Compliance

Corporate Security Awareness. The Common Sense of Compliance Corporate Security Awareness The Common Sense of Compliance 1 Information Theft Physical Vendor/Client Fraudulent Activities Stolen Assets (i.e. backup tapes) Compromised Assets (vengeful employees) Other

More information

Non-Profit Direct Mail

Non-Profit Direct Mail Guide to a Successful Non-Profit Direct Mail Campaign The face of fundraising has changed in recent years a change which non-profit organizations have acutely felt. The internet has made access to donors

More information

Core Competencies of Election Officials: Requisite Attitudes, Knowledge and Skills. Dr. Merle S. King January 8, 2014

Core Competencies of Election Officials: Requisite Attitudes, Knowledge and Skills. Dr. Merle S. King January 8, 2014 Core Competencies of Election Officials: Requisite Attitudes, Knowledge and Skills. Dr. Merle S. King January 8, 2014 Overview of project: Introduction The contemporary election official must possess a

More information

Interpreting the HIPAA Audit Protocol for Health Lawyers

Interpreting the HIPAA Audit Protocol for Health Lawyers Interpreting the HIPAA Audit Protocol for Health Lawyers This webinar is brought to you by the Health Information and Technology Practice Group (HIT), and is co-sponsored by the Business Law and Governance

More information

Jason I. Miletsky Perspectives on branding

Jason I. Miletsky Perspectives on branding Jason I. Miletsky Perspectives on branding TABLE OF CONTENTS Introduction Opening Remarks xiii xv Part One Understanding the Brand 1 1 How Would You Define a Brand? 2 2 What Role Does Brand-Building Play

More information

Emergency Response Plans. More than a phone tree Less than an encyclopedia Doing it just right

Emergency Response Plans. More than a phone tree Less than an encyclopedia Doing it just right Emergency Response Plans More than a phone tree Less than an encyclopedia Doing it just right Background For systems over 3,300 population (1,000 connections) an Emergency Response Plan (ERP) is required

More information

COMPLIANCE PROGRAM GUIDANCE FOR MEDICARE FEE-FOR-SERVICE CONTRACTORS

COMPLIANCE PROGRAM GUIDANCE FOR MEDICARE FEE-FOR-SERVICE CONTRACTORS Department of Health and Human Services CENTERS FOR MEDICARE & MEDICAID SERVICES COMPLIANCE PROGRAM GUIDANCE FOR MEDICARE FEE-FOR-SERVICE CONTRACTORS March 2005 TABLE OF CONTENTS INTRODUCTION...3 ELEMENTS

More information

P01 - Information Security Policy

<COMPANY> P01 - Information Security Policy P01 - Information Security Policy Document Reference P01 - Information Security Policy Date 30th September 2014 Document Status Final Version 3.0 Revision History 1.0 09 November 2009: Initial release.

More information

Employee Web-use Monitoring at BNSF Railway

Employee Web-use Monitoring at BNSF Railway Employee Web-use Monitoring at BNSF Railway Choosing the Right Solution Pays Off Wavecrest Computing 904 East New Haven Avenue Melbourne, FL 32901 Toll-free: 877-442-9346 Voice: 321-953-5351 Fax: 321-953-5350

More information

POLICY ON SEXUAL AND GENDER-BASED MISCONDUCT AND OTHER FORMS OF INTERPERSONAL VIOLENCE

POLICY ON SEXUAL AND GENDER-BASED MISCONDUCT AND OTHER FORMS OF INTERPERSONAL VIOLENCE APPENDIX B AUBURN UNIVERSITY TRAINING, EDUCATION, AND PREVENTION PROGRAMS Table of Contents POLICY ON SEXUAL AND GENDER-BASED MISCONDUCT AND OTHER FORMS OF INTERPERSONAL VIOLENCE I. INTRODUCTION... 1 II.

More information

Best Practices for Designing and Implementing Communication Strategies: Presenters Notes

Best Practices for Designing and Implementing Communication Strategies: Presenters Notes Best Practices for Designing and Implementing Communication Strategies: s Slide 2: Today we are going to focus on discussing the importance of family involvement We will be discussing specific strategies

More information

Training Catalogue. Ace Service Training Catalogue Ver 7.0. Ace Services

Training Catalogue. Ace Service Training Catalogue Ver 7.0. Ace Services Catalogue 1 Ace Services TRAINING CATALOGUE Contents Introduction... 3 areas... 3 About the Trainer... 4 Integrated Risk Management... 5 Information Risk Management... 6 Business Continuity Management...

More information

CHAPTER 14: THE ROLE OF ACCOUNTANTS AND ACCOUNTING INFORMATION

CHAPTER 14: THE ROLE OF ACCOUNTANTS AND ACCOUNTING INFORMATION CHAPTER 14: THE ROLE OF ACCOUNTANTS AND ACCOUNTING INFORMATION I. What Is Accounting and Who Uses Accounting Information? Accounting is a comprehensive system for collecting, analyzing, and communicating

More information

WITH THE MARKETING EFFICIENCY CLOUD FROM BRANDMAKER

WITH THE MARKETING EFFICIENCY CLOUD FROM BRANDMAKER BRAND MANAGEMENT WITH THE MARKETING EFFICIENCY CLOUD FROM BRANDMAKER Marketing Efficiency Cloud The Marketing Efficiency Cloud from BrandMaker is the comprehensive solution suite for more transparency,

More information

MBA 695 B Advertising and Promotions UNC-GREENSBORO

MBA 695 B Advertising and Promotions UNC-GREENSBORO MBA 695 B Advertising and Promotions UNC-GREENSBORO PLACE: Joseph M Bryan School of Business Room 205 TIME: Mondays, 6:30 9:20pm INSTRUCTOR: Matt Mitchell OFFICE HOURS: If you need to meet with me feel

More information

United Healthcare Certification Details

United Healthcare Certification Details United Healthcare Certification Details Yes No No Yes No Online Certification Required? Face to Face Certification Required? AHIP or Gorman Required? AHIP or Gorman Accepted for Some Modules? Reimburses

More information

Results Rule! Build a Culture that Makes Your Team a Hero

Results Rule! Build a Culture that Makes Your Team a Hero Results Rule! Build a Culture that Makes Your Team a Hero Participant Guide Part I Based upon the book by Randy G. Pennington 2010, The Pennington Group Inc. Copyright Notice This Guide is copyright free

More information

OFFICE OF THE CITY AUDITOR

OFFICE OF THE CITY AUDITOR OFFICE OF THE CITY AUDITOR AUDIT OF THE VITAL STATISTICS BIRTH AND DEATH CERTIFICATE IMAGING SYSTEM Paul T. Garner Assistant City Auditor Prepared by: Tony Aguilar, CISA Sr. IT Auditor Bill Steer, CPA,

More information

Does Your Information Security Program Measure Up? Session #74

Does Your Information Security Program Measure Up? Session #74 Does Your Information Security Program Measure Up? Session #74 DISCLAIMER: The views and opinions expressed in this presentation are those of the author and do not necessarily represent official policy

More information

Boosting your Sales Through Direct Marketing & Public Relations

Boosting your Sales Through Direct Marketing & Public Relations C&H Communications 2011 Boosting your Sales Through Direct Marketing & Public Relations By: Charbel El Khouri Marketing & Communications Consultant email: charbel.khouri@chcommunications.net Mob: +971-50-4612513

More information

CLASSIFICATION SPECIFICATION FORM

CLASSIFICATION SPECIFICATION FORM www.mpi.mb.ca CLASSIFICATION SPECIFICATION FORM Human Resources CLASSIFICATION TITLE: POSITION TITLE: (If different from above) DEPARTMENT: DIVISION: LOCATION: Executive Director Executive Director, Information

More information

Building a More Secure and Prosperous Texas through Expanded Cybersecurity

Building a More Secure and Prosperous Texas through Expanded Cybersecurity Building a More Secure and Prosperous Texas through Expanded Cybersecurity Bob Butler Chairman, Texas Cybersecurity, Education and Economic Development Council April 2013 About the Texas Cybersecurity

More information

SAFEGUARDS FOR PROTECTING PRIVATE DATA - SERVICE PROVIDERS AND CONTRACTORS

SAFEGUARDS FOR PROTECTING PRIVATE DATA - SERVICE PROVIDERS AND CONTRACTORS SAFEGUARDS FOR PROTECTING PRIVATE DATA - SERVICE PROVIDERS AND CONTRACTORS THE UNIVERSITY OF NEW MEXICO October 17, 2013 Audit Committee Members J.E. Gene Gallegos, Chair Lt. General Bradley Hosmer, Vice

More information

City of Oshawa. Corporate Advertising Policy. Original date: January 2007. Amended date: August 2009. Amended date: September 2010

City of Oshawa. Corporate Advertising Policy. Original date: January 2007. Amended date: August 2009. Amended date: September 2010 City of Oshawa Corporate Advertising Policy Original date: January 2007 Amended date: August 2009 Amended date: September 2010 Amended date: December 2014 Corporate Advertising Policy 1.0 Purpose The purpose

More information

career development: updating the resume

career development: updating the resume career development: updating the resume a good resume is an essential part of career planning help achieve future career goals enhance performance evaluations target your resume to reach your career goals

More information

Nonprofit risk management

Nonprofit risk management Nonprofit risk management Mary Mancuso Nonprofit organizations face unique risk management challenges. They are often held to the same standards as for-profit organizations but do not have the same resources

More information

Georgia Department of Education

Georgia Department of Education Marketing Career Cluster Marketing and Entrepreneurship Course Number 08.44100 Course Description: Marketing and Entrepreneurship is the second course in the Marketing and Management Career Pathway. Marketing

More information

Internet Marketing Implementation Course MKTG13; 3 Days, Instructor-led

Internet Marketing Implementation Course MKTG13; 3 Days, Instructor-led Internet Marketing Implementation Course MKTG13; 3 Days, Instructor-led Course Description A comprehensive internet marketing training course that covers Social Media, SEO, Email Marketing, PPC, Conversion

More information

Office of the Auditor General Performance Audit Report. Statewide Oracle Database Controls Department of Technology, Management, and Budget

Office of the Auditor General Performance Audit Report. Statewide Oracle Database Controls Department of Technology, Management, and Budget Office of the Auditor General Performance Audit Report Statewide Oracle Database Controls Department of Technology, Management, and Budget March 2015 071-0565-14 State of Michigan Auditor General Doug

More information

Achieve. Performance objectives

Achieve. Performance objectives Achieve Performance objectives Performance objectives are benchmarks of effective performance that describe the types of work activities students and affiliates will be involved in as trainee accountants.

More information

right brain left brain harmony

right brain left brain harmony right brain left brain harmony The end - to - end content process How organisations can become better publishers Everyone is a publisher now The cost of entry is effectively zero Free tools Free platforms

More information

Certified Nonprofit Consultant (CNC)

Certified Nonprofit Consultant (CNC) Certified Nonprofit Consultant (CNC) WHY DO EXECUTIVES SECURE THE CNC CREDENTIAL?...to validate their professional achievements and personal commitment to advance the common good. Certified Fundraising

More information

Post-Class Quiz: Business Continuity & Disaster Recovery Planning Domain

Post-Class Quiz: Business Continuity & Disaster Recovery Planning Domain 1. What is the most common planned performance duration for a continuity of operations plan (COOP)? A. 30 days B. 60 days C. 90 days D. It depends on the severity of a disaster. 2. What is the business

More information

2 0 1 4 F G F O A A N N U A L C O N F E R E N C E

2 0 1 4 F G F O A A N N U A L C O N F E R E N C E I T G OV E R NANCE 2 0 1 4 F G F O A A N N U A L C O N F E R E N C E RAJ PATEL Plante Moran 248.223.3428 raj.patel@plantemoran.com This presentation will discuss current threats faced by public institutions,

More information

Best Practices. How to Turn Leads Into Sales. Powered by. About this document

Best Practices. How to Turn Leads Into Sales. Powered by. About this document Best Practices How to Turn Leads Into Sales Powered by About this document As part of our commitment to our valued customers this document was produced to help lead recipients attain the highest level

More information

Administrative Services Survey 2013 Preliminary Survey Results

Administrative Services Survey 2013 Preliminary Survey Results Administrative Services Survey 2013 Preliminary Survey Results Office of the Vice Chancellor Version 2.2 3 December 2013 Table of contents 1. Introduction... 3 2. Purpose... 3 3. Objectives... 3 4. Approach...

More information

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 14 Risk Mitigation

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 14 Risk Mitigation Security+ Guide to Network Security Fundamentals, Fourth Edition Chapter 14 Risk Mitigation Objectives Explain how to control risk List the types of security policies Describe how awareness and training

More information

Please start at the forum by introducing yourself to everyone.

Please start at the forum by introducing yourself to everyone. Guide to Online Learning Online learning is a great way to fit a qualification around your life. Learning online gives you the flexibility to study when it is convenient for you. The AIFL has aimed to

More information

Kevin Savoy, CPA, CISA, CISSP Director of Information Technology Audits Brian Daniels, CISA, GCFA Senior IT Auditor

Kevin Savoy, CPA, CISA, CISSP Director of Information Technology Audits Brian Daniels, CISA, GCFA Senior IT Auditor IT Audit/Security Certifications Kevin Savoy, CPA, CISA, CISSP Director of Information Technology Audits Brian Daniels, CISA, GCFA Senior IT Auditor Certs Anyone? There are many certifications out there

More information

Laboratory Information Management Systems. Presented By: Happy Mashigo & Vuyiswa Kenke

Laboratory Information Management Systems. Presented By: Happy Mashigo & Vuyiswa Kenke Laboratory Information Management Systems Presented By: Happy Mashigo & Vuyiswa Kenke Welcome Welcome to the Laboratory Information Management Systems Module 2 Module Objectives At the end of this module,

More information

Employee Embezzlement and Fraud. Defending Against Insider Threats

Employee Embezzlement and Fraud. Defending Against Insider Threats Employee Embezzlement and Fraud Defending Against Insider Threats Today s Approach An open dialogue and sharing of information regarding a common threat of internal losses. There is no guarantee that any

More information

GRADUATE CERTIFICATE IN GIFTED AND TALENTED EDUCATION

GRADUATE CERTIFICATE IN GIFTED AND TALENTED EDUCATION GRADUATE CERTIFICATE IN GIFTED AND TALENTED EDUCATION Gifted and Talented Advisory Council College of Education University of Nevada, Reno Mailstop 0299 Reno, NV 89557 Office (775) 784-4383 Fax (775) 784-4384

More information

Information Security Training & Awareness

Information Security Training & Awareness Online Training & Project Briefing Expectations & Responsibilities Information Security Manager s Forum, March 4, 2008 Revised September 20, 2010 (1) Why is awareness important? Obligation to protect private

More information

Achieving Governance, Risk and Compliance Requirements with HISP Certification Course

Achieving Governance, Risk and Compliance Requirements with HISP Certification Course Achieving Governance, Risk and Compliance Requirements with HISP Certification Course in corporation with A unique information security and regulatory compliance certification course that provides IT security

More information

John Keel, CPA State Auditor. An Audit Report on Selected Information Technology Controls at the Winters Data Centers. July 2011 Report No.

John Keel, CPA State Auditor. An Audit Report on Selected Information Technology Controls at the Winters Data Centers. July 2011 Report No. John Keel, CPA State Auditor An Audit Report on Selected Information Technology Controls at the Winters Data Centers Report No. 11-033 An Audit Report on Selected Information Technology Controls at the

More information