Information security awareness: transfer from workplace to a home environment

Size: px
Start display at page:

Download "Information security awareness: transfer from workplace to a home environment"

Transcription

1 Information security awareness: transfer from workplace to a home environment Ilze Murane ne, M. Sc., CISA Information Systems Security Manager,, Latvijas Banka

2 Acquaintance M.Sc. Computer Science Doctoral student IS Security Manager Past Operational Risk Manager IS Auditor, CISA Business Continuity Project Leader

3 Agenda Information Security Awareness Case studies Responsibility for information security awareness raising Discussion

4 Information Security Awareness Degree to which every person understands the importance of information security understands individual security responsibilities acts accordingly

5 Good Practice Overview I Management Commitment Posters Videoclips

6 Good Practice Overview II Seminars Online tools Games

7 Case Study Central Bank Information systems security awareness activities since 1998 Comprehensive seminars/discussions organised by IS Security Manager since 2001 Every employee is responsible for all activities done with his/her username/password (smartcard) Head of department is responsible for security awareness culture Partly anonymous security practice tests

8 Awareness Messages

9 Support for Employees Care about home information security increases corporate security IT support staff helps select and maintain antivirus software configure WiFi routers Win7 BitLocker

10 Responsibilities ISF Standard of Good Practice for Information Security Top management s s direction on information security should be established, and commitment demonstrated to ensure an appropriate set of security controls is implemented ISO 27002:2005 Management should require employees to apply security in accordance with established policies and procedures of the organization. Management responsibilities should include ensuring that employees, contractors and third party users achieve a level of awareness on security relevant to their roles and responsibilities within the organization

11 Activities ISF Standard of Good Practice for Information Security Specific activities should be undertaken, such as a security awareness programme,, to promote security awareness to all individuals who have access to the information and systems of the organisation.. Individuals should be made aware of the key elements of information security and why it is needed, and understand their personal information security responsibilities ISO 27002:2005 All employees of the organization should receive appropriate awareness training and regular updates in organizational policies and procedures, as relevant for their job function

12 Conversation Does your organization organize information security awareness raising activities? Yes/No How often? Occasionally Every year Does your organization evaluate security awareness level? Yes/No How? "exam overall level evaluation analysis of incidents

13 Hypothesis Knowledgeable employee -> knowledgeable everyone -> knowledgeable society

14 Electronic environment Work computer Urgent document s Contacts Photos Home computer Mobile device Information security culture

15 Creating a Culture of Security A culture of security is a pattern of behaviors, beliefs, assumptions, attitudes and ways of doing things that promotes security. by Steven J. Ross, ISACA

16 Thank you! Ilze Murane IS Security Manager Latvijas Banka Ilze.Murane_at_bank.lv

B A S I C S C I E N C E S

B A S I C S C I E N C E S B A S I C S C I E N C E S 10 B A S I C S C I E N C E S F I R S T S E M E S T E R C O U R S E S : H U M A N S T R U C T U R E A N D F U N C T I O N [ H S F I ] M O L E C U L A R B A S I S O F M E D I C

More information

How good is your health and safety culture?

How good is your health and safety culture? How good is your health and safety culture? Helen Toll BSc MSc CMIOSH H&S Consultant, Synapse Safety Ltd My experience of developing & assessment H&S culture 1992 Enforcement Practitioner Internal Auditor,

More information

Terms of Reference for an IT Audit of

Terms of Reference for an IT Audit of National Maritime Safety Authority (NMSA) TASK DESCRIPTION PROJECT/TASK TITLE: EXECUTING AGENT: IMPLEMENTING AGENT: PROJECT SPONSOR: PROJECT LOCATION: To engage a professional and qualified IT Auditor

More information

List of courses offered by Marc Taillefer

List of courses offered by Marc Taillefer ISO/IEC 20000 Foundation (IS20F.EN) List of courses offered by Marc Taillefer Designed to provide knowledge of what an IT service management system is and the minimum requirements that service providers

More information

Legislative Council Panel on Information Technology and Broadcasting. Information Security

Legislative Council Panel on Information Technology and Broadcasting. Information Security For Information on 8 July 2013 LC Paper No. CB(4)834/12-13(05) Legislative Council Panel on Information Technology and Broadcasting Information Security Purpose This paper updates Members on the latest

More information

Position Description

Position Description Position Description Name Position title Vacant Procurement Officer Level Group Section Responsible to Responsibility for staff Corporate Services Property & Procurement Corporate Property Manager None

More information

All about CPEs. David Gittens CISA CISM CISSP CRISC HISP

All about CPEs. David Gittens CISA CISM CISSP CRISC HISP All about CPEs David Gittens CISA CISM CISSP CRISC HISP The Designer David Gittens ISSA Barbados Past President Certified in ethical hacking and computer forensics Certified in security management and

More information

Cyber Security and Data Security Courses

Cyber Security and Data Security Courses dsdsds Cyber Security and Data Security Courses Overview 01905 317173 @FriendlyNerdUK www.friendlynerd.co.uk Cyber Basics (half-day) To provide a basic foundation of cyber security knowledge for general

More information

OFFICE OF CORPORATE CREDIT UNIONS Risk Reporting for Corporate IT Networks.. Risk Assessment Reporting in Corporate Credit Unions

OFFICE OF CORPORATE CREDIT UNIONS Risk Reporting for Corporate IT Networks.. Risk Assessment Reporting in Corporate Credit Unions . Risk Assessment Reporting in Corporate Credit Unions Purpose: To establish minimum reporting standards for corporate IT security reviews. Background: The Office of Corporate Credit Unions (OCCU) issued

More information

ow to use CobiT to assess the security & reliability of Digital Preservation

ow to use CobiT to assess the security & reliability of Digital Preservation ow to use CobiT to assess the security & reliability of Digital Preservation Erpa WORKSHOP Antwerp 14-16 April 2004 Greet Volders Managing Consultant - VOQUALS N.V. Vice President & in charge of Education

More information

Director, IT Security District Office Kern Community College District JOB DESCRIPTION

Director, IT Security District Office Kern Community College District JOB DESCRIPTION Director, IT Security District Office Kern Community College District JOB DESCRIPTION Definition Reporting to the Chief Information Officer, the Director of IT Security develops and implements procedures,

More information

ANNEX B. Terms of Reference. CTBTO Information Security Management System Support on Call-off Basis

ANNEX B. Terms of Reference. CTBTO Information Security Management System Support on Call-off Basis ANNEX B Terms of Reference CTBTO Information Security Management System Support on Call-off Basis Table of Contents Acronyms 3 Introduction 4 Background 4 Objectives and Expected Results 5 Scope of Work

More information

Health and Safety Policy

Health and Safety Policy Health & Safety Policy 1.Introduction Health and safety is the concern of everyone within Escape Community Arts (Escape). This policy is intended to provide a practical framework for the implementation

More information

MSc Cyber Security UKPASS P052286. Course 1 Year Full-Time, 2-3 Years Part-Time

MSc Cyber Security UKPASS P052286. Course 1 Year Full-Time, 2-3 Years Part-Time MSc Cyber Security International Students Can Apply UKPASS P052286 Code: Course 1 Year Full-Time, 2-3 Years Part-Time Length: Start Dates: September 2015, January 2016, September 2016, January 2017 Department:Department

More information

Mapping COBIT 5 with IT Governance, Risk and Compliance at Ecopetrol S.A. By Alberto León Lozano, CISA, CGEIT, CIA, CRMA

Mapping COBIT 5 with IT Governance, Risk and Compliance at Ecopetrol S.A. By Alberto León Lozano, CISA, CGEIT, CIA, CRMA Volume 3, July 2014 Come join the discussion! Alberto León Lozano will respond to questions in the discussion area of the COBIT 5 Use It Effectively topic beginning 21 July 2014. Mapping COBIT 5 with IT

More information

An Overview of Information Security Frameworks. Presented to TIF September 25, 2013

An Overview of Information Security Frameworks. Presented to TIF September 25, 2013 An Overview of Information Security Frameworks Presented to TIF September 25, 2013 What is a framework? A framework helps define an approach to implementing, maintaining, monitoring, and improving information

More information

Preparation for ISO 45001 OH&S Management Systems

Preparation for ISO 45001 OH&S Management Systems Preparation for ISO 45001 OH&S Management Systems HEALTH & SAFETY MANAGEMENT QUALITY MANAGEMENT ACCESSIBILITY ENVIRONMENTAL MANAGEMENT ENERGY MANAGEMENT ISO 45001 TIMELINE ISO project committee ISO PC

More information

AUDIT INFORMATION CONTENT

AUDIT INFORMATION CONTENT AUDIT INFORMATION CONTENT Ioan Rus 1 ABSTRACT: The audit of computer systems shows at least two features that make the audit work not includable in other audit processes such as internal audit and financial

More information

Information Security Management Systems

Information Security Management Systems Information Security Management Systems Øivind Høiem CISA, CRISC, ISO27001 Lead Implementer Senior Advisor Information Security UNINETT, the Norwegian NREN About Øivind Senior Adviser at the HE sector

More information

Wan Bao Construction Limited. Environmental Procedure

Wan Bao Construction Limited. Environmental Procedure Wan Bao Construction Limited Environmental Procedure (EP-03) Revision No. : 1 Date : 1 1 2006 Prepared by : Y.C. Chan (EMR) Approved by : K.T. Wong (General Manager) Revision History Revision Sections

More information

Introduction to Business Continuity Planning

Introduction to Business Continuity Planning Introduction to Business Continuity Planning Business Continuity and Disaster Resilience Forum May 10, 2012 Rizal Ballroom A, Makati Shangri-la Manila, Philippines Dr Goh Moh Heng President BCM Institute

More information

This policy will be applied in a non-discriminatory way, in line with the School s equality and diversity policies.

This policy will be applied in a non-discriminatory way, in line with the School s equality and diversity policies. HUMAN RESOURCES GUIDELINES FOR STAFF WORKING FROM HOME ON A REGULAR BASIS Equality and Diversity Statement This policy will be applied in a non-discriminatory way, in line with the School s equality and

More information

Governance and Management of Information Security

Governance and Management of Information Security Governance and Management of Information Security Øivind Høiem, CISA CRISC Senior Advisor Information Security UNINETT, the Norwegian NREN About Øivind Senior Adviser at the HE sector secretary for information

More information

Total UK credits 180 Total ECTS 90 PROGRAMME SUMMARY

Total UK credits 180 Total ECTS 90 PROGRAMME SUMMARY KEY FACTS Programme name Health Services Research Award Masters in Science (MSc) School Health Sciences Department or equivalent Health Services Research and Management Programme code NUMSHSR01 Type of

More information

INFORMATION SECURITY & GOVERNANCE SYSTEMS AND IT INFRASTRUCTURE INFOSEC & TECHNOLOGY TRAINING. forebrook

INFORMATION SECURITY & GOVERNANCE SYSTEMS AND IT INFRASTRUCTURE INFOSEC & TECHNOLOGY TRAINING. forebrook INFORMATION SECURITY & GOVERNANCE SYSTEMS AND IT INFRASTRUCTURE INFOSEC & TECHNOLOGY TRAINING forebrook Forebrook offers a range of information security, governance, IT systems and infrastructure related

More information

Windows Server 2012 / Windows 8 Audit Fundamentals

Windows Server 2012 / Windows 8 Audit Fundamentals Windows Server 2012 / Windows 8 Audit Fundamentals Jacksonville ISACA Chapter May 17, Speaker Introduction: Timothy P. McAliley 13+ years in IT Currently work for Microsoft Premier Field Engineer SQL Server,

More information

Uncover security risks on your enterprise network

Uncover security risks on your enterprise network Uncover security risks on your enterprise network Sign up for Check Point s on-site Security Checkup. About this presentation: The key message of this presentation is that organizations should sign up

More information

Roles & Grades Rate Cards and Applicable SFIA Skills

Roles & Grades Rate Cards and Applicable SFIA Skills Roles & s Rate Cards and Applicable Consultant Day Rate Card Consultant Day Rate Lead 900.00 Senior 800.00 Junior 0.00 CLAS Consultant and Competencies Lead CLAS Consultant Lead CLAS Consultant IT Governance

More information

INFORMATION GOVERNANCE STRATEGY

INFORMATION GOVERNANCE STRATEGY INFORMATION GOVERNANCE STRATEGY Page 1 of 10 Strategy Owner Valerie Penn, Head of Governance Strategy Author Caroline Law, Information Governance Project Manager Directorate Corporate Governance Ratifying

More information

Gaelic Football & Hurling Association of Australasia PUBLIC RELATIONS OFFICER (PRO)

Gaelic Football & Hurling Association of Australasia PUBLIC RELATIONS OFFICER (PRO) Gaelic Football & Hurling Association of Australasia PUBLIC RELATIONS OFFICER (PRO) Aims and Objectives The aim of this course is to provide a focused programme of information and interaction for the G.F.

More information

International Institute of Management

International Institute of Management CEO Seminars Executive Action Learning Seminars CEO Club Executive Courses International Institute of Management Executive Education Courses How to Select the CEO? How to Evaluate the CEO? Med Jones International

More information

Honours Degree (top-up) Business Abbreviated Programme Specification Containing Both Core + Supplementary Information

Honours Degree (top-up) Business Abbreviated Programme Specification Containing Both Core + Supplementary Information Honours Degree (top-up) Business Abbreviated Programme Specification Containing Both Core + Supplementary Information 1 Awarding Institution / body: Lancaster University 2a Teaching institution: University

More information

Northern Grampians Shire Council FRAUD CONTROL PLAN

Northern Grampians Shire Council FRAUD CONTROL PLAN Northern Grampians Shire Council FRAUD CONTROL PLAN Northern Grampians Shire Council does not tolerate fraud or improper conduct by its employees, officers or members, nor the taking of reprisals against

More information

Designing a health promoting workplace

Designing a health promoting workplace Photo: Karolinska University Hospital Designing a health promoting workplace A tool for pursuing wellness on the job 1 The health promoting workplace Definition A health promoting workplace focuses on

More information

The MBA, MSc and DBA for busy Professionals

The MBA, MSc and DBA for busy Professionals The MBA, MSc and DBA for busy Professionals Do not be left out. Every professional is trying to go back to school. Join knowledge industry by enrolling on the famous Heriot Watt University Edinburgh Business

More information

EDUCORE ISO 20000 Expert Training

EDUCORE ISO 20000 Expert Training EDUCORE ISO 20000 Expert Training Overview ISO/IEC 20000 is the first international standard for IT service management. It was developed in 2005, by ISO/IEC JTC1 SC7 and revised in 2011. ISO/IEC 20000-1:2005

More information

e-safety for Parents

e-safety for Parents e-safety for Parents Helenswood Academy Published June 2014 1 Contents Introduction 4 The Web 5 Children online 6 Friends of your child 7 Information about your child 8 Ownership of your child s technology

More information

CSR in companies - corporate culture. 2002 The Economist

CSR in companies - corporate culture. 2002 The Economist CSR in companies - corporate culture References: Braendle (2005), No change at the top: Culture wins, Business Strategy Review, 42-46 Dr Udo C Braendle 2002 The Economist 1 Culture is a pattern of shared

More information

ISO 27002 Information Security Management Systems [ISMS] Training Program

ISO 27002 Information Security Management Systems [ISMS] Training Program ISO 27002 Information Security Management Systems [ISMS] Training Program The ISO 27002 standard is the rename of the ISO 17799 standard, and is a code of practice for information security. It basically

More information

Criticism of Implementation of ITSM & ISO20000 in IT Banking Industry. Presented by: Agus Sutiawan, MIT, CISA, CISM, ITIL, BSMR3

Criticism of Implementation of ITSM & ISO20000 in IT Banking Industry. Presented by: Agus Sutiawan, MIT, CISA, CISM, ITIL, BSMR3 Criticism of Implementation of ITSM & ISO20000 in IT Banking Industry Presented by: Agus Sutiawan, MIT, CISA, CISM, ITIL, BSMR3 Outline What is IT Service Management What is ISO 20000 Step by step implementation

More information

Asbestos Safety Management Standard Issue 8 October 2008. www.walsall.org.uk/healthandsafety

Asbestos Safety Management Standard Issue 8 October 2008. www.walsall.org.uk/healthandsafety www.walsall.org.uk/healthandsafety Asbestos Safety Management Standard Issue 8 October 2008 Page 1 of 7 / WMBC/SMS Asb/008/01 UNCONTROLLED WHEN PRINTED Please contact us if you have any difficulty reading

More information

Career Survey. 1. In which country are you based? 2. What is your job title? 3. Travel budget. 1 of 28. Response Count. answered question 88

Career Survey. 1. In which country are you based? 2. What is your job title? 3. Travel budget. 1 of 28. Response Count. answered question 88 Career Survey 1. In which country are you based? 88 answered question 88 skipped question 0 2. What is your job title? 88 answered question 88 skipped question 0 3. Travel budget not at all 21.0% 17 somewhat

More information

Information Security Management System (ISMS) Overview. Arhnel Klyde S. Terroza

Information Security Management System (ISMS) Overview. Arhnel Klyde S. Terroza Information Security Management System (ISMS) Overview Arhnel Klyde S. Terroza May 12, 2015 1 Arhnel Klyde S. Terroza CPA, CISA, CISM, CRISC, ISO 27001 Provisional Auditor Internal Auditor at Clarien Bank

More information

PROGRAMME SPECIFICATION

PROGRAMME SPECIFICATION PROGRAMME SPECIFICATION KEY FACTS Programme name Master of Public Health Award Master of Public Health (MPH) School Health Sciences Department or equivalent Health Services Research and Management Programme

More information

June 2010 HEALTH, SAFETY, AND ENVIRONMENT MANAGEMENT SYSTEM (HSEMS)

June 2010 HEALTH, SAFETY, AND ENVIRONMENT MANAGEMENT SYSTEM (HSEMS) June 2010 HEALTH, SAFETY, AND ENVIRONMENT MANAGEMENT SYSTEM (HSEMS) TABLE OF CONTENTS PAGE PART I INTRODUCTION Corporate Health, Safety and Environment Policy.. 1 Purpose... 2 HSEMS Framework... 3 PART

More information

Certification and Training

Certification and Training Certification and Training CSE 4471: Information Security Instructor: Adam C. Champion Autumn Semester 2013 Based on slides by a former student (CSE 551) Outline Organizational information security personnel

More information

2 From Quality Management

2 From Quality Management 2 From Quality Management Systems Management to Safety Systems an enhancement guide Civil Aviation Authority of New Zealand BOOKLET TWO Preface The Civil Aviation Authority published Advisory Circular

More information

HSR TRAINING COURSE 2 DAYS

HSR TRAINING COURSE 2 DAYS HSR TRAINING COURSE 2 DAYS Page 1 of 9 Introduction This Level Three Initial 2 day HSR Training Course aims to add and extend to the range of skills and knowledge acquired in the 5 day and 3 day initial

More information

Big Data: Impact, Benefits, Risk and Governance

Big Data: Impact, Benefits, Risk and Governance Big Data: Impact, Benefits, Risk and Governance Urs Fischer, CPA (Swiss), CRISC, CISA, CIA Fischer IT GRC Consulting & Training Urs Fischer Agenda 1. Introduction 2. Impact on the Enterprise 3. Business

More information

Information Security Specialist Training on the Basis of ISO/IEC 27002

Information Security Specialist Training on the Basis of ISO/IEC 27002 Information Security Specialist Training on the Basis of ISO/IEC 27002 Natalia Miloslavskaya, Alexander Tolstoy Moscow Engineering Physics Institute (State University), Russia, {milmur, ait}@mephi.edu

More information

Award in HR and People Management

Award in HR and People Management Award in HR and People Management For Business Professionals who already work in HR or aspire to make a career move within HR. 4 modules spread over 8 sessions, starting 3rd December 2015 Get Qualified

More information

Information Governance Toolkit Report 2013/14

Information Governance Toolkit Report 2013/14 TAUNTON AND SOMERSET NHS FOUNDATION TRUST Information Governance Toolkit Report 2013/14 Report to: Trust Board on: 28 May 2014 Purpose of the Report: This report is presented to the Trust Board for information

More information

Job Description. Service Desk Technician. Operations Team Leader

Job Description. Service Desk Technician. Operations Team Leader Job Description Job title Group Section Responsible to Responsibility for Employees Service Desk Technician Corporate ICT Operations Operations Team Leader None Job purpose This job exists to provide effective

More information

JOB DESCRIPTION REF: 50001776

JOB DESCRIPTION REF: 50001776 JOB DESCRIPTION REF: 50001776 Note: This job description does not form part of the employee s contract of employment but is provided for guidance. The precise duties and responsibilities of any job may

More information

The University of Edinburgh MSc Management of Training and Development Course Outlines

The University of Edinburgh MSc Management of Training and Development Course Outlines The University of Edinburgh MSc Management of Training and Development Course Outlines This document gives brief details of the core and main option courses on the MSc Management of Training and Development

More information

Profil stručnjaka za informacijsku sigurnost - certificirati se ili ne? Biljana Cerin, CISA, CISM, CGEIT, CBCP, PMP www.ostendogroup.

Profil stručnjaka za informacijsku sigurnost - certificirati se ili ne? Biljana Cerin, CISA, CISM, CGEIT, CBCP, PMP www.ostendogroup. Profil stručnjaka za informacijsku sigurnost - certificirati se ili ne? Biljana Cerin, CISA, CISM, CGEIT, CBCP, PMP www.ostendogroup.com DA! (by Global knowledge & TechRepublic) Top certifications by salary:

More information

Position Description

Position Description Position Description Job title Group Section Responsible to Responsibility for staff Project Coordinator Natural Resource Operations Rotorua Lakes Protection & Restoration Programme Rotorua Lakes Business

More information

GAA Tackling Bullying GAA Anti-Bullying workshop for Clubs, Coaches, Players and Parents

GAA Tackling Bullying GAA Anti-Bullying workshop for Clubs, Coaches, Players and Parents GAA Tackling Bullying GAA Anti-Bullying workshop for Clubs, Coaches, Players and Parents Background This workshop and accompanying resources were developed in response to a growing awareness of the impact

More information

Security Audit Survivor How to Remain On the Island in the Wake of the Piedmont Audit

Security Audit Survivor How to Remain On the Island in the Wake of the Piedmont Audit Security Audit Survivor How to Remain On the Island in the Wake of the Piedmont Audit Marc D. Goldstone Vice President and Associate General Counsel Community Health Systems Gerald Jud E. DeLoss Gray Plant

More information

509 467-0062 208 664-8958 humanix.com

509 467-0062 208 664-8958 humanix.com Connecting businesses to people who bring the valuable talents, skills and advanced know-how to make sure any level job temporary or permanent gets done right. 509 467-0062 208 664-8958 humanix.com Onboarding

More information

Jenny Obee, Head of Information Management jenny.obee@barnet.gov.uk, Tel: 020 8359 4859. Micailah Fleming, IT Director micailah.fleming@capita.co.

Jenny Obee, Head of Information Management jenny.obee@barnet.gov.uk, Tel: 020 8359 4859. Micailah Fleming, IT Director micailah.fleming@capita.co. Performance and Contract Management Committee 7 January 2016 Title Report of Wards Status ICT Operations ITIL Methodology Assessment Chief Operating Officer All Public Urgent Key No No Enclosures None

More information

Health and Safety Policy and Procedures

Health and Safety Policy and Procedures Health and Safety Policy and Procedures Health & Safety Policy & Procedures Contents s REVISION AND AMENDMENT RECORD : Summary of Change Whole Policy 4.0 05 Nov 08 Complete re-issue Whole Policy 4.1 10

More information

FedVTE Training Catalog SPRING 2015. advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov

FedVTE Training Catalog SPRING 2015. advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov FedVTE Training Catalog SPRING 2015 advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov If you need any assistance please contact the FedVTE Help Desk here or email the

More information

PROFESSIONAL SERVICES SPECIFICATION

PROFESSIONAL SERVICES SPECIFICATION R64 - PAVEMENT MARKING August 1996 PROFESSIONAL SERVICES SPECIFICATION PM2 PROJECT MANAGEMENT PLAN Date JUNE 2012 Department 1 DOT Spec R64 of Infrastructure, Energy and Resources Index DEPARTMENT of INFRASTRUCTURE,

More information

Position Description

Position Description Position Description Position title Financial Controller Name Responsible to Responsibility for staff Date 23 May 2011 Group Manager Corporate Services Accountants (Strategic, Management, Assets, Systems

More information

Corporate Health and Safety Policy

Corporate Health and Safety Policy Corporate Health and Safety Policy Publication code: ED-1111-003 Contents Foreword 2 Health and Safety at Work Statement 3 1. Organisation and Responsibilities 5 1.1 The Board 5 1.2 Chief Executive 5 1.3

More information

Information Governance Strategy :

Information Governance Strategy : Item 11 Strategy Strategy : Date Issued: Date To Be Reviewed: VOY xx Annually 1 Policy Title: Strategy Supersedes: All previous Strategies 18/12/13: Initial draft Description of Amendments 19/12/13: Update

More information

Curriculum Vitae. Personal information. VASILEIADIS Nikolaos. Work experience. Surname / First name

Curriculum Vitae. Personal information. VASILEIADIS Nikolaos. Work experience. Surname / First name Curriculum Vitae Personal information Surname / First name Addresses VASILEIADIS Nikolaos Home: Koumoundourou 32, 15341,, Greece Work: Yakinthou 3C, 15343,, Greece Telephones Home: +30 210 6084531 Work:

More information

Summary of Requirements for ISO 14001:2004 February 24, 2005

Summary of Requirements for ISO 14001:2004 February 24, 2005 Summary of Requirements for ISO 14001:2004 February 24, 2005 This document provides a summary of the requirement of ISO 14001:2004, which is an international standard describing the specification and requirements

More information

Security Risk Solutions Limited is a privately owned Kenyan company that was established in 2007.

Security Risk Solutions Limited is a privately owned Kenyan company that was established in 2007. Information Security Management Present and Future By: Jona Owitti, CISA Director, Security Risk Solutions Limited Immediate Past Chairman, ISACA Kenya Chapter About SRS www.securityrisksolutions.net -

More information

Auditing emerging cyber threats and IT controls

Auditing emerging cyber threats and IT controls Auditing emerging cyber threats and IT controls Robert Baldi Director of IT Audit, ACI Worldwide Warren Fish Manager of IT Audit, ACI Worldwide Competency The trouble with competence is that it is always

More information

TECHNICAL VULNERABILITY & PATCH MANAGEMENT

TECHNICAL VULNERABILITY & PATCH MANAGEMENT INFORMATION SECURITY POLICY TECHNICAL VULNERABILITY & PATCH MANAGEMENT ISO 27002 12.6.1 Author: Owner: Organisation: Document No: Chris Stone Ruskwig TruePersona Ltd SP-12.6.1 Version No: 1.1 Date: 1 st

More information

THE SANS 2005-2007 INFORMATION SECURITY SALARY & CAREER ADVANCEMENT SURVEY

THE SANS 2005-2007 INFORMATION SECURITY SALARY & CAREER ADVANCEMENT SURVEY THE SANS 2005-2007 INFORMATION SECURITY SALARY & CAREER ADVANCEMENT SURVEY What factors impact compensation? Which security certifications matter? What makes security people mad? What matters for career

More information

Free ITIL v.3. Foundation. Exam Sample Paper 1. You have 1 hour to complete all 40 Questions. You must get 26 or more correct to pass

Free ITIL v.3. Foundation. Exam Sample Paper 1. You have 1 hour to complete all 40 Questions. You must get 26 or more correct to pass Free ITIL v.3. Foundation Exam Sample Paper 1 You have 1 hour to complete all 40 Questions You must get 26 or more correct to pass Compliments of Advance ITSM www.advanceitsm.com 1. What is the main reason

More information

Security Transcends Technology

Security Transcends Technology INTERNATIONAL INFORMATION SYSTEMS SECURITY CERTIFICATION CONSORTIUM, INC. Career Enhancement and Support Strategies for Information Security Professionals Paul Wang, MSc, CISA, CISSP Paul.Wang@ch.pwc.com

More information

Helmi Rais CERT-TCC Team Manager National Agency for Computer Security, Tunisia helmi.rais@ansi.tn helmi.rais@gmail.com

Helmi Rais CERT-TCC Team Manager National Agency for Computer Security, Tunisia helmi.rais@ansi.tn helmi.rais@gmail.com Promoting a Cybersecurity Culture: Tunisian Experience ITU Regional Cybersecurity Forum for Eastern and Southern Africa Lusaka, Zambia, 25-28 August 2008 Helmi Rais CERT-TCC Team Manager National Agency

More information

Information Governance Toolkit Assessment 2009/10

Information Governance Toolkit Assessment 2009/10 Information Governance Toolkit Assessment 2009/10 Document Reference: Version: Ratified by: Date ratified: Name of originator/author: Name of responsible committee/individual: Document owner: Document

More information

Strategy for Department of Health Care Management & Policy 2011-2014

Strategy for Department of Health Care Management & Policy 2011-2014 Strategy for Department of Health Care Management & Policy 2011-2014 BACKGROUND Our current strengths are the successful MSc in Health Care Management and the research base of our existing staff in key

More information

Application for CISA Certification

Application for CISA Certification Application for CISA Certification 4/2015 Requirements to Become a Certified Information Systems Auditor become a Certified Information Systems Auditor (CISA), an applicant must: 1. Score a passing grade

More information

Spillemyndigheden s Certification Programme Change Management Programme

Spillemyndigheden s Certification Programme Change Management Programme SCP.06.00.EN.1.0 Table of contents Table of contents... 2 1 Objectives of the change management programme... 3 1.1 Scope of this document... 3 1.2 Version... 3 2 Certification... 4 2.1 Certification frequency...

More information

A complete Information Risk Management solution for ISF Members using IRAM and STREAM

A complete Information Risk Management solution for ISF Members using IRAM and STREAM Jason Creasey Certified STREAM Consultant A complete Information Risk Management solution for ISF Members using Simon Marvell Partner Abstract IRAM is a business-led information risk analysis methodology

More information

Strategy, COBIT and Vision: HOW DO THEY RELATE? Ken Vander Wal, CISA, CPA, Past President, ISACA vandeke@gmail.com 11.16.2013

Strategy, COBIT and Vision: HOW DO THEY RELATE? Ken Vander Wal, CISA, CPA, Past President, ISACA vandeke@gmail.com 11.16.2013 Strategy, COBIT and Vision: HOW DO THEY RELATE? Ken Vander Wal, CISA, CPA, Past President, ISACA vandeke@gmail.com 11.16.2013 AGENDA IT s Changing Landscape ISACA s Response Vision and Mission COBIT 5

More information

Queensland Government Human Services Quality Framework. Quality Pathway Kit for Service Providers

Queensland Government Human Services Quality Framework. Quality Pathway Kit for Service Providers Queensland Government Human Services Quality Framework Quality Pathway Kit for Service Providers July 2015 Introduction The Human Services Quality Framework (HSQF) The Human Services Quality Framework

More information

Glasgow Life Risk Management & Business Continuity Planning. Final Report

Glasgow Life Risk Management & Business Continuity Planning. Final Report Glasgow Life Risk Management & Business Continuity Planning Final Report INTERNAL AUDIT October 2014 Glasgow City Council Internal Audit 1 Glasgow Life Risk Management & Business Continuity Planning Table

More information

SETTING UP REMOTE ACCESS ON EYEMAX PC BASED DVR.

SETTING UP REMOTE ACCESS ON EYEMAX PC BASED DVR. SETTING UP REMOTE ACCESS ON EYEMAX PC BASED DVR. 1. Setting up your network to allow incoming connections on ports used by Eyemax system. Default ports used by Eyemax system are: range of ports 9091~9115

More information

Planning your research

Planning your research Planning your research Many students find that it helps to break their thesis into smaller tasks, and to plan when and how each task will be completed. Primary tasks of a thesis include - Selecting a research

More information

Green Skills Agreement

Green Skills Agreement About the initiative The ALTC in partnership with the University of Western Sydney have been commissioned by the Australian Government to develop a comprehensive framework within which to locate the wide

More information

Cellular/Smart Phone Use Procedure

Cellular/Smart Phone Use Procedure Number 1. Purpose This procedure is performed as a means of ensuring the safe and efficient use of cell/smart phones throughout West Coast District Health Board (WCDHB) facilities. 2. Application This

More information

Information Management Advice 35: Implementing Information Security Part 1: A Step by Step Approach to your Agency Project

Information Management Advice 35: Implementing Information Security Part 1: A Step by Step Approach to your Agency Project Information Management Advice 35: Implementing Information Security Part 1: A Step by Step Approach to your Agency Project Introduction This Advice provides an overview of the steps agencies need to take

More information

MODIFIED TRAINING PROGRAMME FOR TRAINERS AND TEACHERS OF OCCUPATIONAL THERAPY IN TAJIKISTAN

MODIFIED TRAINING PROGRAMME FOR TRAINERS AND TEACHERS OF OCCUPATIONAL THERAPY IN TAJIKISTAN MODIFIED TRAINING PROGRAMME FOR TRAINERS AND TEACHERS OF OCCUPATIONAL THERAPY IN TAJIKISTAN These materials have been prepared within the framework of the project Technical Assistance to the Sector Policy

More information

Safety Excellence Matrix

Safety Excellence Matrix Safety Excellence Matrix 1 = Performance just meets minimum standards 2 = Performance is satisfactory got the basics 3 = Performance is good going beyond the norm 4 = Performance is very good best practice

More information

FedVTE Training Catalog SUMMER 2015. advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov

FedVTE Training Catalog SUMMER 2015. advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov FedVTE Training Catalog SUMMER 2015 advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov Access FedVTE online at: fedvte.usalearning.gov If you need any assistance please

More information

City University of Hong Kong. Information on a Course offered by Department of Information Systems with effect from Semester B in 2013 / 2014

City University of Hong Kong. Information on a Course offered by Department of Information Systems with effect from Semester B in 2013 / 2014 City University of Hong Kong Information on a Course offered by Department of Information Systems with effect from Semester B in 2013 / 2014 Part I Course Title: Course Code: Course Duration: Information

More information

Recommendation for IT Governance Using the COBIT 4.1 Framework

Recommendation for IT Governance Using the COBIT 4.1 Framework Recommendation for IT Governance Using the COBIT 4.1 Framework William F. Slater, III, MBA, M.S., PMP, CISSP, CISA Week 7 Assignment CYBR 615 Cybersecurity Governance and Compliance January 27, 2013 January

More information

Quality Management 1

Quality Management 1 Quality Management 1 Why bother Certificating? External view from trained auditors helps focus attention on the real issues. Impending audits provide motivation to do things right. Can be a necessary customer

More information

Inclusive Project Cycle Management

Inclusive Project Cycle Management Inclusive Project Cycle Management 1 Learning together Everyone participates Value each other s ideas No such thing as a dumb question Email or mobile phones only during breaks Smoking in breaks and outside

More information

NHS Dorset Clinical Commissioning Group. Internal Audit Annual Report 2014/15. May 2015

NHS Dorset Clinical Commissioning Group. Internal Audit Annual Report 2014/15. May 2015 Internal Audit Annual Report 2014/15 May 2015 Internal Audit Annual Report INTRODUCTION This is the 2014/15 Annual Report by TIAA on the internal control environment at Dorset Clinical Commissioning Group.

More information

Training courses 2015/2016

Training courses 2015/2016 Training courses 2015/2016 2 S33.201 SINA Basics Basic knowledge of IP and routing Basic knowledge of networks and VPN Basic knowledge of cryptography Administrators who use or will soon use an All-in-One

More information