Career Opportunities in the Security Industry
|
|
- Daniela Quinn
- 8 years ago
- Views:
Transcription
1 Spring Conference 2013 Developing Future Leaders for Tomorrow s Challenges Career Opportunities in the Security Industry Mike Rock Division Director Asset Protection Wal-Mart (773) mike.rock@wal-mart.com Don Knox, CPP, CITRMS Security Risk and Analysis Manager Caterpillar (309) knox_don@cat.com
2 What Is Security? Security is Dynamic Security is Growing Security is Diverse 2
3 What Is Security? Security Can Be Proprietary Contract Security Can Be Public Or Private Security Is Different Than Law Enforcement 3
4 Security Disciplines The security field is divided into a number of specialized disciplines. In a large organization, a security professional may work full-time in one of these disciplines. In smaller organizations, a security professional may need to have some proficiency in each of them. These disciplines may be found in most of the Security Specialty Areas 4
5 Security Disciplines Physical Security focuses on the protection of people, property and facilities through the use of security forces, security systems and security procedures. Physical security personnel oversee proprietary or contract security operations, identify security system requirements, assess internal and external threats to assets and develop policies, plans, procedures to counter those threats. Physical security can include the use of barriers, alarms, locks, access control systems, protective lighting, closed circuit televisions and other security technology. 5
6 Security Disciplines Personnel Security deals with ensuring the integrity and reliability of an organization's workforce. Personnel security encompasses background investigations, drug testing, and other pre-employment screening techniques, as well as adjudication of results and granting security clearances and other information access privileges. 6
7 Security Disciplines Information Security involves safeguarding sensitive information. It deals with issues such as who should access the data and how the data is stored, controlled, marked, disseminated and disposed of. It can include privacy data, proprietary information, contractual information, and intellectual property. 7
8 Security Disciplines Information Technology Security is information security applied to computers and networks. It includes processes and mechanisms by which computer-based equipment, information and services are protected from unintended or unauthorized access, change or destruction. Key areas include anti-virus and malware protection, firewalls, encryption, intrusion detection and social engineering. 8
9 Security Disciplines Homeland Security is a government umbrella term originally designed to refer to prevention of terrorism and critical infrastructure protection. It is now inclusive of crisis, incident and emergency management including planning, preparedness, response and recovery. This can also include business continuity management and continuity of operations planning. 9
10 Security Specialty Areas The following areas are some of the specialties within the security field. Each specialty area will give you a typical description of an average security professional and duties associated with both entry and management levels, as well as prerequisites necessary to enter that specific specialty 10
11 Government Industrial Security This industry is concerned with the classification, declassification, and protection of national security information in the custody of industry. Personnel within this specialty must meet the requirements, restrictions, and other safeguards necessary to prevent unauthorized disclosure of classified information released by US Government Departments and Agencies to their contractors. Government industrial security professionals protect special categories of classified information, including restricted data, formerly restricted data, intelligence sources and methods information, sensitive compartmented information and special access program information. All of these procedures are applicable to licensees, grantees, and certificate holders to the extent legally and practically possible within the constraints of applicable law and the Code of Federal Regulations. 11
12 Transportation Security Security in the transportation industry airports, airplane hangers, trucking, land and/or sea operations and more is a multi-faceted and challenging endeavor. Terrorism is becoming more and more prevalent in today's global economy. Airlines and airports are heightening security to prevent terrorist acts. Transportation security professionals are responsible for protecting gift shops, restaurants, retail stores, parking lots, transportation drop-off and pick-up stations, and customs offices each requiring different protection needs. 12
13 Retail Security Asset protection and loss prevention are practices employed by retail companies to reduce and deter losses from theft and fraud to aid in shrink reduction. Responsibilities often include observing for shoplifters and conducting internal investigations. Practices are reinforced traditionally through a visible security force matched with technology such as CCTV (Closed Circuit Television) and EAS (Electronic Article Surveillance) security barriers to minimize the loss to a business. Asset protection and loss prevention departments have also become involved in civil loss recovery. 13
14 Manufacturing Security Manufacturers make products which, in turn, are sold either to wholesalers, distributors, or directly to consumers. Professionals within the manufacturing security specialty are responsible for issues involving not only sales transactions, but transport issues, ordering and purchasing of raw materials, and the protection of resources against loss or theft. Manufacturers are becoming increasingly aware of the potential for loss. Prevention of loss can be accomplished only through employing competent security directors and managers who can help integrate the security function into the total operation rather than allowing it to remain isolated. 14
15 Educational Institution Security The primary objective of an educational institution security program is to educate the campus community on the potential for crime both on and off campus. The central theme of a campus crime prevention program is awareness, self-protection, and prevention. Educational institution security has been a growing concern throughout the 1990s. With increasing publicity about campus crime, it is likely that the trend will continue. The level of violence on and around educational institutions has brought about a need for security at public and private educational institutions at both the elementary and secondary school levels. Many educational institutions operate a commissioned police department which makes police academy training or law enforcement certification a requirement. Interested college students can often enter this field by working for campus security departments on a parttime basis. 15
16 Insurance and Financial Services Security Careers in this industry include those associated with banking, stock brokerages, insurance companies, and other financial institutions. Unlike other industries, the financial industry is regulated by various government agencies. Financial institution security directors and managers must deal with the generic concerns that can result in losses for their organizations and these regulations. The financial services industry's competitiveness has caused banks to search for new ways to market their services to attract new customers. However, this has also added to their security-related concerns. With an increasingly large number of customers becoming involved in financial services, the need for security professionals is continually growing. 16
17 Healthcare Security Security in the healthcare industry provides opportunities not only in hospitals, but also in long term care facilities, clinics, and nursing homes. The healthcare industry is a multi-faceted, challenging field which includes dealing with immobile, unconscious and emotionally distraught patients, and providing security to gift shops, cafeterias, parking lots, pharmacies, and emergency rooms. Employee investigation plays a substantial role in asset protection. The work environment is oriented toward patient protection and service. Security opportunities may include being a security officer, security director, or public relations person in charge of interacting with the medical community as well as patients. 17
18 Information Technology Security Information Systems Security (ISS) shares protective features, such as administrative and organizational measures, provisions that ensure the loyalty and reliability of personnel, and traditional physical and environmental safeguards with other types of security. It includes securing hardware, software, and communication networks for their organization. ISS includes the security specialties of computer security, telecommunications security, and internet security. The functions of ISS are critical in today's business environment to prevent the organization from losing its competitive advantage. 18
19 Pharmaceutical Security Ensures protection and product security. Includes multiple aspects of security including manufacturing, transportation, supply chain, logistics, brand and investigations. 19
20 Oil, Gas and Petrochemical Security Facilitates protection of people in high risk environments and locations of value. Includes many aspects of security including physical security and personnel security. Involved in many other areas including travel, investigations, brand, environmental and transportation. 20
21 Lodging Security The lodging industry has become a very lucrative business. The owners of hotels are becoming very aware that they need to protect their guests, as well as their assets. The best way to accomplish this goal is to invest in security professionals. The primary interest must always be on the protection of life, and the secondary focus on the protection of property for the lodging industry to continue to be successful. With huge lawsuits filed against hotels alleging inadequate security in recent years, hotel security has expanded greatly. Hotel security jobs generally pay well and have good benefits within a professional work environment. As increasing amounts of people take more leisure time, the outlook for the lodging industry in general looks promising, and career opportunities continue to expand. 21
22 Food and Agriculture Security Proactively identifies food defense and agriculture security issues to ensure farm to fork protection for average consumer. Areas include bioterrorism, agro terrorism, copyright and patent infringement, supply chain resilience. 22
23 Utilities Security Utility security takes appropriate measures for the protection of personnel, property, equipment, and other corporate resources in the event of crime, natural disaster, technological emergency, resource shortage, civil disturbance, or war. A utility is a public service, but not necessarily a "public utility." Both public and private utilities answer to a public utility committee that approves rates and provides some form of guidance and oversight. Security responsibilities may include but are not limited to security staffing and equipment for 24 hour access control, employee ID systems, visitor registrations, security inspection, reporting of findings to management, procedures and practices to ensure accountability, and plans for coping. 23
24 Certification Certified Protection Professional (CPP) Physical Security Professional (PSP) Professional Certified Investigator (PCI) Certified Fraud Examiner (CFE) Industrial Security Professional (ISP) Certified Healthcare Protection Administrator (CHPA) Certified in Healthcare Security (CHS) Certified Lodging Security Supervisor (CLSS) Certified Lodging Security Director (CLSD) 24
25 Certification Certified Information Systems Security Professional (CISSP) Systems Security Certified Practitioner (SSCP) Certified Information Systems Auditor (CISA) Certified Information Security Manager (CISM) Global Information Assurance Certificate (GIAC) Loss Prevention Qualified (LPQ) Loss Prevention Certified (LPC) 25
26 26
27 27
28 28
29 29
30 30
31 31
32 32
33 Conclusion A career in security presents challenges to one s skills, creativity, and ability to work well with people at all levels both within and outside organizations. Regardless of the security specialty or career opportunity, a good education is necessary to cope successfully with the multitude of security problems and situations faced on a daily basis. 33
34 Questions? Mike Rock Division Director Asset Protection Wal-Mart (773) Don Knox, CPP, CITRMS Security Risk and Analysis Manager Caterpillar (309)
CAREER OPPORTUNITIES IN SECURITY
CAREER OPPORTUNITIES Career Opportunities in Security Copyright 1990, 1998, 2005, 2013 by ASIS International All rights reserved. No part of this publication may be reproduced, stored in a retrieval system,
More informationCAREER OPPORTUNITIES IN SECURITY
B0762 - Career Opportunities in Security Copyright 2005 by ASIS International All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form
More informationMusic Recording Studio Security Program Security Assessment Version 1.1
Music Recording Studio Security Program Security Assessment Version 1.1 DOCUMENTATION, RISK MANAGEMENT AND COMPLIANCE PERSONNEL AND RESOURCES ASSET MANAGEMENT PHYSICAL SECURITY IT SECURITY TRAINING AND
More informationOrganizational Security Track FAQ
Organizational Security Track FAQ What do organizational security management professionals do? Organizational security management professionals are employed by organizations (corporations, partnerships,
More informationSilent Safety: Best Practices for Protecting the Affluent
Security Checklists Security Checklists 1. Operational Security Checklist 2. Physical Security Checklist 3. Systems Security Checklist 4. Travel Protocol Checklist 5. Financial Controls Checklist In a
More informationConducting Security System Site Surveys
Conducting Security System Site Surveys Written By: Harold C. Gillens, PSP, CFC, CHS-III Quintech Security Consultants, Inc. 102 Sangaree Park Court Suite 4 Summerville, SC 29483 CONDUCTING SECURITY SYSTEM
More informationInformation Security Policy and Handbook Overview. ITSS Information Security June 2015
Information Security Policy and Handbook Overview ITSS Information Security June 2015 Information Security Policy Control Hierarchy System and Campus Information Security Policies UNT System Information
More informationSECURITY CONSIDERATIONS FOR LAW FIRMS
SECURITY CONSIDERATIONS FOR LAW FIRMS Enterprise Risk Management Professional consulting firm that specializes in cyber security Founded in 1998 in Miami, Florida Serves more than 150 clients, locally,
More informationJOB ANNOUNCEMENT. Chief Security Officer, Cheniere Energy, Inc.
JOB ANNOUNCEMENT Chief Security Officer, Cheniere Energy, Inc. Position Overview The Vice President and Chief Security Risk Officer (CSRO) reports to the Chairman, Chief Executive Officer and President
More informationScience/Safeguards and Security. Funding Profile by Subprogram
Safeguards and Security Safeguards and Security Funding Profile by Subprogram (dollars in thousands) Protective Forces 35,059 37,147 Security Systems 11,896 10,435 Information Security 4,655 4,595 Cyber
More informationThe Protection Mission a constant endeavor
a constant endeavor The IT Protection Mission a constant endeavor As businesses become more and more dependent on IT, IT must face a higher bar for preparedness Cyber preparedness is the process of ensuring
More information787 Wye Road, Akron, Ohio 44333 P 330-666-6200 F 330-666-7801 www.keystonecorp.com
Introduction Keystone White Paper: Regulations affecting IT This document describes specific sections of current U.S. regulations applicable to IT governance and data protection and maps those requirements
More informationHIPAA 203: Security. An Introduction to the Draft HIPAA Security Regulations
HIPAA 203: Security An Introduction to the Draft HIPAA Security Regulations Presentation Agenda Security Introduction Security Component Requirements and Impacts Administrative Procedures Physical Safeguards
More informationMCOLES Information and Tracking Network. Security Policy. Version 2.0
MCOLES Information and Tracking Network Security Policy Version 2.0 Adopted: September 11, 2003 Effective: September 11, 2003 Amended: September 12, 2007 1.0 POLICY STATEMENT The Michigan Commission on
More informationmicros MICROS Systems, Inc. Enterprise Information Security Policy (MEIP) August, 2013 Revision 8.0 MICROS Systems, Inc. Version 8.
micros MICROS Systems, Inc. Enterprise Information Security Policy (MEIP) Revision 8.0 August, 2013 1 Table of Contents Overview /Standards: I. Information Security Policy/Standards Preface...5 I.1 Purpose....5
More informationSCHEME OF EXAMINATION PG DIPLOMA IN CORPORATE AND INDUSTRIAL SECURITY MANAGEMENT (PGDCISM) ONE YEAR PROGRAMME
62 SCHEME OF EXAMINATION PG DIPLOMA IN CORPORATE AND INDUSTRIAL SECURITY MANAGEMENT (PGDCISM) ONE YEAR PROGRAMME Note: 1. There will be 70 multiple choice questions (MCQ s) in the question paper consisting
More informationDirector, IT Security District Office Kern Community College District JOB DESCRIPTION
Director, IT Security District Office Kern Community College District JOB DESCRIPTION Definition Reporting to the Chief Information Officer, the Director of IT Security develops and implements procedures,
More informationINVESTOR PRESENTATION NYSE:IDN. October 28, 2015
INVESTOR PRESENTATION NYSE:IDN October 28, 2015 Safe Harbor Statement Certain statements in this presentation constitute forward-looking statements within the meaning of the Private Securities Litigation
More informationIT SECURITY EDUCATION AWARENESS TRAINING POLICY OCIO-6009-09 TABLE OF CONTENTS
OFFICE OF THE CHIEF INFORMATION OFFICER Date of Issuance: May 22, 2009 Effective Date: May 22, 2009 Review Date: Section I. PURPOSE II. AUTHORITY III. SCOPE IV. DEFINITIONS V. POLICY VI. RESPONSIBILITIES
More informationPublic Private Partnerships and National Input to International Cyber Security
Public Private Partnerships and National Input to International Cyber Security 10 September 2009 Tallinn, Estonia Maeve Dion Center for Infrastructure Protection George Mason University School of Law Arlington,
More informationStandard: Information Security Incident Management
Standard: Information Security Incident Management Page 1 Executive Summary California State University Information Security Policy 8075.00 states security incidents involving loss, damage or misuse of
More informationValuation: S&P 500 Sectors & Industries Forward P/Es
Valuation: S&P Sectors & Industries Forward P/Es February, 16 Dr. Edward Yardeni 16-972-7683 eyardeni@ Joe Abbott 732-497-6 jabbott@ Mali Quintana 48-664-1333 aquintana@ Please visit our sites at www.
More informationGeneral HIPAA Implementation FAQ
General HIPAA Implementation FAQ What is HIPAA? Signed into law in August 1996, the Health Insurance Portability and Accountability Act ( HIPAA ) was created to provide better access to health insurance,
More informationInformation Security Specialist Training on the Basis of ISO/IEC 27002
Information Security Specialist Training on the Basis of ISO/IEC 27002 Natalia Miloslavskaya, Alexander Tolstoy Moscow Engineering Physics Institute (State University), Russia, {milmur, ait}@mephi.edu
More informationResponsible Administrative Unit: Computing, Communications & Information Technologies. Information Technology Appropriate Use Policy
1.0 BACKGROUND AND PURPOSE Information Technology ( IT ) includes a vast and growing array of computing, electronic and voice communications facilities and services. At the Colorado School of Mines ( Mines
More informationCertification for Information System Security Professional (CISSP)
Certification for Information System Security Professional (CISSP) The Art of Service Copyright Notice of rights All rights reserved. No part of this book may be reproduced or transmitted in any form by
More informationINFORMATION SECURITY SPECIFIC VENDOR COMPLIANCE PROGRAM (VCP) ACME Consulting Services, Inc.
INFORMATION SECURITY SPECIFIC VENDOR COMPLIANCE PROGRAM (VCP) ACME Consulting Services, Inc. Copyright 2016 Table of Contents INSTRUCTIONS TO VENDORS 3 VENDOR COMPLIANCE PROGRAM OVERVIEW 4 VENDOR COMPLIANCE
More informationTEMPLE UNIVERSITY POLICIES AND PROCEDURES MANUAL
TEMPLE UNIVERSITY POLICIES AND PROCEDURES MANUAL Title: Computer and Network Security Policy Policy Number: 04.72.12 Effective Date: November 4, 2003 Issuing Authority: Office of the Vice President for
More informationDepartment of Defense INSTRUCTION. Security of Unclassified DoD Information on Non-DoD Information Systems
Department of Defense INSTRUCTION NUMBER 8582.01 June 6, 2012 DoD CIO SUBJECT: Security of Unclassified DoD Information on Non-DoD Information Systems References: See Enclosure 1 1. PURPOSE. This Instruction:
More informationHow To Write A Health Care Security Rule For A University
INTRODUCTION HIPAA Security Rule Safeguards Recommended Standards Developed by: USF HIPAA Security Team May 12, 2005 The Health Insurance Portability and Accountability Act (HIPAA) Security Rule, as a
More informationCybersecurity: Considerations for Internal Audit. IIA Atlanta Chapter Meeting January 9, 2015
Cybersecurity: Considerations for Internal Audit IIA Atlanta Chapter Meeting January 9, 2015 Agenda Key Risks Incorporating Internal Audit Resources for Internal Auditors Questions 2 Key Risks 3 4 Key
More informationHow To Plan A Crisis Management Program
Building a Security Conscious Business Continuity Management (BCM) Program Sam Stahl, CBCP, MBCI EMC Global Professional Services Program Manager stahl_samuel@emc.com ASIS Singapore, 2014 Agenda Overview
More informationS22 - Employee and Customer Awareness Turning Vulnerabilities Into Sentries John Sapp
S22 - Employee and Customer Awareness Turning Vulnerabilities Into Sentries John Sapp Employee and Customer Awareness Turning Vulnerabilities Into Sentries What You Will Learn Data Breaches + employees
More informationAllHealth Security Services, Inc. proposes to conduct a security risk assessment of Hospital.
AllHealth Security Services, Inc. proposes to conduct a security risk assessment of Hospital. The purpose of the assessment is to discover and identify security-related issues that provide opportunities
More informationHIPAA Security Alert
Shipman & Goodwin LLP HIPAA Security Alert July 2008 EXECUTIVE GUIDANCE HIPAA SECURITY COMPLIANCE How would your organization s senior management respond to CMS or OIG inquiries about health information
More informationSection 5 Identify Theft Red Flags and Address Discrepancy Procedures Index
Index Section 5.1 Purpose.... 2 Section 5.2 Definitions........2 Section 5.3 Validation Information.....2 Section 5.4 Procedures for Opening New Accounts....3 Section 5.5 Procedures for Existing Accounts...
More informationPBGC Information Security Policy
PBGC Information Security Policy 1. Purpose. The Pension Benefit Guaranty Corporation (PBGC) Information Security Policy (ISP) defines the security and protection of PBGC information resources. 2. Reference.
More informationSafeguards and Security
Safeguards and Security Overview The Safeguards and Security (S&S) program mission is to support Departmental research at Office of Science (SC) laboratories by ensuring appropriate levels of protection
More informationSecurity Management Systems (SEMS) for Air Transport Operators. Executive Summary
Security Management Systems (SEMS) for Air Transport Operators Executive Summary March 2011 Security Management Systems (SeMS) for Air Transport Operators Introduction and Scope Executive Summary In early
More informationHIPAA Security. 2 Security Standards: Administrative Safeguards. Security Topics
HIPAA Security SERIES Security Topics 1. Security 101 for Covered Entities 5. 2. Security Standards - Organizational, Security Policies Standards & Procedures, - Administrative and Documentation Safeguards
More informationInformation Protection Readiness for Securing Personal Information
for Securing Personal Information Information Protection Readiness for Securing Personal Information May 23, 2014 Office of the City Auditor The Office of the City Auditor conducted this project in accordance
More informationTenzing Security Services and Best Practices
Tenzing Security Services and Best Practices OVERVIEW Security is about managing risks and threats to your environment. The most basic security protection is achieved by pro-actively monitoring and intercepting
More informationTEXAS HOMELAND SECURITY STRATEGIC PLAN 2015-2020: PRIORITY ACTIONS
TEXAS HOMELAND SECURITY STRATEGIC PLAN 2015-2020: PRIORITY ACTIONS INTRODUCTION The purpose of this document is to list the aligned with each in the Texas Homeland Security Strategic Plan 2015-2020 (THSSP).
More informationEd McMurray, CISA, CISSP, CTGA CoNetrix
Ed McMurray, CISA, CISSP, CTGA CoNetrix AGENDA Introduction Cybersecurity Recent News Regulatory Statements NIST Cybersecurity Framework FFIEC Cybersecurity Assessment Questions Information Security Stats
More informationFINAL May 2005. Guideline on Security Systems for Safeguarding Customer Information
FINAL May 2005 Guideline on Security Systems for Safeguarding Customer Information Table of Contents 1 Introduction 1 1.1 Purpose of Guideline 1 2 Definitions 2 3 Internal Controls and Procedures 2 3.1
More informationRajan R. Pant Controller Office of Controller of Certification Ministry of Science & Technology rajan@cca.gov.np
Rajan R. Pant Controller Office of Controller of Certification Ministry of Science & Technology rajan@cca.gov.np Meaning Why is Security Audit Important Framework Audit Process Auditing Application Security
More informationUnified Security Anywhere HIPAA COMPLIANCE ACHIEVING HIPAA COMPLIANCE WITH MASERGY PROFESSIONAL SERVICES
Unified Security Anywhere HIPAA COMPLIANCE ACHIEVING HIPAA COMPLIANCE WITH MASERGY PROFESSIONAL SERVICES HIPAA COMPLIANCE Achieving HIPAA Compliance with Security Professional Services The Health Insurance
More informationAnatomy of a Privacy and Data Breach
Anatomy of a Privacy and Data Breach Understanding the Risk and Managing a Crisis Adam Kardash: Partner, Heenan Blaikie LLP Robert Parisi: Senior Vice President, Marsh Leadership, Knowledge, Solutions
More informationLegislative Council Panel on Information Technology and Broadcasting. Information Security
For Information on 8 July 2013 LC Paper No. CB(4)834/12-13(05) Legislative Council Panel on Information Technology and Broadcasting Information Security Purpose This paper updates Members on the latest
More informationMap of Industry Classification Benchmark (ICB) to proposed GRI Business Activity Groups
Additional information about the project can be found at https://www.globalreporting.org/reporting/sector-guidance/topics-research/pages/default.aspx Map of Industry Classification Benchmark (ICB) to proposed
More informationExecutive Management of Information Security
WHITE PAPER Executive Management of Information Security _experience the commitment Entire contents 2004, 2010 by CGI Group Inc. All rights reserved. Reproduction of this publication in any form without
More informationEl Camino College Homeland Security Spring 2016 Courses
El Camino College Homeland Security Spring 2016 Courses With over 250,000 federal positions in Homeland Security and associated divisions, students may find good career opportunities in this field. Explore
More informationCOUNTERINTELLIGENCE. Protecting Key Assets: A Corporate Counterintelligence Guide
COUNTERINTELLIGENCE O F F I C E O F T H E N A T I O N A L C O U N T E R I N T E L L I G E N C E Protecting Key Assets: A Corporate Counterintelligence Guide E X E C U T I V E Counterintelligence for the
More informationPractice Test Security Fundamentals Professional Certification (SFPC) Multiple Choice. Multiple-Choice Sample Question # 1
The following Practice Test presents samples of the type, difficulty, and format of questions found on the SFPC assessment. At the end of the Practice Test, a table is provided outlining the topics and
More informationAchieving Security through Compliance
White Paper Achieving Security through Compliance Policies, plans, and procedures Part I By Jeff Tucker, Principal Security Consultant McAfee Foundstone Professional Services Table of Contents Overview
More informationBEST PRACTICES FOR COMMERCIAL COMPLIANCE
BEST PRACTICES FOR COMMERCIAL COMPLIANCE [ BEST PRACTICES FOR COMMERCIAL COMPLIANCE ] 2 Contents OVERVIEW... 3 Health Insurance Portability and Accountability Act (HIPAA) of 1996... 4 Sarbanes-Oxley Act
More informationPCI Security Compliance in KANA Solutions How KANA Applications Helps Companies Comply with PCI Security Standards
PCI Security Compliance in KANA Solutions How KANA Applications Helps Companies Comply with PCI Security Standards Table of Contents PCI Security Compliance in KANA Solutions...1 The Importance of Protecting
More informationINFORMATION SECURITY STRATEGIC PLAN
INFORMATION SECURITY STRATEGIC PLAN UNIVERSITY OF CONNECTICUT INFORMATION SECURITY OFFICE 4/20/10 University of Connecticut / Jason Pufahl, CISSP, CISM 1 1 MISSION STATEMENT The mission of the Information
More informationExploring Converged Access of IT Security and Building Access Today, Tomorrow and the Future
Exploring Converged Access of IT Security and Building Access Today, Tomorrow and the Future Julian Lovelock ActivIdentity, part of HID Global Session ID: SPO2-106 Session Classification: Intermediate
More informationNORTH DAKOTA CLASS DESCRIPTION ND Human Resource Management Services Phone: (701) 328-3290
NORTH DAKOTA CLASS DESCRIPTION ND Human Resource Management Services Phone: (701) 328-3290 Class Code(s): 0117 0118 SCOPE OF WORK: INFORMATION SYSTEMS SECURITY ANALYST Work involves the completion of technical
More informationOCIE Technology Controls Program
OCIE Technology Controls Program Cybersecurity Update Chris Hetner Cybersecurity Lead, OCIE/TCP 212-336-5546 Introduction (Role, Disclaimer, Background and Speech Topics) SEC Cybersecurity Program Overview
More information- PUBLIC REPORT - CITY OF SAN ANTONIO INTERNAL AUDIT DEPARTMENT
- PUBLIC REPORT - CITY OF SAN ANTONIO INTERNAL AUDIT DEPARTMENT Audit of Aviation Network and Systems Security Project No. AU05-016 Release Date: October 24, 2005 Patricia Major CPA, CIA, CTP, CGFM Mark
More informationProcedure for Managing a Privacy Breach
Procedure for Managing a Privacy Breach (From the Privacy Policy and Procedures available at: http://www.mun.ca/policy/site/view/index.php?privacy ) A privacy breach occurs when there is unauthorized access
More informationLaw & Ethics, Policies & Guidelines, and Security Awareness
Law & Ethics, Policies & Guidelines, and Security Awareness Modifications by Prof. Dong Xuan and Adam C. Champion Principles of Information Security, 5th Edition 1 Learning Objectives Upon completion of
More informationAchieving Security through Compliance
Achieving Security through Compliance Policies, plans, and procedures Table of Contents This white paper was written by: McAfee Foundstone Professional Services Overview...3 The Rock Foundation...3 Governance...3
More informationEnterprise Risk Management taking on new dimensions
Enterprise Risk Management taking on new dimensions October 2006 The practice of Enterprise Risk Management (ERM) is becoming more critical and complex every day. There is a growing need for organizations
More informationSponsored Programs Guidance Cradle to Grave
Sponsored Programs Guidance Cradle to Grave Data Management Data Management for Sponsored Programs (Adapted from Guidelines for Responsible Data Management in Scientific Research, Clinical Tools, Inc.)
More informationA Supply Chain Management Perspective on Mitigating the Risks of Counterfeit Products
A Supply Chain Management Perspective on Mitigating the Risks of Counterfeit Products David M. Dreyfus Justin A. Heinonen Rod Kinghorn A-CAPP Backgrounder October 2013 Supply chain management can be the
More informationDraft Information Technology Policy
Draft Information Technology Policy Version 3.0 Draft Date June 2014 Status Draft Approved By: Table of Contents 1.0 Introduction... 6 Background... 6 Purpose... 6 Scope... 6 Legal Framework... 6 2.0 Software
More informationLegal Issues / Estonia Cyber Incident
Control System Cyber Security Conference 22 October 2009 Legal Issues / Estonia Cyber Incident Maeve Dion Center for Infrastructure Protection George Mason University School of Law Legal Issues / Estonia
More informationST. CLOUD STATE UNIVERSITY INSTALLATION AND USE OF VIDEO SURVEILLANCE EQUIPMENT PROCEDURE. Purpose
ST. CLOUD STATE UNIVERSITY INSTALLATION AND USE OF VIDEO SURVEILLANCE TYPE OF PROCEDURE: ADMINISTRATIVE EQUIPMENT PROCEDURE Title: Installation and Use of Video Surveillance Equipment Procedures Related
More informationMarist College. Information Security Policy
Marist College Information Security Policy February 2005 INTRODUCTION... 3 PURPOSE OF INFORMATION SECURITY POLICY... 3 INFORMATION SECURITY - DEFINITION... 4 APPLICABILITY... 4 ROLES AND RESPONSIBILITIES...
More informationPerformance 2015 S&P 500 Sectors & Industries
Performance 21 S&P Sectors & Industries November 2, 21 Dr. Edward Yardeni 16-972-7683 eyardeni@ Joe Abbott 732-497-36 jabbott@ Mali Quintana 48-664-1333 aquintana@ Please visit our sites at www. blog.
More informationshowcase safety & security
showcase safety & security SECURITY SHOWCASE American Hotel & Lodging Association Serving the hospitality industry for more than a century, the American Hotel & Lodging Association (AH&LA) is the sole
More informationCISM (Certified Information Security Manager) Document version: 6.28.11
CISM (Certified Information Security Manager) Document version: 6.28.11 Important Note About CISM PDF techexams CISM PDF is a comprehensive compilation of questions and answers that have been developed
More informationBSA-ISSA Information Security Study Online Survey of ISSA Members
BSA-ISSA Information Security Study Online Survey of ISSA Members December 3, 2003 Research Conducted Between October 13 and October 29, 2003 Key Findings I. A majority of security professionals believe
More informationHIPAA Security. assistance with implementation of the. security standards. This series aims to
HIPAA Security SERIES Security Topics 1. Security 101 for Covered Entities 2. Security Standards - Administrative Safeguards 3. Security Standards - Physical Safeguards 4. Security Standards - Technical
More informationOCS Student / Parent Laptop Agreement
OCS Student / Parent Laptop Agreement Terms and Conditions of Use By signing this form, the student and the student s parent/guardian certify that they have thoroughly read, understand, and accept the
More informationHIPAA HANDBOOK. Keeping your backup HIPAA-compliant
The federal Health Insurance Portability and Accountability Act (HIPAA) spells out strict regulations for protecting health information. HIPAA is expansive and can be a challenge to navigate. Use this
More informationAudit Report. University Medical Center HIPAA Compliance. June 2013. Angela M. Darragh, CPA, CISA, CFE Audit Director AUDIT DEPARTMENT
Audit Report AUDIT DEPARTMENT University Medical Center HIPAA Compliance June 2013 Angela M. Darragh, CPA, CISA, CFE Audit Director AUDIT COMMITTEE: Commissioner Steve Sisolak Commissioner Chris Giunchigliani
More informationMaps of Global Industry Classification Standard (GICS) to proposed GRI Business Activity Groups
Additional information about the project can be found at https://www.globalreporting.org/reporting/sector-guidance/topics-research/pages/default.aspx Maps of Global Industry Classification Standard ()
More informationJOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015
JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015 The following consists of the joint explanatory statement to accompany the Cybersecurity Act of 2015. This joint explanatory statement
More informationMONTSERRAT COLLEGE OF ART WRITTEN INFORMATION SECURITY POLICY (WISP)
MONTSERRAT COLLEGE OF ART WRITTEN INFORMATION SECURITY POLICY (WISP) 201 CMR 17.00 Standards for the Protection of Personal Information Of Residents of the Commonwealth of Massachusetts Revised April 28,
More informationPolicies and Procedures Audit Checklist for HIPAA Privacy, Security, and Breach Notification
Policies and Procedures Audit Checklist for HIPAA Privacy, Security, and Breach Notification Type of Policy and Procedure Comments Completed Privacy Policy to Maintain and Update Notice of Privacy Practices
More informationLeveraging Business / Trade Secrets for Competitive Advantage: Examples and Case Studies
Leveraging Business / Trade Secrets for Competitive Advantage: Examples and Case Studies Professor Prabuddha Ganguli Advisor, VISION-IPR & Adjunct Professor, SJM School of Management, Indian Institute
More information[Insert Company Logo]
[Insert Company Logo] Business Continuity and Disaster Recovery Planning (BCDRP) Manual 1 Table of Contents Critical Business Information 4 Business Continuity and Disaster Recover Planning (BCDRP) Personnel
More informationISO 27001 Controls and Objectives
ISO 27001 s and Objectives A.5 Security policy A.5.1 Information security policy Objective: To provide management direction and support for information security in accordance with business requirements
More informationSYRACUSE CITY SCHOOL DISTRICT
SYRACUSE CITY SCHOOL DISTRICT EMERGENCY OPERATIONS PLAN Sharon L. Contreras, Superintendent of Schools Effective Date: September 2014 1 Table of Contents Contents Section I. Introduction:... 4 1.1 Purpose...
More informationBridging the HIPAA/HITECH Compliance Gap
CyberSheath Healthcare Compliance Paper www.cybersheath.com -65 Bridging the HIPAA/HITECH Compliance Gap Security insights that help covered entities and business associates achieve compliance According
More informationHengtian Information Security White Paper
Hengtian Information Security White Paper March, 2012 Contents Overview... 1 1. Security Policy... 2 2. Organization of information security... 2 3. Asset management... 3 4. Human Resources Security...
More informationIndex .700 FORMS - SAMPLE INCIDENT RESPONSE FORM.995 HISTORY
Information Security Section: General Operations Title: Information Security Number: 56.350 Index POLICY.100 POLICY STATEMENT.110 POLICY RATIONALE.120 AUTHORITY.130 APPROVAL AND EFFECTIVE DATE OF POLICY.140
More informationDepartment of Defense INSTRUCTION
Department of Defense INSTRUCTION NUMBER 8523.01 April 22, 2008 ASD(NII)/DoD CIO SUBJECT: Communications Security (COMSEC) References: (a) DoD Directive C-5200.5, Communications Security (COMSEC) (U),
More informationSECTOR SUB-SECTOR BRANCH SUB-BRANCH
01000 Energy 01100 Energy 01110 Energy & 01000 01100 01110 01112 01000 01100 01120 Oil, Gas & Consumable Fuels 01000 01100 01120 01122 01111 Oil & Gas Drilling Oil & Gas & 01121 Integrated Oil & Gas Oil
More informationComputer and Technology Products and Services Professional Liability New Business Application
ACE American Insurance Company Computer and Technology Products and Services Professional Liability New Business Application Computer & Technology Products and Services Professional Liability Insurance
More informationSecurity Transcends Technology
INTERNATIONAL INFORMATION SYSTEMS SECURITY CERTIFICATION CONSORTIUM, INC. Career Enhancement and Support Strategies for Information Security Professionals Paul Wang, MSc, CISA, CISSP Paul.Wang@ch.pwc.com
More informationCybercrime & Cybersecurity: the Ongoing Battle International Hellenic University
Cybercrime & Cybersecurity: the Ongoing Battle International Hellenic University Andreas Athanasoulias, CISM, CISSP Information Security Officer & Security Consultant Brief introduction My career path
More informationDATABASE SECURITY CITYWIDE REPORT NO.
SPECIAL AUDIT REPORT OF DATABASE SECURITY CITYWIDE REPORT NO. 11-103 City of Albuquerque Office of Internal Audit Database Security Citywide Report No. 11-103 Executive Summary The Office of Internal Audit
More informationCybersecurity Report on Small Business: Study Shows Gap between Needs and Actions
SURVEY REPORT: cyber security Cybersecurity Report on Small Business: Study Shows Gap between Needs and Actions Confidence in a connected world. Executive summary An online survey revealed that while U.S.
More information