tag:blogger.com,1999:blog-5621580152599018022011-11-27T17:01:35.705-08:00TJnoreply@blogger.comBlogger231100tag:blogger.com,1999:blog-562158015259901802.post-38409461909809421522008-09-02T07:33:00.001-07:002008-09-02T07:34:43.178-07:00

Annual accounts 2007: 4100 cases with 19 million euro loss recordedIn the year 2007 are far more Internet users victims of fraudsters become Password: The number of phishing cases of online banking by 25 percent. This is apparent from an extrapolation of the high-tech association Bitkom, which is the current data Landeskriminalämter based.Nationwide lifted criminals, according to Bitkom in more

TJnoreply@blogger.com0tag:blogger.com,1999:blog-562158015259901802.post-74217794322636757472008-08-31T03:51:00.000-07:002008-08-31T03:59:37.098-07:00

Obtain unauthorized access to e-mails, contacts, SMS and the Safari browser.A user of the MacRumors forum has found an easy way to password protect an iPhone with the installed firmware version 2.0.2 to circumvent. As Gizmodo reports must be only the emergency button and then the Home button is pressed. This will open without entering a password the Favorites menu, which also full unauthorised

TJnoreply@blogger.com0tag:blogger.com,1999:blog-562158015259901802.post-2259741748698213662008-08-30T14:09:00.000-07:002008-08-30T14:28:04.563-07:00

Link of the day - Claim your Black MacBook Air with participation.Do you want to receive a Black MacBook Air? New data-reporting breakdown in German offices: According to the newspaper "taz" have at least eight companies with millions of illegal records from registers traded. One of these companies have a database with 72 million records. This paper describes how data leaks occur and what

TJnoreply@blogger.com0tag:blogger.com,1999:blog-562158015259901802.post-76081920988306907402008-03-18T20:44:00.000-07:002008-03-18T20:47:43.811-07:00

Today, organizations of all shapes and sizes face stringent industry regulations and standards that often threaten hefty fines or even punishment for decision-makers in the case of non-compliance. In addition, to Sarbanes-Oxley (SOX), CIOs and CSOs must understand and achieve compliance with the Health Insurance Portability and Accountability Act (HIPAA) for health-related industries; the Payment

TJnoreply@blogger.com1tag:blogger.com,1999:blog-562158015259901802.post-11251473021165413582008-03-18T20:20:00.000-07:002008-03-18T20:27:12.591-07:00

SOA: A Brief Technological OverviewService-Oriented Architecture is an approach to enterprise architecture that is based on the idea of software applications sharing functions with one another as “services.” In contrast to conventional architectures, where each application stands alone within its own “silo” and performs its function strictly by using its own code base, an SOA opens up

TJnoreply@blogger.com0tag:blogger.com,1999:blog-562158015259901802.post-42364581336750767382008-01-31T02:32:00.000-08:002008-01-31T02:36:00.979-08:00

Urban Risk Legends RevealedIT Risk — encompassing Security, Availability, Performance, and Compliance elements — is a critical issue for executives and boards of directors. In this second volume of the IT Risk Management Report, Symantec extends its analysis of IT professionals’ insights into the nature of IT Risk and the most effective ways to manage it, with added focus on Availability and

TJnoreply@blogger.com0tag:blogger.com,1999:blog-562158015259901802.post-50512719199187858482008-01-28T00:19:00.000-08:002008-01-28T00:25:54.406-08:00

A “WHISTLEBLOWER” has been threatened with dismissal by the Wales Audit Office after raising concerns with the Western Mail.Andrew Hurley, a £54,000-a-year IT specialist employed by the WAO, said he had been sent on gardening leave the day before he was due to start an investigation into concerns the NHS body Health Solutions Wales may have been breaching protocols relating to patient

TJnoreply@blogger.com0tag:blogger.com,1999:blog-562158015259901802.post-5613507109805921362007-12-12T19:42:00.000-08:002007-12-12T19:59:40.171-08:00

MIS Training Institute today announced InfoSec World Conference & Expo 2008 featuring Oliver North as this year’s keynote speaker. Conference organizers are also introducing a new conference line up for the leading IT security event taking place March 10-12, 2008 in Orlando, Florida. Oliver North, combat-decorated marine, best-selling author, and former U.S. counter-terrorism coordinator will

TJnoreply@blogger.com1tag:blogger.com,1999:blog-562158015259901802.post-44501855473304947792007-12-11T20:02:00.000-08:002007-12-11T20:25:10.258-08:00

DUBAI — A non-profit professional initiative under Dubai government's Financial Audit Department has argued for IT governance becoming an integral part of corporate management. "It is obvious that good governance in any organisation depends mainly on good IT governance," said Yasser Abdullah Amiri, the department's director-general and chairman of Information Technology Governance Assurance Forum

TJnoreply@blogger.com1tag:blogger.com,1999:blog-562158015259901802.post-52538688276678437512007-11-28T02:21:00.000-08:002007-11-28T02:28:02.338-08:00

If someone asked you to deliver a briefcase with $10 million in it, would you box it up, stick stamps on it and put it in the out-going mail? Of course not. Yet that’s the way many workers treat sensitive data in their organizations.The enormous data snafu the British government announced last week is the latest example. Government workers lost two computer disks containing the names, addresses,

TJnoreply@blogger.com0tag:blogger.com,1999:blog-562158015259901802.post-50503452309972624212007-11-25T22:53:00.000-08:002007-11-25T22:59:30.589-08:00

Here are some tips provided by Ray Dunkle, an Akron certified public accountant with Brockman, Coats, Gedelian & Co. and a certified fraud examiner.1. SET THE PROPER TONE AT THE TOPBe ethical and show that you're monitoring and paying attention.''If you're running your business unethically, don't be surprised if someone returns the favor at some point,'' Dunkle said.2. AWARENESS TRAININGBring

TJnoreply@blogger.com0tag:blogger.com,1999:blog-562158015259901802.post-4994143348401873202007-11-23T21:20:00.000-08:002007-11-23T21:23:51.531-08:00

BETHESDA, Md., Nov. 20 /PRNewswire/ -- The SANS Institute announcesthat at 3:00 PM EST today, Tuesday, November 20, the Secure ProgrammingCouncil will release its first proposed standard for software developers todemonstrate they have the skills and knowledge to write secure software. This standard, combined with a standardized test of the skills coveredin the standard, will enable employers

TJnoreply@blogger.com0tag:blogger.com,1999:blog-562158015259901802.post-90869519702195532482007-11-23T02:46:00.000-08:002007-11-23T03:08:12.555-08:00

The Boeing Co. has told the Seattle P-I, in response to questions, that it is making progress on its Sarbanes-Oxley compliance testing in its information technology department, despite auditor turnover.While the Chicago-based company won't disclose its full compliance status until it files its annual financial report, "We can say that for 2007, SOX testing is progressing well and we're making

TJnoreply@blogger.com0tag:blogger.com,1999:blog-562158015259901802.post-84670406834426839872007-11-19T09:02:00.000-08:002007-11-19T09:03:54.483-08:00

ROLLING MEADOWS, Ill.--(BUSINESS WIRE)--A national survey of U.S. white-collar workers commissioned by the nonprofit, independent organization ISACA (formerly the Information Systems Audit and Control Association) has found that more than one-third (35%) of employees have violated their company’s information technology (IT) policies at least once and that nearly one-sixth (15%) of employees have

TJnoreply@blogger.com0tag:blogger.com,1999:blog-562158015259901802.post-42545444408396841312007-11-17T04:07:00.000-08:002007-11-17T04:16:49.903-08:00

Want more money for your information security skills? Try getting a professional certification. For all the continuing debate about the real value of IT certification programs, the premiums that companies are willing to pay for certified information security professionals is actually trending upwards.A report released last week by New Canaan, Conn.-based Foote Partners LLC shows that formally

TJnoreply@blogger.com0tag:blogger.com,1999:blog-562158015259901802.post-53727496031243514902007-11-07T21:45:00.000-08:002007-11-07T21:57:45.698-08:00

The video is the issue of "Computer Chronicles" program dedicated to information security. It's about the emergence of information security problems in the distant 80's.

TJnoreply@blogger.com0tag:blogger.com,1999:blog-562158015259901802.post-85115823997368339382007-11-07T21:34:00.000-08:002007-11-08T00:04:04.351-08:00

The video shows us simple rules, which should be kept to prevent unauthorized access to assets of the company including confidential information.

TJnoreply@blogger.com0tag:blogger.com,1999:blog-562158015259901802.post-30763116043720396962007-10-29T21:23:00.000-07:002007-10-31T20:33:48.376-07:00

There was a question about CISA scaled score system. Here is an excerpt from ISACA's explanations: "...Beginning with the June 2007 exam administration, exam scores are being reported on a scale from 200-800. This is a change from the 1-100 point scale that was used previously. Regardless of the scoring scale, the overall exam pass/fail results are the same. In other words, no more, or fewer

TJnoreply@blogger.com5tag:blogger.com,1999:blog-562158015259901802.post-18130074590314217252007-10-11T21:16:00.000-07:002007-10-29T21:54:57.079-07:00

Well this year deadline has passed. Those who were in time for registration should begin the preparation. Others who decided not to attend this year exam have chance to do preparation without rush.Let me share some experience in my approach to CISA exam preparation.First of all you need to read latest CISA Review Manual.In second place you need the questionary. I browsed ISACA bookstore and found

TJnoreply@blogger.com6tag:blogger.com,1999:blog-562158015259901802.post-37199423838118315242007-09-10T23:09:00.000-07:002007-10-29T21:52:29.554-07:00

Yesturday i received a letter from ISACA. They reminded me that I passed CISA (Certified Information System Auditor) exam in 2005. And the deadline for certification is in December 2010. Why didn't I complete certification process? Well the answer is - I don't need the certificate right now. It is enough for the employeer to know that I have passed the CISA exam.So why do we need this

TJnoreply@blogger.com4tag:blogger.com,1999:blog-562158015259901802.post-43835407348131128662007-09-02T21:33:00.000-07:002007-09-05T06:23:10.442-07:00

This time I want to share my experience of Key Performance Indicator (KPI) development in IT area. For instance we have a procedure saying all user accounts in domain must be disabled after employee's dismissal. Employee should sign-off depature clearance by system administrator, who will lock or delete user accounts of such an employee. Our task is to implement KPI that will show us how well

TJnoreply@blogger.com6tag:blogger.com,1999:blog-562158015259901802.post-29591856806016274742007-08-20T03:35:00.000-07:002007-08-26T22:25:10.905-07:00

So, let's start with basics.What is the difference between Internal control and Internal audit and how to extend it to aspects of information technology?We could say that internal control is the process intended to improve the quality of buisness processes of organization. And main tasks of internal audit are to assure the quality of internal controls are and give recommendations on how to

TJnoreply@blogger.com3tag:blogger.com,1999:blog-562158015259901802.post-14033659700347482122007-08-16T10:07:00.000-07:002007-08-17T00:04:52.744-07:00

Why do we need to audit and control all these boring things? Do the people really need somebody, who will crack a whip, indeed?Unfotunately our practice and experience shows that it is our case. It is like Murphy's low: If something could be done wrong, it will be done wrong.The answer, why it is happen, if the answer exists at all, lies in areas of philosophy and psychology. But it easy to see,

TJnoreply@blogger.com4