Archive for the 'IT Governance' Category

Dec 17 2007

Data Governance & Privacy - Collected Reference Material

Published by Ross Graber under Articles, Audit, Compliance, Data Governance, IT Governance, Information Security, Internal Control, Privacy

This post is an ongoing collection of articles, surveys, and research about data governance and privacy.

General references:

  • The EFF has a page that gives a status update on pending legislation and court cases related to privacy rights.

Specific references:

  • Privacy Rights Clearinghouse has a chronology that documents data breaches since 2005. The grand total - 216 Million records in the USA from 2005 to present. A number of these are organizations that sell information security products and/or services and have failed to “eat their own dog-food”.
  • MySpace suffered a security breach recently that allowed hackers to download a massive amount of private photos. Those have recently showed up on BitTorrent.

No responses yet

Dec 17 2007

Internal Control (IT) - Collected Reference Material

Published by Ross Graber under Articles, Audit, Compliance, Data Governance, IT Governance, Information Security, Internal Control, Project Management

This post is an ongoing collection of articles, surveys, and research about IT General Controls.

  • The Royal Bank of Canada suffered major downtime due to a failed upgrade of their computer systems in 2004.

No responses yet

Dec 14 2007

Insider Threat - Collected Reference Material

Published by Ross Graber under Articles, Audit, Cybercrime, IT Governance, Information Security, Internal Control

This post is a collection of articles and research related to insider threats.

Surveys & Research:

  • The US Secret Service published the Insider Threat Study in 2003 and 2005.

Articles:

No responses yet