Strong Security Governance through Integration and Automation

A Practical Guide to Building an Integrated GRC Framework for Your Organization

AvPriti Sikdar

Inbunden, Engelska, 2021

Del i serien Security, Audit and Leadership Series

1 010 kr

Beställningsvara. Skickas inom 10-15 vardagar. Fri frakt över 249 kr.

Fler format och utgåvor

Häftad

676 kr

Beskrivning

This book provides step by step directions for organizations to adopt a security and compliance related architecture according to mandatory legal provisions and standards prescribed for their industry, as well as the methodology to maintain the compliances. It sets a unique mechanism for monitoring controls and a dashboard to maintain the level of compliances. It aims at integration and automation to reduce the fatigue of frequent compliance audits and build a standard baseline of controls to comply with the applicable standards and regulations to which the organization is subject. It is a perfect reference book for professionals in the field of IT governance, risk management, and compliance. The book also illustrates the concepts with charts, checklists, and flow diagrams to enable management to map controls with compliances.

Produktinformation

Utgivningsdatum:2021-12-24
Mått:152 x 229 x 22 mm
Vikt:750 g
Format:Inbunden
Språk:Engelska
Serie:Security, Audit and Leadership Series
Antal sidor:302
Förlag:Taylor & Francis Ltd
ISBN:9780367862770

Utforska kategorier

Servicesektorn inom Ekonomi och Ledarskap
Informationsteknik: allmänt inom Data och IT
Redovisning inom Ekonomi och Ledarskap

Mer om författaren

Priti Sikdar, FCA, CISA, CISM, CRISC, ISO 27001 LA, BS 25999 LA, PRINCE 2 (FC) Ms. Sikdar is the author of ‘Practitioner’s Guide to Business Impact Analysis (BIA)’ published by Auerbach publishers in July 2017. Ms Sikdar is in the risk, audit and assurance sector for over 25 years and have performed internal audits, compliance standards rollouts, risk assessments and other similar assignments in the GRC space. She has developed the ISO 27001 standard rollout, the ISO 22301 business continuity implementation, risk assessment as per ISO 31000, and many such compliance related implementation and internal audits. She is a recognized trainer and a keynote speaker at security and resilience conferences. Ms. Sikdar has worked as Head of Finance for Shipping and Logistics Company. She has been Partner with Ray & Co Chartered Accountants where she performed many bank audits relating to risk based, IS audits and data migration and post-implementation audits. She was also into Sarbanes Oxley Compliance where she was performing ITGC and Revenue modules of SOX. She owned ISA Tutorials where she was teaching Chartered Accountant IT audit, IS systems and how to audit in complex technology environments. Ms. Sikdar has worked with Grant Thornton, as Manager Business Risk Services where she has initiated a BS 25999 rollout, SAS 70 assignments and Enterprise Risk assessments. She was with KPMG London where she was doing IT internal audit for Financial Services sector and also was spearheading a big in-house Technology Global Services Project for 6 divisions of Technology within Risk & Assurance function. Ms. Sikdar has authored two books; ‘Information Systems Audit & Security’ and ‘Management Information Systems for Final C.A.’ published by Lawpoint Publishers India. Besides she has been authoring articles and white papers on IS Audit and Business Continuity Planning as well as speaking in International Conferences and ISACA local chapters. Her articles are carried in Indo-Swiss and Indo-US magazines and she does a lot of online mentoring for students appearing for CISA, CISM examinations. Ms. Sikdar gives online consulting for US and South Africa regions on third party assurance, secure infrastructure building, writing of security policies and rolling out an information systems management system in line with ISO 27001 and ISO 22301 standards. As subject matter expert, she is consulted for complex IT audit and control assignments and she is involved in risk assessments and gap analysis for her clients in India.

Innehållsförteckning

1. Emerging Trends in Technology & its Impact on Business 2. Need for compliance – challenges and roadblocks3. Adopting an Integrated approach for compliance4. Compliance Frameworks – possible solutions5. Adoption of a customized approach to compliance6. Activities/Phases to perform for achieving integrated compliance (with annexure A)7. Designing an operating model for risk & compliance aligned with the business model8. Next Steps – Through Automation