ISACA publica COBIT 5 for Information Security

ver artigo no Finantial Post:

ISACA Issues COBIT 5 for Information Security

Today [25 Jun] at the INSIGHTS 2012 conference, ISACA released COBIT 5 for Information Security, which builds on the recently released COBIT 5 framework to provide practical guidance for those interested in security at all levels of an enterprise. ISACA’s COBIT 5 framework is the only business framework for the governance and management of enterprise IT.

In the past year, close to one in four (22%) enterprises has experienced a security breach and 21% have faced mobile device security issues, according to a global survey of more than 3,700 IT professionals who are members of ISACA. In the next 12 months, data leaks and employee-related issues top the list of hot-button IT issues most likely to challenge an organization’s network security. The threats were ranked in the following order:
  • Data leakage (loss or breach) 17%
  • Inadvertent employee mistakes 16%
  • Incidents related to employees’ personal devices (BYOD) 13%
  • Cloud computing 11%
  • Cyber attacks 7%
  • External hacking 5%
  • Disgruntled employee 5%
  • All of the above 19%
“COBIT 5 for Information Security can help enterprises reduce their risk profile by managing security appropriately. Information and related technologies are increasingly core to the enterprise, but information security is core to stakeholder trust,” said Christos Dimitriadis, CISA, CISM, CRISC, ISACA international vice president. “With professionals from 40 countries gathering at INSIGHTS 2012, this is the ideal venue to release the latest expert advice.”

COBIT 5 for Information Security is available from ISACA, a nonprofit global association of 100,000 IT governance professionals. The guide is divided into three sections: Information Security, Using COBIT 5 Enablers for Implementing Information Security in Practice, and Adapting COBIT 5 for Information Security to the Enterprise Environment.

This latest guide is part of the comprehensive COBIT 5 family of publications. It provides additional guidance on the enablers within the COBIT framework and equips security professionals with the knowledge they need to use COBIT for more effective delivery of business value.

“The governance and management of information and technology is a large and complex topic. COBIT helps counter that complexity through relevant, effective and simple-to-use business guidance on specific areas within information systems. COBIT 5 for Information Security provides the security-specific perspective of this important business tool, and was designed in response to heavy demand for security guidance that integrates other major frameworks and standards,” said Greg Grocholski, CISA, international president of ISACA and chief audit executive at Dow Chemical.

COBIT 5 provides globally accepted principles, practices, analytical tools and models designed to help business and IT leaders maximize trust in, and value from, their enterprise’s information and technology assets. The framework and related documents have been downloaded 70,000 times in the two months since release.