Management, compliance & auditing

What is a Privacy Impact Assessment (PIA)? Privacy Impact Assessment is a process to determine the impacts of a program, system, service, scheme, initiative,...

Previously, we took a major problem with which organizations are faced in the implementation of Agile methodologies in companies. It was where the lack of...

We like to read the latest and greatest security books, andsometimes the author and/or publisher is generous enough to share an extended with us - and you....

This is Chapter 4 in Tom Olzak‘s book, “Enterprise Security: A practitioner’s guide.” Chapter 3 is available here: Building the Foundation: Architecture...

"What's in a name? that which we call a rose. By any other name would smell as sweet" Shakespeare would probably turn over in his grave knowing that I have...

In this chapter, we define the various types of enterprise architectures, how to integrate them into strategic and tactical business objectives, and how to build from business need to system and network design.

Chapter 1Security: A working definition Managing Risk Probability of Occurrence Business Impact Threat Sources Human Threats Geographic Threats Natural...

Table of Contents Trusted Computing Boot Path Security Challenges Boot Path Attack Surface The Trusted Memory Module (TPM) TPM Architecture...

When C&A becomes A&A, will you be ready? Every few months, an elite group of DoD security experts, IT managers, and senior leadership gather to chart...

Several people have asked for an IT Audit Program Template for an audit based on the ISO/IEC 27002:2005(E) security standard.  This template, which can be...