|
| The material referenced from these pages is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. In most cases, these works may not be reposted without the explicit permission of the copyright holder. |
Each image below will take you to a white paper that answers what some people regard as illusive questions, and our solutions as welcome advances.
The first is in answer to the question "What role does information security have to play in internal control and corporate governance?" and describes Gamma's own internal control system (ICS). Founded on the Audit Practice Board's guidance on internal control, it expands on the Basel II concepts of credit, market and operational risk, and has been certified to ISO 9001 and ISO/IEC 27001. The second is in answer to the question "How do you measure the effectiveness of an internal control system?" and postulates the use of time as a metric. The paper also considers the cost effectiveness of internal control. The third is in answer to the question "How do you engage the Board in matters of information security?" The answer lies in involving the senior business managers in the risk assessment and to conduct it in terms of business events and impacts The fourth is in answer to the question "How quickly is it possible to establish a certifiable ISMS?", and presents our white paper on "Fast Track ISMS Certification". This utilises the principles discovered in developing our own internal control system and the risk assessment approach we developed to engage the Board. In many ways these four innovations are just different views of the same thing - sound internal control. |
|
|||||
Click the "next" button to continue the tour. Click "back" to retrace your steps. |
||||||
