Abstract

Author: Predrag Zivic

Scienton, Inc.
111 Peter St
Toronto, Ontario M5V 2H1
Canada
+1-416-924-4393

Title: Audit Frameworks for ISO17799 & Cobit®

Abstract:
• Introduction to ISO17799/BS7799 and CobiT® information governance frameworks
• ISO17799 and CobiT® similarities and differences
• Correlated implementation and audit guidelines
• Audit result presentation to management using Information Security Model™
ISO17799 is emerging as a new international management system framework. At the same time the Cobit® developed by the IT Governance institute was used for information governance in North America.
Accordingly the BS7799-2:2002 auditing framework has been developed for ISO17799 standard. Today, international organizations are forced to look at both standards and security management frameworks. The questions on how to meet audit and governance guidelines for both frameworks are becoming a challenge?
Can we leverage existing information governance, security management systems and audit frameworks?
This session will present ISO17799 management framework and Cobit® framework. It will present parallels between standards and guidelines on audit procedures. This session will enable information security and audit professionals to understand both ISO17799 & CobiT® management frameworks. In addition, the presentation will draw a parallel between COBiT, OECD guidelines, NSA Infosec Assessment model and ISO17799 standard. A key goal is to educate attendees for proper implementation of the information governance including the specific audit guidelines.