IT Compliance and Controls

Best Practices for Implementation

DeLuccia, James J.

1. Auflage April 2008
288 Seiten, Hardcover
Praktikerbuch

ISBN: 978-0-470-14501-2

John Wiley & Sons

Kurzbeschreibung

IT Compliance and Controls provides a proven, step-by-step approach to enterprise controls using key regulatory requirements such as Sarbanes Oxley and HIPAA. guidgsdufg

Weitere Versionen

Praise for IT Compliance and Controls

"James DeLuccia outlines a comprehensive, integrated strategy for achieving regulatory and legislative compliance. This approach is vastly superior, both in scalability and in sustainability, to the siloed compliance strategies that are often seen."
-Dr. Richard Reiner, founder, Assurent Secure Technologies

"Deluccia's book is a great primer and must-read for executives who deal with risk on a day-to-day basis. It masterfully combines the tactical nuts and bolts with the breadth of strategy that all executives must understand in dealing with mitigating risk within the walls of Information Technology in today's global economy. This book offers a structured architectural approach, a 'blueprint in effect,' for new and seasoned executives and business professionals alike to understand the world of compliance - from the perspective of what the problems are, where they come from, and how to position your company to deal with them today and into the future."
-Salil J. Kulkarni, Chief Operating and Information Officer, IVOX Corporation, and former Chief Information Officer, John H. Harland Company

Throughout IT Compliance and Controls, managers and directors charged with supporting environments will discover a refined list of business best practice controls that are explicitly written to ensure they meet the regulations in today's environment, including:
* The opportunities and challenges of operating in a global environment
* How technology enables the world market
* Importance of IT controls
* Reality and risks to IT controls being effective
* Enterprise risk analysis
* Access and authorization
* Building a system of IT compliance and controls

This meticulously detailed reference includes materials supported by matrices that map controls to specific regulations and checklists, helping you assess the controls in your own organization.

Reach the highest levels of control and ROI with the best practices found in IT Compliance and Controls.

Preface.

Acknowledgements.

Part One. Coming of Age.

Chapter 1. Operating In An Interconnected Universe.

Chapter 2. How Technology Enables The World Market.

Chapter 3. Importance of IT Controls.

Part Two. Influence and Affects.

Chapter 4. Death of Siloed IT Strategy.

Chapter 5. A Regulated Environment.

Chapter 6. The World is Your Oyster of Resources and Guidance.

Chapter 7. Reality and Risks to IT Controls Being Effective.

Part Three. Implementation.

Chapter 8. Enterprise Risk Analysis.

Chapter 9. Principles Overview and Strategy Orchestration.

Chapter 10. Principle 2: Life Cycle Management.

Chapter 11. Principle 3: Access and Authorization.

Chapter 12. Principle 4: Sustain Operations.

Chapter 13. Principle 5: Security and Assurance.

Part Four: Looking Forward.

Chapter 14. This is not the End.

Chapter 15. Building a System of IT Compliance and Controls.

Supportive Publications.

List of Acronyms.

Index.

James J. DeLuccia IV, CIA, CISA, CISSP, enables organizations to leverage information, technology, and control environments to create competitive advantage and optimize business performance. A recognized expert on risk management, security, and compliance, he provides assurance and advisory services to companies worldwide. DeLuccia, an architect and contributor for international standards and frameworks, provides regular contributions to the PCI and compliance body of knowledge. He holds dual bachelor degrees in information systems and risk management, and an MBA in finance.