Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Management
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Ownership of Information Assets

from [Brad Bemis] Network Security [Permanent Link]
Subject: Ownership of Information Assets
Date: Mon, 27 Mar 2006 12:38:45 -0800 
What models and approaches to the ownership of information assets have
others tried?  
 
I am used to the old paradigm of direct ownership attached to a
specific business unit director or management delegate.  In the
company that I work for now, I am considering an approach that looks
more at the business processes themselves - having the owners of each
business process take responsibility for the information assets that
are used as input, processing, and output for the processes
themselves.  This puts the use of information assets into the context
of the business process as opposed to a 1 size fits all approach.  I
can definitely see some clear pro's and con's here...     
 
Have others tried this route?  And what kinds of successes/lessons
learned can you share?    
 
TIA,
 
Brad Bemis, CISSP, CISA
Information Security Professional     
 
P.S.  We are already working toward the use of Lean Six Sigma within
our company, so there is a tremendous level of effort going into
defining business processes and establishing ownership of them...
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Ownership of Information Assets, Brad Bemis <=
Previous by Date:  infosec awareness, infosecuritymail
Next by Date:  Re: infosec awareness, Saqib Ali
Previous by Thread:  infosec awareness, infosecuritymail
Indexes:  [Date] [Thread] [Top] [All Lists]