Monthly Archives: January 2013

#7 – ARE YOU PROTECTING YOUR DIGITAL ASSETS? – DAN SWANSON

Posted on by
Reply

Are You Protecting Your Digital Assets?
Safeguarding assets has been an important objective of all organizations for centuries. In today’s digital age however, what does safeguarding your assets really mean? Who is responsible for it? And how is “protection” actually achieved?

The COSO framework for enterprise risk management recognized the importance of safeguarding assets as an implicit component of effective internal control. Its landmark 1992 framework even defined internal control as: “[A] process … designed to provide reasonable assurance regarding the achievement of objectives in the following categories: effectiveness and efficiency of operations; reliability of financial reporting; and compliance with applicable laws and regulations.”

Continue reading

#7 – MOMENT OF OH! – JOHN BLAKINGER & GREG RANSTROM

Posted on by
Reply

JohnBlackingerAvoiding the risk of poor community decisions
Every week when we read our local paper, there is a story about some contentious community problem. It seems community leaders are often trying to explain themselves after the fact; when “solutions” are already underway. Projects are stopped, lawsuits filed, and the cost of the solution suddenly skyrockets.  How can a community reduce its exposure to these very real, very expensive risks?

Continue reading

#7 – DOES THE CIO NEED A CISO? – JOHN MILLICAN

Posted on by
Reply

John Millican pixThat may seem a strange question from an ex-CISO like me so let me be clear. The enterprise almost undoubtedly needs a CISO.  But, it is my proposal that the CISO may be more effective reporting into another functional area.   It depends on what type of CIO you are, and what your organization needs from its information security program. Continue reading