Secretary for Information Security

Slides:



Advertisements
Similar presentations
HIPAA Security: Case Studies for Small to Medium Health Organizations (Compliance Methods) Jeff Bardin, CISSP, CISM, NSA IAM, OCTAVE SM Principal & CSO.
Advertisements

Critical Infrastructure Protection Policy Priorities Sara Pinheiro European Commission DG Home Affairs.
The EU Adaptation Strategy
Managing Outsourced Service Providers By: Philip Romero, CISSP, CISA.
IT Web Application Audit Principles Presented by: James Ritchie, CISA, CISSP….
Information Technology – Guidelines for the Management of IT Security
Presentation to ISACA Ottawa Valley Chapter Richard Brisebois, Principal November 9, 2010.
Planning and Managing Information Security Randall Sutton, President Elytra Enterprises Inc. April 4, 2006.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Creation of Policies, Part.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Creation of Policies, Part.
The Information Systems Audit Process
Internal Audit reporting to CHU Evelin Pungas Head of Internal Control Coordination Unit Financial Control Department
Measuring the effectiveness of government IT systems Current ANAO initiatives to enhance IT Audit integration and support in delivering Audit outcomes.
Information Technology Audit Process Business Practices Seminar Paul Toffenetti, CISA Internal Audit 29 February 2008.
Comptroller of the Currency Administrator of National Banks E- Security Risk Mitigation: A Supervisor’s Perspective Global Dialogue World Bank Group September.
1 BUSINESS CONTINUITY AND DISASTER RECOVERY PLANNING Reducing your Risk Profile MIDWEST DATA RECOVERY INC.
INFORMATION SECURITY REGULATION COMPLIANCE By Insert name dd/mm/yyyy senior leadership training on the primary regulatory requirements,
Overview of Systems Audit
Evolving IT Framework Standards (Compliance and IT)
© OECD SIGMA A joint initiative of the OECD and the European Union, principally financed by the EU Internal Audit Manual PEM-PAL Plenary Meeting Zagreb.
Isdefe ISXXXX XX Your best ally Panel: Future scenarios for European critical infrastructures protection Carlos Martí Sempere. Essen.
Japanese Government’s Efforts to Address Information Security Issues October, 2007 National Information Security Center (NISC)
Chapter Three IT Risks and Controls.
Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.
Compliance Management Platform ™. Compliance Management Platform Compliance is the New Marketing – Position yourself to thrive in the new regulatory and.
Disaster Recover Planning & Federal Information Systems Management Act Requirements December 2007 Central Maryland ISACA Chapter.
PEM PAL, Moldova Dobrinka Mihaylova.  The role of internal audit in improving governance in the public sector  Why managers should care about internal.
Seeking a National Standard for Security: Developing a Systematic Crosswalk of the Final HIPAA Security Rule, the NIST SP , NIST SP Security.
Networks ∙ Services ∙ People Alessandra Scicchitano TF-CSIRT meeting – Tallinn, Estonia SIG-ISM Update 24 th September 2015 SIG-ISM Secretary.
Working with HIT Systems
Converting Policy to Reality Designing an IT Security Program for Your Campus 2 nd Annual Conference on Technology and Standards May 3, 2005 Jacqueline.
Legal Framework and Structure. Public Internal Financial Control Strategy ( ) focuses on three activities Institution of a Centralized Harmonization.
Welcome and Introduction to the Security Task Force Peter Siegel Co-Chair, Security Task Force Chief Information Officer and Vice Provost University of.
Risk assessment Rolf Sture Normann CISA, CRISC, Lead implementer Secretary for information security in HE Norway, UNINETT.
TÜBİTAK – BİLGEM – SGE Cyber Security Institute
Dr. Bhavani Thuraisingham Information Security and Risk Management June 5, 2015 Lecture #5 Summary of Chapter 3.
CSC4003: Computer and Information Security Professor Mark Early, M.B.A., CISSP, CISM, PMP, ITILFv3, ISO/IEC 27002, CNSS/NSA 4011.
Risk Assessments in Many Flavors George J. Dolicker, CISA, CISSP.
Primary Steps for Achieving ISO Certification.
Connect communicate collaborate Managing Information Security while enabling communities Kenneth Høstland (CISA, CRISC), UNINETT TNC 2011 Prague, 16 May.
Overview of Tampa Electric’s Compliance Program APPA Reliability Standards and Compliance Program January 10, 2007.
1 National Risk Assessment Workshop April 30, 2013 Korea Adaptation Center for Climate Change.
Welcome CCERP 2016
Security Management Geant SIG-SIM – Alf Moens
Joint Seminar Brussels 2017.
NCDPI Information Technology k-12 Cybersecurity Study
Control on Information Security
The Internal Audit Role in assessing Cybersecurity
Business Cointinmuit Framework
ICT Security Expert, DC Cloud Practice Leader HUAWEI
Critical Infrastructure Protection Policy Priorities
Chapter 9 Control, security and audit
Information Security based on International Standard ISO 27001
Information Systems Risk Management in Uganda
Drew Payne, CISA Corporate Security Senior Manager
Frameworks, Standards, Guidelines, and Best Practices
IIA District Conference Seminar Presenter David Cole, CPA, CISA, CRISC
مبانی ممیزی فناوری اطلاعات
Risk Analysis and HIPAA Security
BACKGROUND Department for International Development (DFID)
Climate Action Regional Offices (CARO)
Author Yusuf Mohamed Hussein
IS Risk Management Report (Template)
USE OF PEMPAL KNOWLEDGE PRODUCTS
CRISIS EVENT Risk Assessment Crisis Management and Business Continuity
REGIONAL LOCAL GOVERNMENT BUDGET CONFERENCES
Why important? Heavy reliance on IT Pressure to deliver IT services Increasing range of threats.
Elections Systems: Designated Critical Infrastructure
Policy on the Internal Audit Council
Good practices for risk assessment and control activities
Presentation transcript:

Secretary for Information Security Trondheim 10.-11.09 2013

Background Commissioned by Ministry of Education and Research The reason is the Office of the Auditor General of Norway's criticism of the sector's safeguarding of information Shall support the research and education sector in information security issues The national guidelines for information security forms the basis for the Secretariat's work 26. desember 2018

What we do… Policies, frameworks and methodologies Templates and information material Risk and vulnerability assessments Business impact assessments Continuity and disaster recovery plans Audits Management’s review Information about the threat pictures Information security awareness Organizer of security conferences Security Portal online International cooperation 26. desember 2018

Rolf Sture Normann, CISA CRISC CISSP CSO UNINETT rolfnor@uninett.no Øivind Høiem, CISA CRISC Senior advisor information security oivindh@uninett.no 26. desember 2018

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.