Presentation is loading. Please wait.

Presentation is loading. Please wait.

OSR/Aug 02 Data Security E2002, Lecture 1 August 30, 2002 000-015 History Background - Batch - Remote access, DB, RACF - Orange Book - ITSec, Common Criteria.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "OSR/Aug 02 Data Security E2002, Lecture 1 August 30, 2002 000-015 History Background - Batch - Remote access, DB, RACF - Orange Book - ITSec, Common Criteria."— Presentation transcript:

1 OSR/Aug 02 Data Security E2002, Lecture 1 August 30, 2002 000-015 History Background - Batch - Remote access, DB, RACF - Orange Book - ITSec, Common Criteria - Code of Practice - BS 7799, ISO 17799 - ISO TR 13335 - DS 484

2 OSR/Aug 02

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25 015-030 What is Information Security ? Why do we need Information Security ? - Commercial Image - Loss of Reputation, Trust, Confidence Examples

26 OSR/Aug 02

27

28

29 Trust

30

31

32

33

34

35 030-090 Security Requirements - Risk Assessment ¤ Exercise: Five most serious threats ¤ KPMG Security Survey ¤ Traffic Light Analysis ¤ Risk Model ¤ Vulnerability Analysis Threats – BSI List - Legal Requirements ¤ FSR Vejl. 14 + 17 ¤ SysTrust - Good Practice

36 OSR/Aug 02

37

38

39

40 Exercise Which are the five most serious IT- security threats to an organization ?

41 OSR/Aug 02

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79 Risk model Vulnerability Impact Threat

80 OSR/Aug 02 Legal, statutory, regulatory and contractual requirements

81 OSR/Aug 02

82

83

84

85

86

87

88 Principles and objectives  Vision  Ethical  Good Practice  IT Security Policy

89 OSR/Aug 02 090-105 Controls - Preventive - Detective - Corrective 105-135 Critical Success Factors - Examples

90 OSR/Aug 02

91

92

93

94 Trafiklysanalyse

95 OSR/Aug 02

96

97

98

99

100

101

102

Download ppt "OSR/Aug 02 Data Security E2002, Lecture 1 August 30, 2002 000-015 History Background - Batch - Remote access, DB, RACF - Orange Book - ITSec, Common Criteria."

Similar presentations

Module 1 Evaluation Overview © Crown Copyright (2000)

Module 1 Evaluation Overview © Crown Copyright (2000)
Information Privacy and Data Protection Lexpert Seminar David YoungDecember 9, 2013 Breach Prevention – Due Diligence and Risk Reduction.

Information Privacy and Data Protection Lexpert Seminar David YoungDecember 9, 2013 Breach Prevention – Due Diligence and Risk Reduction.
IT Web Application Audit Principles Presented by: James Ritchie, CISA, CISSP….

IT Web Application Audit Principles Presented by: James Ritchie, CISA, CISSP….
Secure Systems Research Group - FAU Process Standards (and Process Improvement)

Secure Systems Research Group - FAU Process Standards (and Process Improvement)
© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.
Effective Design of Trusted Information Systems Luděk Novák,

Effective Design of Trusted Information Systems Luděk Novák,
RMI Global Risk & Crisis Management Solutions. Certain material influenced by source material drawn from IFAC Risk - Hazard & Opportunity Hazards € Spent.

RMI Global Risk & Crisis Management Solutions. Certain material influenced by source material drawn from IFAC Risk - Hazard & Opportunity Hazards € Spent.
1 Information Security Standards Gary Gaskell © 2001.

1 Information Security Standards Gary Gaskell © 2001.
ISO Information Security Management

ISO Information Security Management
ORGANISATIONAL SYSTEMS SECURITY Unit 15 Lecture 6

ORGANISATIONAL SYSTEMS SECURITY Unit 15 Lecture 6
SOX & ISO 27001 Protect your data and be ready to be audited!!!

SOX & ISO Protect your data and be ready to be audited!!!
1 Risk management and Investigation Peter Roberts

1 Risk management and Investigation Peter Roberts
Compliance Risk Self Assessment Model. Compliance Risk - Definition  The risk to earnings or capital arising from violations of, or nonconformance with.

Compliance Risk Self Assessment Model. Compliance Risk - Definition  The risk to earnings or capital arising from violations of, or nonconformance with.
Consultancy.

Consultancy.
Adaptive Processes Simpler, Faster, Better 1 Adaptive Processes Understanding Information Security ISO 17799 / BS7799.

Adaptive Processes Simpler, Faster, Better 1 Adaptive Processes Understanding Information Security ISO / BS7799.
Gurpreet Dhillon Virginia Commonwealth University

Gurpreet Dhillon Virginia Commonwealth University
Principles of Information System Security: Text and Cases

Principles of Information System Security: Text and Cases
Data Protection in Financial Services Are you Seeing the Bigger Picture? 17 September 2008.

Data Protection in Financial Services Are you Seeing the Bigger Picture? 17 September 2008.
The IS Security Problem GP Dhillon, Ph. D. Associate Professor of IS, VCU

The IS Security Problem GP Dhillon, Ph. D. Associate Professor of IS, VCU
Evolving IT Framework Standards (Compliance and IT)

Evolving IT Framework Standards (Compliance and IT)

Similar presentations

Ads by Google