Due before class,
Watch this video about governance:
and then this video on the role of IT and the Control Environment:
Now watch this video on two important security controls:
Read these articles:
- “Implementing Board Oversight of Cybersecurity” http://ibit.temple.edu/wp-content/uploads/2016/04/IBITReport_CyberBoard.pdf
- “Understanding IT Controls” https://drive.google.com/open?id=0B8S2SZTC04ViUDhmZ0phNVY3Z0E
-
“The key to data security: separation of duties”
- COBIT 5: Enabling Processes:EDM01-EDM04, APO06 & APO07 https://drive.google.com/a/temple.edu/file/d/0B8S2SZTC04ViYVRpUWxTczU4RXM/view?usp=sharing
- All-in-One CISSP Exam Guide 7th Edition: pp 723-724, 924-930
Consider this case:
- The Dentdel Case https://drive.google.com/a/temple.edu/file/d/0B8S2SZTC04ViakJ6OVNXV3AtQnc/view?usp=sharing
Watch these extra videos if you want to understand more about the control environment
- Queens College Control Environment 1 https://www.youtube.com/watch?v=mmDLdWGQo9I
- Queens College Control Environment 2 https://www.youtube.com/watch?v=cUxMfN64_AU
and read these examples of what can happen if leadership doesn’t set the proper tone.
- Theranos: https://drive.google.com/open?id=0B8S2SZTC04ViT0Q5UlJLWTdYOWc
- Zenefits: https://www.bloomberg.com/features/2016-zenefits/
- Wells Fargo: https://hbr.org/2016/10/the-leadership-blind-spots-at-wells-fargo
Read this for another view of IT controls:
- Information Technology Risks and Controls, 2nd Edition, https://chapters.theiia.org/montreal/ChapterDocuments/GTAG%201%20-%20Information%20technology%20controls_2nd%20ed.pdf