Sigler et al., 2016 - Google Patents
Securing an IT organization through governance, risk management, and auditSigler et al., 2016
- Document ID
- 7623193562975360420
- Author
- Sigler K
- Rainey III J
- Publication year
External Links
- 238000000034 method 0 abstract description 198
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
- G06F21/46—Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06Q—DATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4016—Transaction verification involving fraud or risk level assessment in transaction processing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2101—Auditing as a secondary aspect
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06Q—DATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Silowash et al. | Common sense guide to mitigating insider threats | |
| Schumacher et al. | Security Patterns: Integrating security and systems engineering | |
| CISSP | Official (ISC) 2 guide to the CISSP CBK | |
| Goodenough et al. | Toward a theory of assurance case confidence | |
| Johnson et al. | Security policies and implementation issues | |
| Conner et al. | Information security governance: a call to action | |
| Silowash et al. | Common sense guide to mitigating insider threats 4th edition | |
| Andress et al. | Building a practical information security program | |
| Kohnke et al. | Implementing cybersecurity: A guide to the national institute of standards and technology risk management framework | |
| Kohnke et al. | The complete guide to cybersecurity risks and controls | |
| Brumfield | Cybersecurity risk management: Mastering the fundamentals using the NIST cybersecurity framework | |
| Da Veiga | Cultivating and assessing information security culture | |
| Mead et al. | Software assurance curriculum project volume I: Master of software assurance reference curriculum | |
| Sigler et al. | Securing an IT organization through governance, risk management, and audit | |
| Axelrod et al. | Enterprise information security and privacy | |
| Davis | Auditing Information and Cyber Security Governance: A Controls-based Approach | |
| Carlson | How to Manage Cybersecurity Risk: A Security Leader's Roadmap with Open FAIR | |
| Workman | Information security management | |
| Braithwaite | Securing e-business systems: A guide for managers and executives | |
| Yeo | Unintentional insider threat assessment framework: Examining the human security indicators in healthcare cybersecurity | |
| Presley | Effective Cybersecurity Risk Management in Projects | |
| Abdulrahim | Managing Cybersecurity as a Business Risk in Information Technology-based Smes | |
| Bellasio et al. | Developing Cybersecurity Capacity | |
| Furrer | Principles for Security | |
| Hidalgo | Implementing Cybersecurity Measures in New Information Technology Systems: A Generic Qualitative Inquiry |