ISACA issues COBIT 5 to guide biz IT governance
By Asia Cloud Forum editors 03-Jul-2012
ISACA released an online document "COBIT 5 for Information Security" to provide guidance on enterprise IT security.
The document was built on the recently launched COBIT 5 business framework to guide enterprises IT governance and management.
Findings of a new ISACA survey suggested in the past year, one in four (25%) enterprises has experienced a security breach and 19% have faced mobile device security issues. The survey, titled "2012 Governance of Enterprise IT (GEIT) Survey," was conducted on 700 plus Asia Pacific-based IT professionals who are members of ISACA.
Cloud to contribute 10% security threats
The survey findings also suggested that in the next 12 months, data leaks and employee-related issues will become the hottest issues that challenge an organization's network security. According to the survey results, the security threats were ranked in the following order:
- Data leakage (loss or breach) 22%
- Inadvertent employee mistakes 15%
- Incidents related to employees' personal devices (BYOD): 15%
- Cloud computing 10%
- Cyber attacks 8%
- External hacking 5%
- Disgruntled employee 5%
- All of the above 15%
The guide "COBIT 5 for Information Security," which forms part of the COBIT 5 family of publications, comprises three major sections: 1) Information security; 2) Using COBIT 5 enablers for implementing information security in practice; and 3) Adapting COBIT 5 for information security to the enterprise environment.
"'COBIT 5 for Information Security' can help enterprises reduce their risk profile by managing security appropriately. Information and related technologies are increasingly core to the enterprise, but information security is core to stakeholder trust," said Christos Dimitriadis, CISA, CISM, CRISC, international vice president of ISACA.
The COBIT 5 information security framework provides globally accepted principles, practices, analytical tools and models designed to help business and IT leaders maximize trust in, and value from, their enterprise's information and technology assets.
"More effective governance of enterprise IT is the key to managing changing business needs and the on-time project deliverables, especially under the staffing constraint most organizations are faced with today," said Simon Chan, president of the ISACA China Hong Kong Chapter.