The air traffic crisis provoked by the Icelandic volcano eruption, with its accompanying economic and societal effects, is analyzed through the lens of the ISO 31000 risk management standard by the leader of the group of ISO experts who developed it. Read more here: http://www.iso.org/iso/pressrelease.htm?refid=Ref1317
The main goals/aims of the publication are expanding the 2009 COSO Guidance on Monitoring of Internal Controls by bringing emphasis to the monitoring of application and IT general controls and discussing the use of automation (tools) for increased efficiency and effectiveness of monitoring processes. The authors also move away from a mere conceptual elaboration on [...]
ISACA recently released an Audit Guideline on Continous Monitoring. Read more here: http://www.isaca.org/Template.cfm?Section=Standards&Template=/ContentManagement/ContentDisplay.cfm&ContentID=55823
ISACA has recently released an IT Auditing Guideline on the Return on Security Investment (ROSI). Learn more here. http://www.isaca.org/Template.cfm?Section=Standards&Template=/ContentManagement/ContentDisplay.cfm&ContentID=55658
Progress Report on ISO 31000 ISO 31000 has been approved following the ballot of ISO Member Organisations, but due to different approval processes for Standards and Guides there is a delay until the end of September to finalise Guide 73 and to ensure full harmonisation between the two documents. Consequently it will not be until [...]
Source : ISO ISO 31000:2009 provides principles and generic guidelines on risk management. ISO 31000:2009 can be used by any public, private or community enterprise, association, group or individual. Therefore, ISO 31000:2009 is not specific to any industry or sector. ISO 31000:2009 can be applied throughout the life of an organization, and to a wide [...]