Deliver and Support 5 Ensure System Security

Process Description

The need to maintain the integrity of information and protect IT assets requires a security management process. This process includes establishing and maintaining IT security roles and responsibilties, policies, standards, and procedures. Security management also includes performing security monitoring and periodic testing and implementing corrective actions for identified security weaknesses or incidents. Effective security management protects all IT assets to minimise the business impact of security vulnerabilities and incidents.

Control over the IT process of Ensure systems security that satisfies the business requirement for IT of maintaining the integrity of information and processing infrastructure and minimising the impact of security vulnerabilities and incidents by focusing on defining IT security policies, plans and procedures, and monitoring, detecting, reporting and resolving security vulnerabilities and incidents is achieved by:

• Understanding security requirements, vulnerabilities and threats
• Managing user identities and authorisations in a standardised manner
• Testing security regularly

and is measured by

• Number of incidents damaging the organisation’s reputation with the public
• Number of systems where security requirements are not met
• Number of violations in segregation of duties

Salah satu domain pada Cobit 4.1 adalah Deliver and Support atau disingkat DS. Didalam domain DS ini sendiri terdiri dari 11 proses. Beruntungnya saya, saya diberi tugas oleh dosen Audit Manajemen Sistem Informasi untuk mereview DS proses yang ke 5 dan 6. Berikut powerpoint DS 5 bisa didownload disini.


reference