![]() Statement on Auditing Standards 117, Compliance Audits NIST Special Publication 800-39, Managing Information Security Risk: Organization, Mission, and Information System View ISO/IEC 31000:2009, Risk Management-Principles and Guidelines ![]() ĬOSO’s Enterprise Risk Management-Integrated Framework.Web sites and online resources of the IT Governance Institute ( ) and ISACA ( ) ISO/IEC 38500:2008, Corporate Governance of Information Technology ĬOSO’s Internal Control-Integrated Framework.Ĭontrol Objectives for Information and Related Technology (COBIT).Key sources of additional information include: Each of the organizational functions addressed in this chapter represent business disciplines that are the subject of abundant business and management literature and the focus of multiple professional associations, standards bodies, and other organizations.
0 Comments
Leave a Reply. |