Business continuity should make focus on incidents that are not frequent but may cause a big impact on the organization. A Business Continuity Plan (BPC) is a plan used by an organization to respond to disruption of critical business process.…
Auditpol.exe is the command-line utility tool to change Audit Security settings at the category and sub-category levels. Attackers can use AuditPol to enable or disable security auditing on local or remote systems and to adjust the audit criteria for different…
This posts is to clarify the different terms related to Information System Disaster Recovery Objectives, and their differences. These terms appear on both Certified Information System Auditor (CISA) and Certified Information Security Manager (CISM) certifications, both issued by ISACA. Objective…
Risk Management is a process aimed at achieving an optimal balance between realizing opportunities for gain an minimizing vulnerabilities and loss. Business Impact Analysis (BIA) is performed to determine the impact of losing the availability of any resources to an…
Differences: Accountability: Is individual. It is granted according to skill set, rol or strenghts. Responsibility: Can be shared. You can work with a team of people to divide responsibilities. External references “Difference between responsibility and accountability in leadership” by Ian…
CISA (Certified in Information System Auditor) is a certification issued by professional association ISACA. The purpose of this post is to explain the procedure for a candidate to get CISA certification, and related requirements. It is important to know two…
CISA (Certified in Information System Auditor) is a certification issued by professional association ISACA. The purpose of this post is to provide information to future exam candidates about how to pass the exam, based on my own experience. I passed…