Corporate Defense and the Value Preservation Imperative


Book Description

This is the first book to finally address the umbrella term corporate defense, and to explain how an integrated corporate defense program can help an organization address both value creation and preservation. The book explores the value preservation imperative, which represents an organization’s obligation to implement a comprehensive corporate defense program in order to deliver long-term sustainable value to its stakeholders. For the first time the reader is provided with a complete picture of how corporate defense operates all the way from the boardroom to the front-lines, and vice versa. It provides comprehensive guidance on how to implement a robust corporate defense program by addressing this challenge from strategic, tactical, and operational perspectives. This arrangement provides readers with a holistic view of corporate defense and incorporates the management of the eight critical corporate defense components. It includes how an organization needs to integrate its governance, risk, compliance, intelligence, security, resilience, controls and assurance activities within its corporate defense program. The book addresses the corporate defense requirement from various perspectives and helps readers to understand the critical interconnections and inter-dependencies which exist at strategic, tactical, and operational levels. It facilitates the reader in comprehending the importance of appropriately prioritizing corporate defense at a strategic level, while also educating the reader in the importance of managing corporate defense at a tactical level, and executing corporate defense activities at an operational level. Finally the book looks at the business case for implementing a robust corporate defense program and the value proposition of introducing a truly world class approach to addressing the value preservation imperative. Cut and paste this link (https://m.youtube.com/watch?v=u5R_eOPNHbI) to learn more about a corporate defense program and how the book will help you implement one in your organization.




Corporate Defense and the Value Preservation Imperative


Book Description

In the current business environment organizations are under increased pressure to ensure that they are taking appropriate measures not only in creating value, but also in preserving value. This is required in order to adequately safeguard and defend the interests of their multiple stakeholders. It includes being able to successfully demonstrate that the organization has taken all reasonable steps to help ensure that there is an appropriate program in place to help achieve this objective.The book explores the concept of the value preservation imperative as representing an organization's obligation to its stakeholders to take adequate steps to help preserve value and help defend against value erosion, reduction, or destruction. Corporate defense is synonymous with value preservation and a corporate defense program represents an organization's collective program for self-defense, in order to help deliver long-term sustainable value to its stakeholders. The book addresses the umbrella term corporate defense as including an organization's ongoing efforts in addressing its governance, risk, compliance, intelligence, security, resilience, controls, and assurance requirements. Each of which is considered to be a critical corporate defense component. It considers the challenges of implementing a world class corporate defense program and looks at this concept from strategic, tactical, and operational perspectives. Finally the book looks at the business case for implementing an integrated corporate defense program and the value proposition of introducing a truly world class approach to addressing this value preservation imperative. Essential reading for every board director, C-Suite member, and senior corporate defense professional, this book focuses on 21st century corporate defense requirements. It is the first book to finally address the umbrella term corporate defense, and to explain how an integrated corporate defense program can help an organization to address both its value creation and its value preservation obligations.This detailed table of contents provides the reader with a clear insight into the topics and issues addressed throughout the different sections and chapters of the book.




Practitioner's Guide to Business Impact Analysis


Book Description

This book illustrates the importance of business impact analysis, which covers risk assessment, and moves towards better understanding of the business environment, industry specific compliance, legal and regulatory landscape and the need for business continuity. The book provides charts, checklists and flow diagrams that give the roadmap to collect, collate and analyze data, and give enterprise management the entire mapping for controls that comprehensively covers all compliance that the enterprise is subject to have. The book helps professionals build a control framework tailored for an enterprise that covers best practices and relevant standards applicable to the enterprise. Presents a practical approach to assessing security, performance and business continuity needs of the enterprise Helps readers understand common objectives for audit, compliance, internal/external audit and assurance. Demonstrates how to build a customized controls framework that fulfills common audit criteria, business resilience needs and internal monitoring for effectiveness of controls Presents an Integrated Audit approach to fulfill all compliance requirements




Security and Auditing of Smart Devices


Book Description

Most organizations have been caught off-guard with the proliferation of smart devices. The IT organization was comfortable supporting the Blackberry due to its ease of implementation and maintenance. But the use of Android and iOS smart devices have created a maintenance nightmare not only for the IT organization but for the IT auditors as well. This book will serve as a guide to IT and Audit professionals on how to manage, secure and audit smart device. It provides guidance on the handling of corporate devices and the Bring Your Own Devices (BYOD) smart devices.




Data Analytics for Internal Auditors


Book Description

There are many webinars and training courses on Data Analytics for Internal Auditors, but no handbook written from the practitioner’s viewpoint covering not only the need and the theory, but a practical hands-on approach to conducting Data Analytics. The spread of IT systems makes it necessary that auditors as well as management have the ability to examine high volumes of data and transactions to determine patterns and trends. The increasing need to continuously monitor and audit IT systems has created an imperative for the effective use of appropriate data mining tools. This book takes an auditor from a zero base to an ability to professionally analyze corporate data seeking anomalies.




Cognitive Hack


Book Description

This book explores a broad cross section of research and actual case studies to draw out new insights that may be used to build a benchmark for IT security professionals. This research takes a deeper dive beneath the surface of the analysis to uncover novel ways to mitigate data security vulnerabilities, connect the dots and identify patterns in the data on breaches. This analysis will assist security professionals not only in benchmarking their risk management programs but also in identifying forward looking security measures to narrow the path of future vulnerabilities.




Ethics and the Internal Auditor's Political Dilemma


Book Description

This book helps auditors understand the reality of performing the internal audit role and the importance of properly managing ethical standards. It provides many examples of ethical conflicts and proposes alternative actions for the internal auditor. Internal auditors are well-schooled on the IIA Standards, but the reality is that the pressure placed on internal auditors related to execution of work and upholding ethical standards can be very difficult. Regardless of best practice or theory, auditors must be personally prepared to manage through issues they run across.




Next-Generation Enterprise Security and Governance


Book Description

The Internet is making our daily lives as digital as possible, and this new era is called the Internet of Everything (IoE). The key force behind the rapid growth of the Internet is the technological advancement of enterprises. The digital world we live in is facilitated by these enterprises’ advances and business intelligence. These enterprises need to deal with gazillions of bytes of data, and in today’s age of General Data Protection Regulation, enterprises are required to ensure privacy and security of large-scale data collections. However, the increased connectivity and devices used to facilitate IoE are continually creating more room for cybercriminals to find vulnerabilities in enterprise systems and flaws in their corporate governance. Ensuring cybersecurity and corporate governance for enterprises should not be an afterthought or present a huge challenge. In recent times, the complex diversity of cyber-attacks has been skyrocketing, and zero-day attacks, such as ransomware, botnet, and telecommunication attacks, are happening more frequently than before. New hacking strategies would easily bypass existing enterprise security and governance platforms using advanced, persistent threats. For example, in 2020, the Toll Group firm was exploited by a new crypto-attack family for violating its data privacy, where an advanced ransomware technique was launched to exploit the corporation and request a huge figure of monetary ransom. Even after applying rational governance hygiene, cybersecurity configuration and software updates are often overlooked when they are most needed to fight cyber-crime and ensure data privacy. Therefore, the threat landscape in the context of enterprises has become wider and far more challenging. There is a clear need for collaborative work throughout the entire value chain of this network. In this context, this book addresses the cybersecurity and cooperate governance challenges associated with enterprises, which will provide a bigger picture of the concepts, intelligent techniques, practices, and open research directions in this area. This book serves as a single source of reference for acquiring the knowledge on the technology, process, and people involved in next-generation privacy and security.




Mastering the Five Tiers of Audit Competency


Book Description

Risk-based operational audits and performance audits require a broad array of competencies. This book provides auditors and risk professionals with the understanding required to improve results during risk-based audits.Mastering the Five Tiers of Audit Competency: The Essence of Effective Auditing is an anthology of powerful risk-based auditing pra




The CISO Journey


Book Description

The book takes readers though a series of security and risk discussions based on real-life experiences. While the experience story may not be technical, it will relate specifically to a value or skill critical to being a successful CISO. The core content is organized into ten major chapters, each relating to a "Rule of Information Security" developed through a career of real life experiences. The elements are selected to accelerate the development of CISO skills critical to success. Each segments clearly calls out lessons learned and skills to be developed. The last segment of the book addresses presenting security to senior execs and board members, and provides sample content and materials.