Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

ME3.3 - Evaluation of Compliance With External Requirements

This topic is intended to enable collaboration and sharing of information to facilitate a better understanding and approach to implementing this COBIT control objective based on the risk, value and guidance provided by its corresponding control practices.

COBIT Control Objective ME3.3 - Evaluation of Compliance With External Requirements is contained within Process Popup Ensure Compliance With External Requirements.

Learn more about COBIT and related publications.

Click “Join This Community” to be able to actively participate in discussions and contribute content. You must be an ISACA member to join this topic. Join ISACA now.

 
This Topic Has:
4 Members
0 Online
3367 Visits

 Recent Discussions

Community Leader

Knowledge Center Manager

Knowledge Center Manager

Title: Become a Topic Leader!

Badge: Energizer


Evaluation of Compliance With External Requirements

Confirm compliance of IT policies, standards, procedures and methodologies with legal and regulatory requirements.

View value and Risk Drivers  help

Hide value and Risk Drivers help


Value Drivers

  • Good practices for dealing with laws and regulations incorporated effectively into enterprise arrangements
  • Increasing process performance and compliance with laws and regulations
  • Deviations identified to support timely corrective action
  Risk Drivers
  • Financial losses and penalties
  • Decreased customer and business partner satisfaction
  • Non-compliance incidents not identified, adversely impacting the enterprise’s performance and reputation
  • Increased likelihood of disputes

View Control Practices  help

Hide Control Practices  help

  1. Regularly evaluate IT organisational policies, standards, procedures and methodologies to ensure compliance with relevant legal, regulatory and contractual requirements. Ensure that gaps are addressed and changes are reflected in the policies, standards and procedures on a timely basis.
  2. Periodically evaluate IT processes and activities to ensure adherence to applicable legal, regulatory and contractual requirements.
  3. Regularly evaluate recurring patterns of compliance failures. Where necessary, improve policies, standards, procedures, methodologies, and associated processes and activities.

Discussions: 0 total

Must be a Topic member to contribute

No Results Found

Documents & Publications: 500 total

Must be a Topic member to contribute
View All »
Downloads
Posted by ISACA 195 days ago
Downloads
Posted by ISACA 205 days ago
This document provides a preview of the information contained in COBIT 5.
Posted by ISACA 608 days ago
This presentation by Robert Stroud, CGEIT, CRISC, ISACA Strategic Advisory Board, addresses the COBIT 5 framework, the critical aspects of COBIT 5, and what is available.
Posted by ISACA 608 days ago
Posted by ISACA 716 days ago
Posted by ISACA 716 days ago

Events & Online Learning: 23 total

Journal Articles: 500 total

Volume 5, 2014
by Tommie Singleton, CISA, CGEIT, CPA
It is tempting to look at a neat report that came from a computer and to have a “leap of faith” as to the veracity and reliability of the information of that report.
Volume 5, 2014
by Giuliano Pozza
The discussion around bring your own device (BYOD) policies is often focused on topics such as the opportunity, risk and security implications of using personal devices and user apps in the business context.
Volume 5, 2014
by Ed Gelbstein, Ph.D.
There are three domains that impact information security.
Volume 5, 2014
by Zhiwei Fu, Ph.D., CISA, CGEIT, CRISC, CFE, PMP, John W. Lainhart IV, CISA, CISM, CGEIT, CRISC, CIPP/G, CIPP/US, and Alan Stubbs, MAS
Fraud is an undeniable reality and has recently become more pervasive and persistent as a result of the downturn in the economy.
Volume 5, 2014
by Ashwin Chaudhary, CISA, CISM, CGEIT, CRISC, CISSP, CPA, PMP
Mobile computing and the bring your own device (BYOD) trend are revolutionizing end-user computing in many organizations.
Volume 5, 2014
by Vasant Raval, DBA, CISA, ACMA
Intentional actions of any code are essentially limited only to the extent its writer chooses.

Wikis: 2 total

Blog Posts: 137 total

14 Oct 2014
For those new to PCI Compliance (either a new QSA or other interested party) I have put together a general PCI Compliance Wiki to quickly cover the basis of PCI Compliance. •PCI DSS Standards Overview •History of PCI DSS •Who has to...
Posted By : Stewart141 | 0 comments
8 Sep 2014
Posted By : masarker | 3 comments
Kali Linux is a versatile operating system that comes with a number of security assessment and penetration testing tools. Deriving and practicing these tools without a proper framework can lead to unsuccessful testing and might produce unsatisfied resul...
Posted By : Rungga | 0 comments
7 Sep 2014
Now a days, you don’t need to be a IT guru or best software programmer to access /control other personal/organization data. If you follow below techniques, you can easily get confidential information. 1. Masquerading 2. Tailgeting (Piggy back) 3. Dum...
Posted By : Shaklain | 0 comments
My self-study is a combination of CISA 2009 and CISA 2014. The profit of knowledge gained through career experience is not enough to understand job practice area. In today's condition, the auditing process needs attention! Auditing and Auditors: A...
Posted By : Shanthamurthy926 | 0 comments
  Rob Stroud is the New York based Vice President of Strategy and Innovation at CA Technologies and is the current President for the 2014-15 administrative term.  I caught up with Rob in Australia when he...
Posted By : Rob Hanson | 1 comments