Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

ME3.3 - Evaluation of Compliance With External Requirements

This topic is intended to enable collaboration and sharing of information to facilitate a better understanding and approach to implementing this COBIT control objective based on the risk, value and guidance provided by its corresponding control practices.

COBIT Control Objective ME3.3 - Evaluation of Compliance With External Requirements is contained within Process Popup Ensure Compliance With External Requirements.

Learn more about COBIT and related publications.

Click “Join This Community” to be able to actively participate in discussions and contribute content. You must be an ISACA member to join this topic. Join ISACA now.

 
This Topic Has:
4 Members
0 Online
3377 Visits

 Recent Discussions

Community Leader

Knowledge Center Manager

Knowledge Center Manager

Title: Become a Topic Leader!

Badge: Energizer


Evaluation of Compliance With External Requirements

Confirm compliance of IT policies, standards, procedures and methodologies with legal and regulatory requirements.

View value and Risk Drivers  help

Hide value and Risk Drivers help


Value Drivers

  • Good practices for dealing with laws and regulations incorporated effectively into enterprise arrangements
  • Increasing process performance and compliance with laws and regulations
  • Deviations identified to support timely corrective action
  Risk Drivers
  • Financial losses and penalties
  • Decreased customer and business partner satisfaction
  • Non-compliance incidents not identified, adversely impacting the enterprise’s performance and reputation
  • Increased likelihood of disputes

View Control Practices  help

Hide Control Practices  help

  1. Regularly evaluate IT organisational policies, standards, procedures and methodologies to ensure compliance with relevant legal, regulatory and contractual requirements. Ensure that gaps are addressed and changes are reflected in the policies, standards and procedures on a timely basis.
  2. Periodically evaluate IT processes and activities to ensure adherence to applicable legal, regulatory and contractual requirements.
  3. Regularly evaluate recurring patterns of compliance failures. Where necessary, improve policies, standards, procedures, methodologies, and associated processes and activities.

Discussions: 0 total

Must be a Topic member to contribute

No Results Found

Documents & Publications: 500 total

Must be a Topic member to contribute
View All »
Downloads
Posted by ISACA 223 days ago
Downloads
Posted by ISACA 234 days ago
This document provides a preview of the information contained in COBIT 5.
Posted by ISACA 637 days ago
This presentation by Robert Stroud, CGEIT, CRISC, ISACA Strategic Advisory Board, addresses the COBIT 5 framework, the critical aspects of COBIT 5, and what is available.
Posted by ISACA 637 days ago
Posted by ISACA 745 days ago
Posted by ISACA 745 days ago

Events & Online Learning: 24 total

Journal Articles: 500 total

Volume 6, 2014
by ISACA Member and Certification Holder Compliance
An up-to-date listing of the current IT Audit and Assurance Standards, Guidelines, and Tools and Techniques
Volume 6, 2014
by Kathleen M. Stetz, CISA, CISM, CRISC, PMP
Get to know your network.
Volume 6, 2014
by Muhammad Mushfiqur Rahman, CISA, CCNA, CEH, ITIL V3, MCITP, MCP, MCSE, MCTS, OCP, SCSA
Database auditing is the activity of monitoring and recording configured database actions from database users and nondatabase users, to ensure the security of the databases.
Volume 6, 2014
by Kerry A. Anderson, CISA, CISM, CGEIT, CRISC, CCSK, CFE, CISSP, CSSLP, ISSAP, ISSMP
The information security model, while not scientifically vetted, can help the information security practitioner quickly estimate the maturation stage of an information security program.
Volume 6, 2014
by Tommie Singleton, CISA, CGEIT, CPA
With the advent of the latest wave of information technologies such as big data, social media, technologies as a service and the cloud in general, it is worth taking the time to revisit the basics of IT audit.
Volume 6, 2014
by Vasant Raval, DBA, CISA, ACMA
Over the past two decades, the demand for information systems (IS) knowledge workers has outpaced the supply.

Wikis: 2 total

Blog Posts: 139 total

Reducing PCI Scope is an almost universal task for merchants and service providers.  As a QSA I find that most companies don't really know how to do this effectively.  I've put together a blog post on my views on this and would love to hear yours.  http:/...
Posted By : Stewart141 | 0 comments
Hi everyone!  I've drawn a big picture based on the information of the COBIT 5 Process as well as the ISO Standards and ITIL, to present and share it with other colleagues and for further discussions.  Well, I hope that Model will be useful, bec...
Posted By : Dirk445 | 10 comments
Few days back a news flashed in Information Security circles that KMART one of the top brick and mortar retailers in America had a data breach i.e. they lost customer’s personal information and credit card/ debit card information due to a malware on their...
Posted By : Abhishek Tripathi | 0 comments
27 Oct 2014
Now a days, you don’t need to be a IT guru or best software programmer to access /control other personal/organization data. If you follow below techniques, you can easily get confidential information. 1. Masquerading 2. Tailgeting (Piggy back) 3. Dum...
Posted By : Shaklain | 1 comments
23 Oct 2014
Posted By : masarker | 4 comments
14 Oct 2014
For those new to PCI Compliance (either a new QSA or other interested party) I have put together a general PCI Compliance Wiki to quickly cover the basis of PCI Compliance. •PCI DSS Standards Overview •History of PCI DSS •Who has to...
Posted By : Stewart141 | 0 comments