Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

PO4.9 - Data and System Ownership

This topic is intended to enable collaboration and sharing of information to facilitate a better understanding and approach to implementing this COBIT control objective based on the risk, value and guidance provided by its corresponding control practices.

COBIT Control Objective PO4.9 - Data and System Ownership is contained within Process Popup Define the IT Processes, Organisation and Relationships

Learn more about COBIT and related publications.

Click “Join This Community” to be able to actively participate in discussions and contribute content. You must be an ISACA member to join this topic. Join ISACA now.

 
This Topic Has:
44 Members
0 Online
4538 Visits

Community Leader

Knowledge Center Manager

Knowledge Center Manager

Title: Become a Topic Leader!

Badge: Energizer


Data and System Ownership

Provide the business with procedures and tools, enabling it to address its responsibilities for ownership of data and information systems. Owners should make decisions about classifying information and systems and protecting them in line with this classification.

View value and Risk Drivers  help

Hide value and Risk Drivers help


Value Drivers

  • Users controlling their data and systems
  • Defined accountability for the maintenance of data and system security measures
  • Effective and timely information management processes
  • Reduced financial losses caused by theft of assets
  Risk Drivers
  • Improperly secured business data
  • Improper protection of information assets
  • Requirements for protecting business data not in line with the business requirements
  • Inadequate security measures for data and systems
  • Business process owners not taking responsibility for data

View Control Practices  help

Hide Control Practices  help

  1. Provide policies and guidelines to ensure appropriate and consistent enterprisewide classification of data.
  2. Define, maintain and provide appropriate tools, techniques and guidelines to provide effective security and controls over information assets in collaboration with the owner.
  3. Create and maintain an inventory of information assets (systems and data) that includes a listing of owners, custodians and asset classifications. Include assets that are outsourced and those for which ownership should stay within the organisation.

Discussions: 1 total

Must be a Topic member to contribute
what is/ are the difference/s between the role of a data (information asset) owner and a system owner? can a system owner be a data owner at the same time?
Ruby Kris Adona, CPA, CISA | 10/4/2013 11:39:13 AM | COMMENTS(0)

Documents & Publications: 54 total

Must be a Topic member to contribute
View All »
Downloads
Posted by FarmService 1414 days ago
Downloads
Posted by FarmService 2499 days ago
Books
Posted by ISACA 35 days ago
Books
Posted by ISACA 503 days ago
Books
Posted by ISACA 769 days ago

Events & Online Learning: 12 total

Journal Articles: 147 total

Volume 1, 2018
by Mike Van Stone, CISA, CISSP, CPA, and Ben Halpert
Ever-changing laws continue to increase the risk and cost of noncompliance when unintentional data losses occur.
Volume 1, 2018
by Sunil Bakshi, CISA, CRISC, CISM, CGEIT, ABCI, AMIIB, BS 25999 LI, CEH, CISSP, ISO 27001 LA, MCA, PMP
GDPR (Regulation [EU] 2016/679) is a regulation by which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the European Union.
Volume 1, 2018
by Mohammed J. Khan, CISA, CRISC, CIPM
To facilitate and administer the implementation of controls around the subject of big data, one must truly understand the concepts of deidentification, reidentification and anonymization.
Volume 1, 2018
by Adeniyi Akanni, Ph. D., CISA, CRISC, ITIL
This article describes a six-stage cycle of implementing big data in commercial banks, points out the major challenges in implementation and provides a suggested solution.
Volume 1, 2018
by Andrew Clark
With advances in computing power, the abundance of data storage and recent advances in algorithm design, machine learning is increasingly being utilized by corporations to...
Volume 1, 2018
by Ed Moyle
There are, literally, hundreds (if not thousands) of tools that can be purchased, adapted or applied to forwarding data protection.

Wikis: 2 total

Blog Posts: 79 total

21 Feb 2018
We are happy to announce that  on Feb//2018  the ISACA awareness session  was held in Baghdad.This the first time to speak about ISACA Value in Iraq.Professional from government and private sector were excited to hear about ISACA value and they started to...
Posted By : Ali099 | 1 comments
Have you experienced ransomware attack so far and, if yes, what did you do to resolve? I set up Twitter poll here: https://twitter.com/DPleskonjic/status/953608717399941120 It lasts for seven days. Thank you for taking part in the poll.
Posted By : Dragan Pleskonjic | 2 comments
Bitcoin Trade a Bubble! Block Chain Technology Useful .ISACA Members whats your Take on Bitcoin Trade, Is its a bubble that wont last long.Block chain Technology is useful and its continuously growing to as form of secure record  management and secured us...
Posted By : MUGAMBI865 | 1 comments
My personal thoughts after listening to C-level executives at the CxO Roundtable Series sponsored by Intel, IBM, HyTrust & ReedSmith. For an invite, please reach out to me. Data Protection under the GDPR For past few months, I’ve been helping to org...
Posted By : Thomas152 | 1 comments
I predict that on 1 July 2018, I will be calmly eating a barbecue sandwich, talking with friends and possibly, I will burn a copy of the RFC2246: TLS version 1.0 standard for entertainment value.  Those will less effective Vendor, Network, Systems, Applic...
Posted By : Don Turnblade | 0 comments
There is need to for ISACA through our local; chapter to allow fees to be paid in installments or split invoices given the fact that in our country - one has to find currency first and then deposit into a VISA card account. Thus i can raise my exam and ma...
Posted By : Hamadzashe | 1 comments