|
5/23/2012
 Like many others, I’ve been interested to see how COBIT would move forward with the release of COBIT 5. I am a staunch supporter of the framework for its clarity, detail and practicality. As a regular user of other frameworks and standards, I very often find myself turning to COBIT when I need to beat a path through the complexities of IT organisations and processes and give clients a clear way forward.
But there’s something missing. And that something is what I’m calling Green COBIT. I was hoping that the new framework would take a leadership position in the movement toward sustainable information technology. COBIT and ISACA are the ideal vehicles to bring IT-related environmental issues to the forefront of best practice in our industry. Instead, in COBIT 5 the subject is skirted around at best, and ignored at worst.
COBIT: Be the Green Leader
The fact is, COBIT and ISACA can and should take a leading role in the Green IT movement. What the new framework delivers in this area falls a long way short of that ideal, and this is why:
COBIT 5 recognises that some stakeholders will want long-term sustainability, but only in terms of “value.” The implication is that this is only financial value. It's not clear to the reader that this value could include environmental, rather than purely financial, sustainability.
When COBIT 5 discusses innovation and emerging technologies, there is no mention of the critical role of inventiveness in IT when it comes to transforming enterprises—and whole economies—into low-carbon centers of excellence. This at a time when huge efforts are being put into innovation in producing low-energy devices (and the standards such as EPEAT and ENERGY STAR which support them), more efficient data centers, and even Green IT qualifications such as those provided by the BCS—not forgetting, of course, that IT is an enabler of other low-energy technology processes and behaviours.
For a standard that is all about governance, there is very little recognition of the role of corporate social responsibility (CSR). True, there is a “Culture, Ethics and Behaviour” enabler, but this is essentially only about the form of our cultures and ethics in IT. I believe that there is a role for COBIT in being bolder about the content of ethical policies when it comes to CSR.
Is any of that stuff really important in “delivering value”? I refer readers to the recent Apple/FOXCONN debacle to judge for themselves.
Green Policies and Culture
COBIT 5 talks a little about “Policies and Culture,” and of course this is the area where Green IT is born and grows in organisations. But there is no explicit guidance on the development of sustainable IT policies or behaviours, and this is a wasted opportunity.
Again, “Environment” is recognised as a stakeholder driver, but only in the context of “compliance with external laws and regulations.” Given the situation in terms of political instability in Europe, financial meltdown in the west as a whole, massive industrialization in developing countries, and worrying changes in the global climate, compliance with the law is not nearly enough for enterprises that want to lead.
The 17 COBIT enterprise goals recognize financial, customer, internal, and learning and growth dimensions. There is no dimension of social responsibility or a correlating IT goal of sustainability.
Green COBIT: An Idea Whose Time Has Come?
It would be unfair to criticize COBIT 5 for failing to deliver something that it never sought to achieve in the first place, and I remain a staunch supporter of the framework. But now is the time to recognise that we have to get specific about Green IT and the primacy of ethics and social responsibility in enterprises. The idea of Green COBIT could lead where others only follow.
Dan McCarthy
Managing Director, Verax Consulting
Blogger, About Green IT
Note from COBIT 5 Task Force Co-Chair, Derek Oliver:
The COBIT 5 Task Force completely agrees with the importance of green IT issues. I am confident that we reflected this importance in COBIT 5 as there are 17 IT-related goals (see figure 7, page 17, of COBIT 5: Enabling Processes) that can address this. When an enterprise is determining how it will conduct asset and resource management, it can define any of these as it sees fit, whether for green IT, sustainability, privacy, etc. The goals cascade in COBIT 5 works well to support these objectives. The enterprise and IT-related goals stemming from the stakeholder needs result in specific goals structured in alignment with the Kaplan Balanced Scorecard (BSC) model, which uses Financial, Customer, Internal, and Learning and Growth dimensions. COBIT 5 focuses on stakeholder drivers, which lead to stakeholder needs. If green IT issues are designated as a stakeholder need in an enterprise, COBIT 5 will steer the enterprise towards meeting that need.
We welcome your comments! Please log in using the Sign In link at the top right of this page and then leave your comment in the box at the end of the post.
To view all blog posts, please click on the ISACA Now link in the blue box on the left. 5/22/2012
 Today’s mobile device users are demanding to access data from anywhere at any time. In fact, according to an annual ISACA survey on BYOD security, the use of mobile applications has nearly tripled since last year’s survey, and two-thirds of employees aged 18 to 34 have a personal device they use for work purposes. Meanwhile, businesses are trying to reduce costs and simplify desktop management.
Virtualized desktop infrastructure (VDI) allows users to access applications and data securely from remote locations with minimal risk of data loss, while simplifying desktop management within the traditional boundaries of the enterprise.
To help enterprises realize the benefits of VDI adoption and understand the security concerns associated with it, ISACA today issued a white paper–Virtualized Desktop Infrastructure–available as a free download. The paper provides strategies to manage VDI threats and actions that can help with its adoption.
“A new, virtual way of working is shaping the world and affecting IT environments,” said Nikolaos Zacharopoulos, CISA, CISSP, IT auditor for Geniki Bank, Greece, and chair of ISACA’s project-development team for the white paper. “VDI can help increase productivity and reduce costs, but enterprises need to carefully consider the risk involved with it and plan accordingly. This white paper is a road map for that.”
Here Nikolaos addresses a few topics related to the white paper:
What are the benefits from VDI?
VDI reduces downtime, speeds the resolution of problems, improves manageability and control, and helps IT maintain security and data protection.
Are there any threats associated with the introduction of VDI?
There are a number of threats:
Visibility—Fast provisioning is both a benefit and a risk. Faster desktop deployment may cause the enterprise to lose visibility of every asset that must be protected.
IT governance complexity—Effective governance requires the establishment of new policies and procedures to account for all virtual assets and ensure their compliance with security practices.
Single point of failure—Having one server host multiple virtual desktops represents a single point of failure for the user community that is depending on that server.
Shielding critical desktops—Critical virtual desktops must be segregated from the regular pool to prevent unauthorized access and exposure to malicious software.
How can the risks be controlled?
Although use of VDI simplifies desktop management, it also introduces new risk. Assurance professionals should ensure that there are at least the same security controls in place for virtualized operating systems as there are for those same operating systems when they run directly on hardware.
The assurance professional should ensure that the virtual environment is secure and in compliance with all relevant regulation. Furthermore, the assurance professional should ensure that appropriate controls and infrastructure are in place to ensure continuity of service as the desktops are centralized and move away from the end users. Centralization, along with dependence on the connection to the data center/cloud, creates the risk of a single point of failure.
Nikolaos Zacharopoulos, CISA, CISSP
IT auditor for Geniki Bank, Greece
We welcome your comments! Please log in using the Sign In link at the top right of this page and then leave your comment in the box at the end of the post.
To view all blog posts, please click on the ISACA Now link in the blue box on the left. 5/21/2012
 My recent visit to ISACA’s international headquarters was just a month after the release of COBIT 5. It brought back some fond memories. COBIT 5 actually has roots that extend more than 40 years back to a group of 25 professionals who met in Los Angeles, California, USA, for the first time in January 1972 and reorganized the EDP (Electronic Data Processing) Auditors Association (EDPAA), now known as ISACA. The association had previously been incorporated in 1969, but operated in an informal manner. Meetings were held irregularly, were partly social, and provided little if any formal professional activities such as training, publications or research.
In the January 1972 meeting we elected a slate of officers (Gene Frank as president and myself as executive vice president) and established regular meetings, dues and a formalized organizational process. Soon after, we developed the first issue of The EDP Auditor Journal (which is now known as ISACA Journal).
 During 1972 and 1973 we discussed how our new organization could contribute to the newly emerging profession of EDP auditing. Voila! Why not a set of standards? Better yet, a set of control objectives; something that would not say how to do it, but rather outline from an organizational perspective what system of controls should be established and what should be included.
As one of my first acts as president in 1973, I established a Standards Committee to begin formal work on a document called Control Objectives. Our first meeting was held in November in Los Angeles, and we decided to present an outline of Control Objectives at the 2nd National Conference in Chicago, Illinois in June 1974. We did just that.
Just as COBIT 5 has expanded the purpose and direction from the original Control Objectives, ISACA too has come a long way. But its driving force is still the same: it provides guidance that helps professionals address real, practical issues and challenges. As before, imagination, patience and intelligence are key ingredients to doing well at our jobs.
Many comments that I made in my 8 June 1973 speech when accepting the position of president of EDPAA still ring true. I tried to impress upon attendees that there is no uniform measure of risk—risk acceptable in one company might be intolerable in another. In addition, risk assessment is not our only function—we have to be able to apprise management of opportunities to improve systems, thereby maximizing the company’s return on its investment in EDP.
When I emerged from the elevator at the international headquarters recently, my remarks from nearly four decades ago were reaffirmed. On the wall across from me were words that echo my 1973 speech: ISACA’s current tagline—Trust in, and value from, information systems.
If I were to give a similar speech today, my closing comments from 39 years ago would remain unchanged—except for the name of the association, of course:
I believe that the EDP Auditors Association has something to offer—to ourselves, both individually and collectively—to our respective companies, to the jobs we have and the work we perform, and to other professional groups that are genuinely interested in improving our business and professional community.
The rewards for our efforts? Henry Ward Beecher said, ‘There never was a person who did anything worth doing who did not receive more than he gave.’
And so, I invite you to join me in continuing to build our association.
Howard “Bud” Friedman
Past International President, ISACA, 1973-1974
We welcome your comments! Please log in using the Sign In link at the top right of this page and then leave your comment in the box at the end of the post.
To view all blog posts, please click on the ISACA Now link in the blue box on the left. 5/18/2012
 The growth and vibrancy of ISACA is truly remarkable. As a former board member and president of an ISACA chapter in Australia, it is indeed gratifying to know that our network of local professionals is tied into a global network of professionals focused on trust and value over information and information technology.
Many of the issues we deal with locally or throughout Australia are issues that ISACA members and constituents are dealing with around the globe. ISACA members are lucky to have this unbelievable, dynamic network as well as many volunteer groups to call on for assistance.
Our members may not know that in addition to membership, certification and knowledge (professional-development efforts), ISACA has several committees dedicated to professional advocacy. These committees are charged with increasing ISACA’s awareness and influence in government and regulatory non-profits similar to ISACA, in addition to for-profit enterprises. ISACA’s Government and Regulatory Advocacy (GRA) committee, which is part of the broader Relations activities at ISACA, has a regional focus with five subcommittees covering each region.
In my role as the GRA committee chairman it is my responsibility (among other things) to ensure all of the five subcommittees are driving toward our goals and objectives. The Government and Regulatory sector represents 8% of members and continues to grow in terms of size and relevance. My chapter, like many in the ISACA global network, has some members who make their living employed with their local, regional or national government. Some are longtime members and hold one or more ISACA credentials and have even embraced or adopted use of COBIT.
Yet I would be the first to admit that we need to do much more to advocate directly to regulators and other departments on raising awareness about ISACA member capability and credibility, in addition to the value of ISACA credentials and the robustness of ISACA knowledge (COBIT).
The GRA committee is charged to “identify and support activities required to build, maintain and leverage a highly effective governmental and regulatory advocacy program targeted at national, regional and local levels.” This is in line with one of ISACA’s strategic goals, to “expand government outreach activities to increase ISACA’s continued relevance.” By communicating and working in tandem with ISACA chapters, the GRA subcommittees are determined to continue raising awareness with six areas of focus within governments worldwide. These areas of focus are Reserve Bank Supervisory Authorities, National Audit Organizations, and those agencies and branches dealing with Cybersecurity, Privacy, Healthcare and IT Workforce Skill Development.
In future blog posts, members of the regional GRA subcommittees will highlight some of the many successful ISACA advocacy outcomes that have occurred in the government and regulatory sector due to the fantastic work and dedicated diligence of ISACA chapters and members. Of course, all ISACA members are invited to contact regional GRA subcommittee members to let them know about activities or potential opportunities they are aware of related to advocacy with regulators and governments. You can do that by emailing GRA@ISACA.org.
Andrew MacLeod, CISA
Chief Internal Auditor—Brisbane City Council
ISACA Chair—GRA Committee and member of Relations Board
We welcome your comments! Please log in using the Sign In link at the top right of this page and then leave your comment in the box at the end of the post.
To view all blog posts, please click on the ISACA Now link in the blue box on the left. 5/11/2012
 Any organization is a potential victim of cybercrime and its sensitive/confidential information can be targeted at any time. Whether these crimes are detected and executives act on them varies situation by situation. (And even in cases where executives decide to prosecute, information gathered to pursue cases is often insufficient. I recommend assessing the current status to get a clear view of the exposure and the impact on the organization and its operations.)
Whether prosecuting or not, it is then critical to implement preventive measures and detection mechanisms while establishing a cybersecurity-response team that can gather data and monitor the situation.
In this respect, compliance with relevant COBIT guidance is not a goal in itself nor a guarantee that your organization is protected. It is a minimal starting point to properly address management’s involvement in protecting assets and operations from cybercrime. With proper cybersecurity safeguards, detection measures and reporting mechanisms, your organization can rely on outside help should an attack occur.
External resources are more likely to get involved in cases with a reasonable chance of resolving the cybercrime and prosecuting the offenders. (This will also help with management’s accountability as to diligently responding to any cyberthreat.)
What you do not know is what will harm the most. So again, I stress the need to assess risk and make timely decisions. Take care not to implement additional weaknesses in this process. Stay vigilant and keep yourself informed of new trends in cybercrime in your industry or operational environment.
Make contact with allies and meet with authorities and cybercrime experts. Cooperation can only help you in this regard.
In that vein, I hope you can join me at ISACA’s World Congress—INSIGHTS—in San Francisco this June. We’ll be discussing cybersecurity at length, touching on many of the issues raised above.
Marc Vael, Ph.D., CISA, CISM, CGEIT, CISSP
Chief Audit Executive, SMALS, Belgium
We welcome your comments! Please log in using the Sign In link at the top right of this page and then leave your comment in the box at the end of the post.
To view all blog posts, please click on the ISACA Now link in the blue box on the left. 5/8/2012
 It’s been about a month since ISACA unveiled COBIT 5, and the response to the new framework has been overwhelming. As I write this post, more than 63,000 PDFs of the three COBIT 5 publications have been downloaded. We’ve seen great enthusiasm from ISACA members, other industry professionals, bloggers, analysts and the media.
Many news articles are discussing COBIT 5. A Q&A in Dark Reading featured ISACA volunteer Robert Stroud, CGEIT, CRISC, exploring the five ways ISACA updated the COBIT framework. In his Forrester Research blog, analyst Stephen Mann wrote “...I can’t help but think that the focus of this new incarnation and the introduction of an associated online collaborative community can only help to build not only industry awareness and adoption but also its content and relevancy in what is an ever-changing IT and business environment.” CIO Insight recently developed a COBIT 5 slide show, and India’s CIONext.com featured a COBIT 5 interview with ISACA International Vice President Niraj Kapasi, CISA, FCA. I encourage you to visit the COBIT 5 news page to view other recent articles featuring COBIT.
The news was also shared in social media outlets. As ISACA counted down to the launch on its web site and Facebook page, fans and followers joined the conversation. As an example, one Twitter user tweeted, “#COBIT 5 is a huge step forward from 4.1 and I will use it with my customers.” (The Twitter ticker that displays COBIT messages on the COBIT 5 web page constantly refreshes with new comments, and I encourage you to follow ISACA on Twitter.)
Some ISACA members lent their voices to the ISACA Now blog, contributing a series of posts offering the unique perspective of veteran users of the framework. Robert Stroud provided a comprehensive look at the nuts and bolts of COBIT 5 (“COBIT 5 is simply Brilliant!” responded one commenter). Derek Oliver explored how the framework has evolved through the years. And Timothy Hediger contributed a blog post about the relationship of COBIT and fraud management.
Additionally, a team of COBIT experts made themselves accessible via discussion boards in our Knowledge Center and at our COBIT (Official) and ISACA (Official) LinkedIn pages. Members and other IT and business professionals have been posing questions and engaging in discussions.
The experts are still monitoring those communities, so you are welcome to visit those sites and join the conversations.
I am very excited about the availability of COBIT 5 and I’m glad to see that so many others are, too. I’m looking forward to continuing the conversation as those who access the new framework learn the benefits of it and begin to implement its principles. (Please share your thoughts in the comments section below.)
I hope you share my excitement as you explore the new framework.
Patrick Stachtchenko, CISA, CRISC, CGEIT, CA
Chairman of the Framework Committee, ISACA
Past International President, ISACA
We welcome your comments! Please log in using the Sign In link at the top right of this page and then leave your comment in the box at the end of the post.
To view all blog posts, please click on the ISACA Now link in the blue box on the left. 5/3/2012
Each year, ISACA conducts a member needs survey, so we can clearly understand what members need and expect from the association. We have received the statistics from the 2011 survey and are gratified by the results. The survey, completed by 4,346 members (an 8% response rate), revealed that:
· Overall satisfaction with ISACA increased from the previous year.
· The level of satisfaction with chapter-level education and networking increased from 2010 levels.
· Use of the ISACA Bookstore and ISACA Standards increased, and ISACA conferences were rated as superior to the conferences of others with regard to providing relevant subject matter.
· ISACA’s customer service received the highest-ever ratings.
It is probably no surprise, then, that ISACA’s renewal rate is at an all-time high as well: just a bit more than 81% globally. Clearly, ISACA members value their membership to an unprecedented degree.
We appreciate all the effort that goes into achieving these extraordinary results. Guided by our volunteer leaders, there is a well-planned and focused effort to provide members value above and beyond expectations. That effort relies on a high-performing organization.
Over time, ISACA has created a structure that supports everyone giving their best. The volunteer leaders use their experience and expertise in professional and business matters to ensure that their focus on strategy is productive and insightful. The staff supports those efforts by ensuring smooth, effective and efficient execution against the strategy.
Those two components, working hand in hand, have enabled a tradition of producing good results for member benefit.
And, it is interesting to note that—based on some benchmarking completed recently—ISACA manages to create these outcomes while maintaining very favorable and efficient operating ratios. These levels of expenditure are carefully calculated to ensure that there are minimal impediments to achieving success. When people know those roadblocks will be minimized, they are happy to become engaged. As a result, we are fortunate to enjoy the services of great talent within the ISACA family.
Bottom line, we are in the midst of what appears to be another good year for ISACA. Underpinned by this strong foundation, we can aggressively pursue the extension of our strategic aspirations.
Susan M. Caldwell
CEO
ISACA
We welcome your comments! Please log in using the Sign In link at the top right of this page and then leave your comment in the box at the end of the post. To view all blog posts, please click on the ISACA Now link in the blue box on the left. 4/23/2012
We love our smartphones…oh, the fun, the functionality…but what about our privacy? But we still go on loving them! This is one of the key themes from the recent geolocation study conducted by ISACA, which polled 1,000 U.S. consumers and found that 58 percent of smart-device owners use location-based apps, despite having concerns about those apps infringing on their privacy.
Depending on how much information they are sharing, users’ concerns ranged from too much marketing, lack of privacy and even physical assault (read about the Girls Around Me app here). On the question of whether user agreements address these concerns, the answer is mixed: but certainly the consensus is that they don’t go far enough - 25 percent believe the agreements are not clear about how location information about them is being used!
But there are upsides to geolocation, including apps that offer precise navigation, location-based coupons and easy information sharing through features like social check-ins. And the appeal of geolocation is growing; nearly one-third (32%) of consumers in ISACA’s survey use location-based apps more than they did a year ago.
Users should educate themselves so they can understand how their information is being used. They should also learn how to disable location-based features. Of course, businesses that collect location-based data have a responsibility, too. They need to define an ethical governance policy and communicate it transparently.
Getting informed about geolocation is easy for those willing to invest a little time to protect themselves. ISACA has created a simple acronym—ROUTE—to educate location-based app users:
For a deeper analysis, look to ISACA’s recently published white paper on geolocation—developed by my colleague and fellow ISACA volunteer Ramsés Gallego—which you can find here. You can also view a series of geolocation video segments from Ramsés here.
Geolocation is a big issue that is increasingly grabbing headlines. In recent weeks a number of publications, including the Washington Post, produced articles based on ISACA’s geolocation study.
This blog’s readers—mainly IT professionals such as yourself—are likely more knowledgeable about geolocation and location-based apps than the average user, and more likely have a deeper understanding of the perils and possibilities afforded by them.
But we IT professionals are smartphone users, too. And like those hundreds of smartphone owners who participated in the ISACA study, I, too, have my concerns about privacy.
Marios Damianides, CISA, CA, CPA
Partner, Ernst & Young, USA
Past International President, ISACA
We welcome your comments! Please log in using the Sign In link at the top right of this page and then leave your comment in the box at the end of the post. To view all blog posts, please click on the ISACA Now link in the blue box on the left.
4/20/2012
COBIT 5 launched just over one week ago, and already the three COBIT 5 documents have been downloaded more than 46,000 times. Clearly, the interest level is high, and with that, we are receiving many requests for training and information.
To help shed light on COBIT 5 training, ISACA will be offering two free webinars in May:
· A COBIT 5 Overview—3 May
· 5 Essential Facts About COBIT 5—10 May
Additionally, many COBIT 5 sessions and discussions will be offered at North America CACS in Orlando this May:
· Introduction to COBIT 5
· Comparing COBIT 4.1 to COBIT 5
· Migrating to COBIT 5 for Auditors
North America CACS will also feature a great new area—the COBIT Lounge—where COBIT 5 subject matter experts will answer your questions face to face, and give you guidance you can apply directly in your enterprise.
I personally invite you to join me at North America CACS this year. ISACA has a lot of exciting things planned for the conference, and you’ll have the opportunity to network with dozens of speakers and several hundred of your peers. (See my video here for additional conference highlights.) I hope to see you there!
Ken Vander Wal, CISA, CPA
International President, ISACA and the IT Governance Institute
We welcome your comments! Please log in using the Sign In link at the top right of this page and then leave your comment in the box at the end of the post. To view all blog posts, please click on the ISACA Now link in the blue box on the left. 4/13/2012
Do you know ISACA and IIA have already seen convergence?
In October 2010, Richard Chambers of the IIA and Susan Caldwell of ISACA signed an agreement in which there was to bring a heightened level of cooperation between the two organizations. Some of these areas included conducting jointly sponsored events, creating education programs, local chapter cooperation, and—in my opinion, the most important—“...coordinating and promoting unified messages and responses to standards setters, regulators and legislators globally, and providing them with information regarding best practices.”
So, convergence has happened at the ISACA/IIA level. Will we see more? Yes, I believe so, in part because of declining budgets in audit departments—thus driving the professional membership organizations to act. However, there is an additional, more strategic, point to make about convergence; there is a natural relationship among COBIT, COSO and fraud management. There is a symbiotic relationship for information technology and fraud professionals, just like there is an interdependent collaboration between IT and finance.
So, where are we seeing convergence in action?
We’re seeing it, most appropriately, in smaller audit organizations. Large audit shops can take years to change—a bit like turning a cruise liner. Pint-sized departments are like tugboats, tiny on the outside and extremely powerful inside. A great example of small-department convergence comes from Mission Healthcare, located in a small Appalachian valley in western North Carolina. The company may be close to the fictional town of Mayberry, but it is far from conservative in its internal audit structure. In its traditional areas, the company has only two line auditors, one director and one executive. The executive and director have two responsibilities: health compliance and audit. This leaves the auditors to multitask in the most extreme way. Mission Healthcare does something innovative in not only calling its auditors “IT and internal auditors”, but also allowing its auditors the flexibility and freedom to move between those environments. In fact, one of the company’s CISA-certified auditors is also a Certified Fraud Examiner, adding a fraud expert to the team. Operating under this environment is a positive for Mission Health because the company has developed internal audit, IT audit and fraud examination skills for its audits and investigations. Mission Healthcare has no room for excess; they need to execute. Convergence makes it happen.
A final item that is also clear about convergence: internal audit departments are being squeezed on deliverables beyond just cost—from management reports to personnel requests. Auditors are now obtaining skills that are beyond internal audit traditional silos, a bit like an army of Davids. Senior management demands better, more holistic reports to understand risk.
Convergence is here to stay. Are you on board?
Timothy Hediger, CISA, CIA, CFE, CCSA, ACDA, DoD IASO
Owner and Consultant
Polaris Risk Services, LLC
We welcome your comments! Please log in using the Sign In link at the top right of this page and then leave your comment in the box at the end of the post. To view all blog posts, please click on the ISACA Now link in the blue box on the left. | Copy Item to All Language Codes | | Lists/SqtResources/AllItems.aspx | 0x0 | 0x0 | ContentType | 0x01009AF1BC4E56474a80B49512D1B30D6EEC | 225 | | Manage Subscriptions | /_layouts/images/ReportServer/Manage_Subscription.gif | /Knowledge-Center/Blog/_layouts/ReportServer/ManageSubscriptions.aspx?list={ListId}&ID={ItemId} | 0x80 | 0x0 | FileType | rdl | 350 | | Manage Data Sources | | /Knowledge-Center/Blog/_layouts/ReportServer/DataSourceList.aspx?list={ListId}&ID={ItemId} | 0x0 | 0x20 | FileType | rdl | 351 | | Manage Parameters | | /Knowledge-Center/Blog/_layouts/ReportServer/ParameterList.aspx?list={ListId}&ID={ItemId} | 0x0 | 0x4 | FileType | rdl | 352 | | Manage Processing Options | | /Knowledge-Center/Blog/_layouts/ReportServer/ReportExecution.aspx?list={ListId}&ID={ItemId} | 0x0 | 0x4 | FileType | rdl | 353 | | View Report History | | /Knowledge-Center/Blog/_layouts/ReportServer/ReportHistory.aspx?list={ListId}&ID={ItemId} | 0x0 | 0x40 | FileType | rdl | 354 | | View Dependent Items | | /Knowledge-Center/Blog/_layouts/ReportServer/DependentItems.aspx?list={ListId}&ID={ItemId} | 0x0 | 0x4 | FileType | rsds | 350 | | Edit Data Source Definition | | /Knowledge-Center/Blog/_layouts/ReportServer/SharedDataSource.aspx?list={ListId}&ID={ItemId} | 0x0 | 0x4 | FileType | rsds | 351 | | View Dependent Items | | /Knowledge-Center/Blog/_layouts/ReportServer/DependentItems.aspx?list={ListId}&ID={ItemId} | 0x0 | 0x4 | FileType | smdl | 350 | | Manage Clickthrough Reports | | /Knowledge-Center/Blog/_layouts/ReportServer/ModelClickThrough.aspx?list={ListId}&ID={ItemId} | 0x0 | 0x4 | FileType | smdl | 352 | | Manage Model Item Security | | /Knowledge-Center/Blog/_layouts/ReportServer/ModelItemSecurity.aspx?list={ListId}&ID={ItemId} | 0x0 | 0x2000000 | FileType | smdl | 353 | | Regenerate Model | | /Knowledge-Center/Blog/_layouts/ReportServer/GenerateModel.aspx?list={ListId}&ID={ItemId} | 0x0 | 0x4 | FileType | smdl | 354 | | Manage Data Sources | | /Knowledge-Center/Blog/_layouts/ReportServer/DataSourceList.aspx?list={ListId}&ID={ItemId} | 0x0 | 0x20 | FileType | smdl | 351 | | Load in Report Builder | | /Knowledge-Center/Blog/_layouts/ReportServer/RSAction.aspx?RSAction=ReportBuilderModelContext&list={ListId}&ID={ItemId} | 0x0 | 0x2 | FileType | smdl | 250 | | Edit in Report Builder | /_layouts/images/ReportServer/EditReport.gif | /Knowledge-Center/Blog/_layouts/ReportServer/RSAction.aspx?RSAction=ReportBuilderReportContext&list={ListId}&ID={ItemId} | 0x0 | 0x4 | FileType | rdl | 250 | | Edit in Browser | /_layouts/images/icxddoc.gif | /Knowledge-Center/Blog/_layouts/formserver.aspx?XsnLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | FileType | xsn | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /Knowledge-Center/Blog/_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /Knowledge-Center/Blog/_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document.2 | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /Knowledge-Center/Blog/_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document.3 | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /Knowledge-Center/Blog/_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document.4 | 255 | | View in Web Browser | /_layouts/images/ichtmxls.gif | /Knowledge-Center/Blog/_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&DefaultItemOpen=1 | 0x0 | 0x1 | FileType | xlsx | 255 | | View in Web Browser | /_layouts/images/ichtmxls.gif | /Knowledge-Center/Blog/_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&DefaultItemOpen=1 | 0x0 | 0x1 | FileType | xlsb | 255 | | Snapshot in Excel | /_layouts/images/ewr134.gif | /Knowledge-Center/Blog/_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&Snapshot=1 | 0x0 | 0x1 | FileType | xlsx | 256 | | Snapshot in Excel | /_layouts/images/ewr134.gif | /Knowledge-Center/Blog/_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&Snapshot=1 | 0x0 | 0x1 | FileType | xlsb | 256 |
|
|
|
This blog is intended to offer a way for ISACA leaders, constituents and staff to exchange information of interest pertinent to the association, the business environment and/or the profession.
The comments on this site are the author’s own and do not necessarily represent ISACA’s opinions or plans. ISACA does not endorse, monitor or control any links to external sites offered in this blog, and makes no warranty or statement regarding the content on those external sites.
Anyone posting comments on this site should ensure that the content remains on-topic and steers well clear of any statements that could be considered insensitive, offensive or threatening. Given ISACA’s global nature, the need to communicate in a way that is accessible and acceptable to many cultures should be taken into account. ISACA retains the right, at its sole discretion, to refuse content that is considered inappropriate.
To volunteer to write a blog or suggest a topic send an email here.
|
|
|
|
|