ACF2400 Lecture Notes - Lecture 5: Smart Card, Face Id, Log Analysis

Cobit 5 is the only business framework for the governance and management of enterprsie it. Organise it-related controls into 5 principles that contribute to systems reliability: There are two fundamental concepts regarding security. 1: security is a management issue, not a technology issue. Senior management needs to be invloved in all phases of the security life cycle. Coso emphasizes the importance on (cid:862)to(cid:374)e of the top(cid:863) to: What is security life cycle?it is a method of initiating & maintaining a security plan. It involes 4 steps: the time-based model of information security. P is time it takes an attacker to break through preventive control. D is time takes to detect an attack is in progress. C is time it takes to respond to the attack and take corrective action. The objective is to employ a combination of preventive, detective & corrective controls to protect information assets long enough to detect and make corrections.