Practitioner's Guide to Business Impact Analysis Security, Audit and Leadership Series
Auteur : Sikdar Priti
This book illustrates the importance of business impact analysis, which covers risk assessment, and moves towards better understanding of the business environment, industry specific compliance, legal and regulatory landscape and the need for business continuity. The book provides charts, checklists and flow diagrams that give the roadmap to collect, collate and analyze data, and give enterprise management the entire mapping for controls that comprehensively covers all compliance that the enterprise is subject to have. The book helps professionals build a control framework tailored for an enterprise that covers best practices and relevant standards applicable to the enterprise.
- Presents a practical approach to assessing security, performance and business continuity needs of the enterprise
- Helps readers understand common objectives for audit, compliance, internal/external audit and assurance.
- Demonstrates how to build a customized controls framework that fulfills common audit criteria, business resilience needs and internal monitoring for effectiveness of controls
- Presents an Integrated Audit approach to fulfill all compliance requirements
Understanding Organizational Context. Performing a Business Impact Analysis. BIA Reporting and Commitment of Resources. Risk Assessment and Reporting. Strategic Planning, Internal Control Structure, Management Oversight, and Reporting Tools. Information Technology All Pervasive to the Enterprise. Alignment of IT with Business Requirement. Comparative Analysis of Requirements for Common Standards and Compliances. Appendix: Templates, Questionnaires, Business Impact Analysis and Risk Analysis Forms.
Priti Sikdar, FCA, CISA, CISM, CRISC, ISO 27001 LA, BS 25999 LA, PRINCE 2 (FC), has over 20 years of experience in the risk, audit and assurance sector which includes industry and profession, audit, internal audit, IT audit, compliance and risk assessments. She is a recognized trainer and speaker and author of two books on her subject. She has worked as Head of Finance for Shipping and Logistics Company. She has been Partner with Ray & Co Chartered Accountants where she performed many bank audits relating to risk based, IS audits and data migration and post-implementation audits. She was also into Sarbanes Oxley Compliance where she was performing ITGC and Revenue modules of SOX. She owned ISA Tutorials where she was teaching Chartered Accountant IT audit, IS systems and how to audit in complex technology environments. Ms. Sikdar has worked with Grant Thornton as Manager Business Risk Services where she has initiated a BS 25999 rollout, SAS 70 assignments and Enterprise Risk assessments. She was with KPMG London where she was doing IT internal audit for Financial Services sector and also was spearheading a big in-house Technology Global Services Project for six divisions of Technology within Risk & Assurance function. Ms. Sikdar has written two books;=: ‘Information Systems Audit & Security’ and ‘Management Information Systems for Final C.A.’ published by Lawpoint Publishers India. Besides, she writes articles and white papers on IS Audit and Business Continuity Planning as well as speaks at international conferences and ISACA local chapters. Her articles are carried in Indo-Swiss and Indo-US magazines and she does a lot of online mentoring for students appearing for CISA and CISM examinations. Ms. Sikdar gives online consulting for US and South Africa regions on third-party assurance, secure infrastructure building, writing of security policies and rolling out an information systems management system in line with ISO 27001 and ISO 22301 standards. A
Date de parution : 08-2021
15.6x23.4 cm
Date de parution : 06-2017
15.6x23.4 cm
Thèmes de Practitioner's Guide to Business Impact Analysis :
Mots-clés :
Business Processes; risk analysis; BIA; GRC; BCM Program; compliance; Business Continuity; control frameworks; BCM Plan; internal audit; BCM Strategy; it audit; BCM Team; Business Impact Analysis Report; Business Continuity Management System; Crisis Communications Plan; Business Continuity Programs; Business Continuity Objectives; RPO; RTO; BCM Management; Business Continuity Plan; Business Case; Workaround Procedures; Pci DSS; Improve Business Resilience; BIA Process; ASIS International; Cardholder Data; Pci DSS Requirement; Quality Risk Management Process