Audit and Assurance

Expand all | Collapse all

Cybersecurity strategy and roles-functions of CISO Audit

  • 1.  Cybersecurity strategy and roles-functions of CISO Audit

    Posted 23 Jan, 2020 13:06
    Hi!!

    I need to develop an audit program  for two topics; 1. cybersecurity strategy and 2. Roles and fuctions of CISO for a mining enterprise.
    How can measure the level requiered of cibersecurity (maturity model) to mining sector?
    Could use next:
    Cybersecurity framework (CFS) by NIST
    Crtical Security Control by SANS
    Others....

    Any ideas, please?

    Thank you


    ------------------------------
    Alejandro Ramírez Muñoz
    CISA, ISO/IEC 27001 Lead Auditor
    ------------------------------


  • 2.  RE: Cybersecurity strategy and roles-functions of CISO Audit

    Posted 23 Jan, 2020 20:55
    My two cents

    First what is that you are looking for Security Desired State
    is it Network, Operational, Application, Information etc. security or something else like IP, data, client data ... the list goes on

    then work on each of the topic how to achieve it, based on international, national and local law in alliance with your business goals , your strategy should not anyway  stop functioning for the business, it has to rather compliment and increase the value of the business.

    Use only that are of related to your business and get the cheapest of the lot price-wise not quality wise to effectively implement the security needs.


    ------------------------------
    Arvind GK
    IT Consultant
    ------------------------------