Information Systems Auditor : CISA notes

Information System Audit and Control Association (ISACA)

CISA - Certified Information Systems Auditor

CISM - Certified Information Security Manager

CGEIT - Certified in the Governance of Enterprise IT

CRISC - Certified in Risk and Information Systems Control

1: Auditing information systems for IS auditors.

2: Information Technology Governance and Management for IS auditors.

3: Information Technology life cycle for IS Auditors.

4: IT Operations, Maintenance and Service Delivery for IS auditors.

5: Information asset protection for IS auditors.

Each domain has job practice areas and knowledge statements.

Domain 1 - Information System Auditing Process (21%) 

Domain 2 - Governance and Management of IT (17%) 

Domain 3 – Information Systems Acquisition, Development and implementation (12%) 

Domain 4 - Information Systems Operations and Business Resilience (23%) 

Domain 5 – Protection of Information Assets (27%

Organizational concepts

Policies / Procedures/ Standards/ Guidelines.

CISA Exam

150 questions / 4 hours

ISACA Exam Candidate information guide

https://www.isaca.org/-/media/files/isacadp/project/isaca/certification/general/exam-candidate-guide-continuous-testing.pdf?la=en&hash=EF40E6FD3BE8410F62D4F061B9703378B6368D00

Books to refer

CISA All in One Guide (Mc Graw Hill)

Desirable Features for Currency Management System

Currency Management is used primarily by Banks and Financial Instituitons for the following.

An overview on ELK Stack - Beats

An overview on ELK Stack - Beats 

===========================

What are Beats ? 

Beats are Lightweight data shippers; Beats is a free and open platform for single-purpose data shippers. They send data from hundreds or thousands of machines and systems to Logstash or Elasticsearch.

Filebeat ==>  Real-time insight into log data.

Packetbeat ==> Analyze network packet data.

Winlogbeat  ==> Analyze Windows event logs.

Metricbeat==> Ship and analyze metrics.

Heartbeat ==> Ping your Infrastructure.

Auditbeat ==> Send audit data to Elasticsearch.

Functionbeat ==> Ship cloud data with serverless infrastructure.

Journalbeat ==> Analyze Journald logs.

Courtesy :: https://www.elastic.co/downloads/beats

How to Choose a CRM suite for Commodity Trading

How do you make the Right CRM Decision in a Commodity Market?

Learn How in this Report

Ok, you are looking for a CRM solution for your business.  You have surveyed the market reviewed and tested a dozen or more CRM software solutions and you are still not comfortable in making a decision.  In fact you’re frustrated and you are not alone.

The CRM software sector may be one of the most competitive in any industry. There are literally hundreds of CRM solutions available from desktop programs that run on your personal computer to cloud based ones that operate over the Internet. What’s most troubling is how hard it is to differentiate one from another.  Other than price and term of contract they all seem the same.  I understand and hear this every day.  As an executive of a leading CRM Solution Provider I can assure you that every CRM solution is not the same. Certainly most CRM solutions offer similar functionality. That’s a given, but there are other things to consider during the decision process other than features and price.

Outlined below are “7 Points to Consider before Making Your CRM Decision”.  I hope you find this valuable and that it helps you to make the best CRM decision for your business.

1) Select a mature solution provider

With today’s economic uncertainty, it’s extremely important to select a solution provider with a trusted reputation and long-standing track record for delivering high quality products and services in your industry. There are no guarantees today, but a company that has been in business for a decade or more with an established customer base is clearly a safer bet than the one that’s just getting started.  It’s also a good idea to research the vendor’s customer base and ask for references that can discuss the provider’s commitment to quality customer service and product enhancements.

2) Know your requirements beforehand

Don’t make your selection of a CRM solution a beauty contest. Take the time to document the core requirements that you are looking for and make sure you fully understand the workflow of your internal business processes. Smaller businesses tend to lose sight of this during the evaluation process and become too focused on cosmetic appearance and price. As a result, they are often disappointed in the product’s inability to support the unique business requirements that were not part of the initial demonstration.

3) Where’s my data?

Your customer information is your lifeline. Without it you’re out of business. Don’t be afraid to ask where your data is being hosted and by whom. Most vendors utilize a third party service to host your data. Ask who they use and check into the company’s track record for performance and reliability. You may also want to inquire about backup and recovery along with their procedures for obtaining your data should you discontinue the service. This is one of the most important yet overlooked aspects of your CRM decision process.

4) Scalability

Your business is going to grow. If you didn’t believe this you wouldn’t be in business.  I stated earlier that there are a myriad of CRM product offerings available. I didn’t say they could all meet your current and future business requirements.  In fact, many are designed for very small businesses and will not perform well when pushed to higher levels of utilization.

Make sure the product incorporates a comprehensive set of applications even if you are not planning to utilize them today. Furthermore, make sure the solution you select has been proven to perform at two to three times the current number of users you plan to have.

5) Back-end integration

While this may not be your top priority, CRM is the front-end to all backend processes and sooner or later you are going to want to integrate customer data with your accounting or ERP system. Make sure the vendor you are most interested in offers an application programming interface or API that enables back-end integration.

6) Select a partner not a vendor

If you have made a decision to implement a CRM system because you are committed to becoming a more effective sales and service organization, then you need to select a partner to assist you not a vendor.  A partner will provide you with a proven implementation plan and best practices to ensure that you realize the maximum value from their solution. A vendor will sell you their solution then suggest you send an e-mail if you require help. CRM is not a toy or an electronic gadget that you simply plug in the wall.  You will require professional assistance from the CRM provider in order to maximize the value of any CRM solution.  Make sure you select a partner who has a solid track record for providing this level of support.

7) Stay away from free

Nothing good comes out of free. Not good products and not good services.  A world class product from a trusted solution provider who can…

• protect your data with a reliable hosting service
• provide a high level of performance
• offer scalability and growth
• enable back-end integration
• and partner with you to ensure your business objectives are met

… isn’t cheap and doesn’t come free.

This is an important decision for your business and the difference between a top rated trusted solution provider and a low cost one may be just a few dollars a month.

About the author: Larry Caretsky is President and CEO of Commence Corporation, a leading provider of cloud based online CRM software. Comments about this article may be sent to sales@commence.com.

Full credits for the following url ::

https://www.commence.com/blog/2012/07/20/how-do-you-make-the-right-crm-decision-in-commodity-market/

SIEM Implementation Steps

SIEM Solution Set Steps

Read the Executive Brief

• Select and Implement a SIEM Solution – Executive Brief

Security Information and Event Management (SIEM) technology provides a great deal of visibility into an organization’s networks and can identify extremely sophisticated threats.

Use this Executive Brief to help make your case to:

• Launch the SIEM project.
• Select a SIEM solution.
• Plan the SIEM implementation.

• Select and Implement a SIEM Solution – Phases 1-3

Security Information and Event Management (SIEM) technology provides a great deal of visibility into an organization’s networks and can identify extremely sophisticated threats. Review the SIEM vendor market space and determine which vendor is right for your organization.

This SIEM project will allow you to:

• Review an offer of the overall SIEM market.
• Collect requirements for your organization and determine relevant use cases.
• Create a selection strategy.
• Review the Vendor Landscape of the main SIEM players.
• Create and evaluate RFPs after shortlisting your vendors.
• Create an implementation plan after your solution has been selected.

Use Info-Tech’s research to gain more insight into which vendors and products are appropriate for your business, and follow our implementation plan to ensure that you are set up for success.

Launch the SIEM selection project and collect requirements

• Select and Implement a SIEM Solution – Phase 1: Launch the SIEM Project

This phase of the Select and Implement a SIEM Solution blueprint will help you:

• Assess value and identify fit.
• Build the procurement team and project plan.
• Identify your requirements for the SIEM.

Use Info-Tech’s research to gain more insight into which vendors and products are appropriate for your business, and follow our implementation plan to ensure that you are set up for success.

• SIEM Procurement Project Charter Template

Use this project charter template to ensure the following components of your project are scoped and identified prior to the launch of your project:

• Identification of project stakeholders
• Identification of a project sponsor and a project manager
• Selection of the project team
• Delineation of roles and responsibilities within the team
• Creation of project oversight
• Creation of a project plan
• Mapping of project timelines and milestones
• Allocation of project costs and budget
• Risk management planning

Following a completion of these steps, receive approval to launch your SIEM selection and procurement project by receiving sign-off from the necessary executives or oversight committee. 

• SIEM Appropriateness Tool

This tool aims to help the enterprise determine whether or not a Security Information and Event Management (SIEM) technology is appropriate for the organization.

This tool will:

• Review your organization’s current status for a SIEM through a questionnaire.
• Indicate the level of need for a SIEM solution.

The final indications in the tool will help you as you move forward in your product/vendor selection process and in determining cost.

• SIEM Use-Case Fit Assessment

Info-Tech's SIEM Vendor Landscape is built around five functional use cases regarding SIEM technology: Threat Management, Compliance Management, Management of Security Events, SIEM Small Deployment, and Risk Management. Identify your own organization's alignment to these use-case scenarios using this tool. This tool contains:

• A questionnaire for IT and business requirements
• A results tab based on your answers to the questionnaire

If your responses indicate that you fit several use cases, focus on vendors that also fit those use cases.

Select a SIEM solution

• Select and Implement a SIEM Solution – Phase 2: Select a SIEM Solution

This phase of the Select and Implement a SIEM Solution blueprint will help you:

• Produce your vendor shortlist.
• Select your SIEM solution.

Use Info-Tech’s research to gain more insight into which vendors and products are appropriate for your business, and follow our implementation plan to ensure that you are set up for success.

• SIEM RFP Template

A Request for Proposal (RFP) is a formal invitation issued by an organization asking interested vendors to submit written proposals meeting a particular set of requirements. This RFP template comes populated with crucial selection considerations including:

• The Statement of Work
• Proposal Preparation Instructions
• Scope of Work, Technical Specifications, and Functional Requirements
• Vendor Qualifications & References
• Budget & Estimated Pricing
• Vendor Certification

A detailed RFP saves time in the selection process and ensures that you select the best solution for the organization.

• SIEM Suite Evaluation and RFP Scoring Tool

A key component of any evaluation is a Request for Proposal (RFP). Gathering and scoring the various responses to an RFP can be difficult and time consuming. This tool enables enterprises to evaluate and compare the results of an RFP process quickly and easily.

Use this tool to:

• Determine each feature's level of importance to your organization.
• If not using an RFP process, shortlist vendors with this tool.
• Score and compare potential SIEM solution RFP responses.

• SIEM Vendor Shortlist and Detailed Analysis Tool

This tool allows enterprises to profile their Security Information & Event Management (SIEM) requirements and generate a rank-ordered vendor shortlist from a fixed list of vendors. Vendor profiles are based on Info-Tech’s recent in-depth review of the SIEM market. The tool includes:

• Variable prioritization for product suitability based on features, usability, affordability, and architecture.
• Variable prioritization for vendor suitability based on viability, strategy, reach, and channel.
• An automatically generated customized vendor landscape based on prioritization of each suitability factor.

Use this tool to narrow the vendors to a shortlist tailored to your organization’s requirements, then send out RFPs and schedule vendor demonstrations.

• SIEM Vendor Demo Script

This template is designed to provide Security Information & Event Management (SIEM) vendors with a consistent set of instructions, ensuring an objective comparison of product features – all while evaluating ease of use, and ease of setup and configuration.

The template is pre-built with five common scenarios to leverage:

• Log source configurations
• Event correlation, alerting, log analysis, and incident management
• Reporting features
• Dashboard and access control features
• Data management
• Full threat visibility
• Scalability

Vendor demonstrations are essential in order to evaluate SIEM user experiences. Allowing vendors to run the demonstration without your guidance will only highlight their strengths.

Plan the SIEM implementation

• Select and Implement a SIEM Solution – Phase 3: Plan the SIEM Implementation

This phase of the Select and Implement a SIEM Solution blueprint will help you:

• Create an implementation plan.
• Measure the value of your SIEM solution.

Use Info-Tech’s research to gain more insight into which vendors and products are appropriate for your business, and follow our implementation plan to ensure that you are set up for success.

for the above information full credits goes to 

https://www.infotech.com/

site to validate your degree is in german database or not.

https://anabin.kmk.org/no_cache/filter/institutionen.html

Roles and Responsibilities of a Product Manager

Roles and Responsibilities of a Product Manager What is the role? The Principle Product Management will lead a team of product managers that is responsible for product strategy, features and the delivery of core BPM products and key business applications at Organization. The individual will work with domain experts and key customers to develop detailed Product Requirements describing the software functionality needed to solve business problems in specific industries or lines of business. This role is responsible for the overall product strategy, features, functions and design of the Business Process Management products and applications. S/he is responsible for on time product delivery while ensuring that overarching product goals are met, including documentation and setup logistics such as release engineering. Emphasis is also placed on roll-out activities such as Pre-sales, Global Services, Learning Services, the Support organization, and key partners, in order to produce the repeatable services and business content required to successfully deploy each product/application. S/he is responsible for the delivery of technical training where required to Learning Services, Global Services, and the Support Organization. S/he is will be the main advocate for the products thru Marketing activities and analyst relations by providing domain knowledge. What Product Manager should do: Collect and prioritize product requirements (from customers, competitors, partners, industry analysts, Sales, Business Development, Global Services, Customer Services, R&D and Program Managers). Synthesize and prioritizes across customers’ wants and needs, balancing them with company strategy and capabilities to define the product roadmap. Develop and maintain Requirement Specifications and drive the iterative development process of achieving these high level goals. Manage and assign tasks to several product managers in the team. This includes performance management andcareer plans Lead the Product Design function in their efforts to develop customer use cases, personas and scenarios, as well as user interface design. Assist Product Marketing Managers to execute 'go to market' plans including packaging, pricing, collateral events and lead-generation programs. Plan, implement and maintain roadmap strategy and scheduling. Maintain day to day contact with the software development group to refine and revise Product specifications and implementation details, based on an agile/iterative development process; encouraging the team to innovate within the boundaries of market segments, personas, goals, and problems to solve. Provide input to QA for creation of test plans and certification criteria. Assist the Documentation group in developing released documentation and on-line help. Assist Education Services group in developing a training program to educate customers and Open Text internal audiences on the details of the product/application. Evangelize product/applications at trade shows, webinars and user group meetings. Support Technical Marketing in setting up products and applications demo environments Work with key customers to acquire and respond to product feedback for future product releases, and communicate roadmap details. Understand product competitors and support development of competitive responses for sales and marketing. Manage full product life cycles including Analyze potential partner relationships for the product. Support the development of relationships with partners around the product functionality-VARs, services vendors, distributors, market influencers Act as a contact point for Customer Services in regards to feature and enhancement requests coming from customers. Perform sales support activities including product demonstrations, proof of concept development, presentations. Serve as Subject Matter Expert (SME) on Services engagements working as part of a project delivery team. Participate in contract negotiations whereby focus is on the technology component. Support Sales/Customer Services/Global Services in regards to critical escalations. All credits for this material goes to O P E N T E X T(copyrighted to them)