In an annual survey of Information security practices conducting by The Deloitte & Touche at 169 financial institutions found that 98 percent of them are spending more on information security this year than last year, and putting a greater emphasis on IT governance. In a related trend, 81 percent of the financial institutions surveyed said they’ve adopted a formal Information Security Governance framework, up from about 70 percent last year. The vast majority of the remaining respondents said they are in the process of establishing their own to fill their need.
Deloitte information security survey was gathering information from CIO from Japan 22 percent and the larger Asia Pacific region, 12 percent from the United States, 23 percent from Latin America, 7 percent from Canada, 31 percent from Europe, the Middle East and Africa, and 5 percent from the former Soviet Republics. The survey also tell us; 38 percent of the organizations surveyed did not measure their security budget on a per capita basis, of those that did, 7 percent said they spend more than US$1,000 per person, 7 percent between $501 an $1,000 per person, 14 percent between $251 and $500, 23 percent between $100 and $250, and 11 percent under $100. This indicated that getting through internal and external audits can be tough wherever you are. They report that the main audit obstacles are networks that still allow excessive access rights; lack of adequate audit logging; and failure to assure access control complies with formal business procedures.
According to the 2007 Global Security Survey, the cost for security system spending is up as much as 15 percent over last year at 11 percent of the 169 corporations surveyed, which include banks, and financial instutions from 32 countries. The highest cost were made in IT audit and IT auditor certification costs, logical access control products, infrastructure protection devices and compliance and risk management. The survey also asked the respondents questions about technology use. Questions asking whether organizations are allowed to use wireless technologies, including wireless LANs, infrared networking or mobile devices, due to security reasons. Forty five percent of the respondents said their organizations prohibit use of wireless LANs, 75 percent prohibited infrared networking; and 13 percent prohibited mobile devices, including PDAs and BlackBerries.
Those not prohibiting use of wireless sought to offer employees guidelines on secure use, published policies on acceptable business use or did implement wireless technologies.
PEOPLE FIND THIS PAGE BY THIS WORDS:
information security governance; information security governance framework; IT Audit; it governance; it governance deloitte; security governance framework; information technology security governance model; sleep social life bad grades;
