Constructing Essential Cybersecurity Governance Processes

Given the global business environment, IT deployments are indispensable for enabling information reliability, processing efficiency, and communication expediency to acquire and maintain a competitive advantage. Because the information has measurable value, data collection, processing, storage, and transmission by organizational employees need appropriate safeguarding. Safeguarding information mandates addressing cybersecurity protection to ensure managerial due care and due diligence. Through Dr. Davis’ discussions, security professionals will acquire an appreciation for the complexities associated with ensuring an effective cybersecurity program.

• Cybersecurity proactive and reactive processes
• Total governance integration and alignment requirements
• Extracting convergence points when integrating frameworks
• Architectural conceptualization to achieve framework integration
• Cybersecurity Governance program considerations for sustaining congruence with corporate and information security governance
• Cybersecurity Governance system factors for supporting cohesiveness with COBIT and ISO/IEC 27000 frameworks
• Cybersecurity Governance process considerations that enable linkages with corporate and information security governance
• Managerial activities for maintaining consistency with COBIT and ISO/IEC 27000 frameworks

Cybernetics control theory emphasizes the role of organizational structure in information governance. Information has been considered a quasi-physical concept related to the degree of organization in a system. From a system perspective, there is a presumption that governance structures are a process outcome. Structures deployed by an organizational governance system allocate rights and responsibilities within the structures and necessitates assurance that manager-leaders are operating effectively and expectantly within the defined structures.

During the “Constructing Essential Cybersecurity Governance Processes” webinar, Dr. Davis highlights an approach to deploying entity-centric information system frameworks, architectures, methods, and techniques to reduce the risk of a security breach. In terms of content, Dr. Davis converts selected standards and guidelines into practical applications using detailed examples and conceptual graphics.

Although organizations exist for various reasons, the broadcasting of information security breaches across industries is increasing public and private demands to institutionalize Cybersecurity Governance with program oversight. Organizational information and communication have employee responsibility and reporting structures. Formal organizational structures often reflect constructs associated with laws, regulations, policies, directives, procedures, standards, and rules. Informal organizational structures mirror the interlocking social makeup governing how people work together in practice. Researchers suggested that the executive team structure is a pivotal organization design choice.

IT permits collecting and processing large data volumes as well as inspires innovation. IT that links information systems have made intra-organizational communication almost seamless depending on product-specificity. Within a firm’s organizational structure, providing acceptable service delivery necessitates the installation of an adequate cybersecurity support system. In addressing cybersecurity, security service delivery and support may range from operational protection deployment to crisis response training. Concurrently, innovations may manifest in different forms that require managerial attention.

• Audit Committee Members
• Risk Management Executives
• Chief Audit Executives
• External Audit Partners
• Chief Executive Officers
• Chief Financial Officers
• Chief Information Officers
• Compliance Executives
• Chief Information Security Officers
• Compliance Officers
• Business Analyst

Dr. Robert E. Davis obtained a Bachelor of Business Administration in Accounting and Business Law, a Master of Business Administration in Management Information Systems, and a Doctor of Business Administration in Information Systems Management from Temple, West Chester, and Walden University; respectively. Moreover, during his twenty years of involvement in education, Dr. Davis acquired Postgraduate and Professional Technical licenses in Computer Science and Computer Systems Technology. Dr. Davis also obtained the Certified Information Systems Auditor (CISA) certificate — after passing the 1988 Information Systems Audit and Control Association’s rigorous three hundred and fifty multiple-choice questions examination; and was conferred the Certified Internal Controls Auditor (CICA) certificate by the Institute for Internal Controls.

Since starting his career as an information systems (IS) auditor, Robert has provided data security consulting and IS auditing services to corporations as well as other organizations; in staff through management positions. Before engaging in the practice of IS auditing and information security consulting; Robert (as a corporate employee) provided inventory as well as general accounting services to Philip Morris, USA, and general accounting services to Philadelphia National Bank (Wells Fargo). Furthermore, he has prior experience as a freelance writer of IT audit and information security training material.

Dr. Davis received recognition as an accomplished, energetic auditor, author, and speaker with a sound mix of experience and skills in monitoring and evaluating controls. Based on his accomplishments, Temple University's Fox School of Business and Management Alumni Newsletter, as well as The Institute for Internal Controls e-newsletter featured Dr. Davis. Furthermore, he is an Advisory Board Member of The Institute for Internal Controls, the first and inaugural Temple University CISA in Residence and a founding Temple University Master of Science in IT Auditing and Cyber-Security Advisory Councilmen. Last, he accepted invitations to join Delta Mu Delta International Honor Society, the Golden Key International Honour Society, the Thomson Reuters' Expert Witness List, the IT Governance LTD expert panel, as well as the International Association of IT Governance Standards honorary membership group.