Personal finance

Does it make sense to buy a home? If I’m “wasting” money on rent every month, I might as well pay the home loan EMI. EMI is constant, while rent increases every year. On the other hand, I can save a lot of taxes by getting a home loan. A home is an asset that […]

Personal finance

Personal finance involves managing one’s financial resources to achieve financial goals. It includes budgeting, saving, investing, and planning for retirement. In the context provided, the individual has a current value of INR 1,00,000 and desires monthly expenses of INR 12,00,000 today, which will increase to INR 49,68,675 by retirement age due to a 7% inflation […]

Saas

SaaS providers offer varying technical capabilities, particularly in terms of security. While some providers may be larger or more prominent, their security offerings can differ significantly. Here’s a comparison of three SaaS apps: – SaaS app 1: Supports SSO via SAML, but does not support logging or listing API connections. It has a marketplace and […]

IT Audit

The audit charter: May include IS audit as an audit support function. Should clearly state management responsibility and objectives for the IS audit function, as well as the delegation of authority to it. Is an overarching document that covers the entire scope of audit activities. IT Audit Resource Management The IS audit function should be […]

ISMS 27001

It serves as a valuable framework for IT audit practices by providing a systematic approach to managing information security risks. It can be leveraged to assess organizations’ information security management systems and identify control deficiencies. Information Security Management System (ISMS) standard for managing information security risks. Information Security Management System (ISMS) checklist: The 2022 version […]

GRC

Mature GRC lacks innovation, while the birth of modern GRC is driven by corporate scandals and regulatory events. In 2000, OneTrust entered the GRC market through GDPR, capturing the market for GDPR and other privacy framework automation. By 2018, OneTrust had become a dominant player in the GRC market. In the late 1990s and early […]

Training and awareness for information security

if you want to evaluate that all the employees have completed the information security awareness training, we can ask the following evidence as an auditor: Metrics A. Fed Rate: Total employees targeted vs. organization size (use campaign enrollment lists) B. Click Rate: (Clicked links / Emails delivered) × 100. Validate via phishing simulation tools C. […]

IT Security Strategy

Strategy is nothing but the road map for information infrastructure protection to support business goals for 5 years. It can be short term also like a year like suppose implementing controls like cloud security, SIEM integration. It is to understand the vision and mission of an organization. Based on the business process / requirements given […]

Change Management

About GitHub: GitHub is a platform where you can upload a copy of your Git repository (often shortened to repo), hosted either on GitHub.com, by your company on a cloud provider (like Azure, AWS, or IBM Bluemix), or on your company’s own servers behind its firewall. Git is a version control system. A version control […]

DevOps versus Developer

DevOps approach in which the operations team works closely with the developers who wrote the code to identify exactly what can be monitored versus what should actually be reported in the form of alerts or exceptions. DevOps has a strong focus on ensuring that there is a completely automated way to deploy changes, either in […]