Professional Documents
Culture Documents
Declaraciones Nuevas
Adaptado de: Gunther McGrath, R.; The End of Competitive Advantage: How to Keep Your Strategy Moving as Fast as Your Business,
Harvard Business Review Press, 2013. Leinwand, P.; C. Mainardi; What Drives a Companys Success? Highlights of Survey Findings,
Booz & Company, 2013, www.strategyand.pwc.com/global/home/what-we-think/reports-white-papers/article-display/what-drives-acompanys-success
2014 ISACA. All rights reserved. www.isaca.org
Modelo evolutivo de la
seguridad de la informacin
Orientado al funcionamiento
confiable de procesos crticos
Fundado en el cambio de
comportamiento de las personas
frente a la informacin
Basado en procedimientos y
guas de seguridad y control
Soportado en acciones
preventivas y sancionatorias
Soportado en acciones de
monitoreo activo y de pronstico
Responsabilidades
nfasis
Operaciones
Seguridad informtica
Monitoreo y anlisis
de eventos
Respuesta a incidentes y
anlisis forense
Gestin de vulnerabilidades
y amenazas
Gobierno
Operaciones y gobierno
Operaciones, gobierno y
aspectos legales
Notificacin de brechas
de privacidad
Proteccin de la informacin
Descubrimiento electrnico
(Soporte electrnico de litigios)
Monitoreo y anlisis
de eventos
Respuesta a incidentes y
anlisis forense
Clasificacin de informacin
Gestin de vulnerabilidades
y amenazas
Tomado y traducido de: Corporate Executive Board Chief Information Office Leadership Council, Common Archetypes of Security Functions: Implementation Tool,
www.irec.executiveboard.com
2014 ISACA. All rights reserved. www.isaca.org
pwc.com/global/home/what-we-think/reports-white-papers/
article-display/reimagine-your-enterprise
4 Op cit, Booz & Company, 2013
5 Security for Business Innovation Council, Transforming
Information Security: Future-proofing Process, 2013,
www.emc.com/collateral/white-papers/h12622-rsa-futureproofing-processes.pdf
6 Grimsley, H.; The Successful Security Leader: Strategies
for Success, CreateSpace Independent Publishing Platform,
2012
7 Ibid.
8 Proctor, P.; R. Hunter; F. C. Bymes; A. Walls; C. Casper; E.
Maiwald; T. Henry; Security and Risk Management Scenario
Planning, 2020, Gartner Research, 2013
9 Ibid.
10 McAfee, The Security Industrys Dirty Little Secret,
Research Report, 2013, www.mcafee.com/us/resources/
reports/rp-security-industry-dirty-little-secret.pdf
11 CEB CIO Leadership Council, Common Archetypes of
Security Functions: Implementation Tool, www.irec.
executiveboard.com
12
Harkins, M.; Managing Risk and Information Security:
Protect to Enable, Apress, 2013
13 Khan, N.; J. Sikes; IT Under Pressure: McKinsey Global
Survey Results, McKinsey & Company, 2014,
www.mckinsey.com/Insights/Business_Technology/IT_
under_pressure_McKinsey_Global_Survey_results?cid=othereml-alt-mip-mck-oth-1403
14 Howard, C.; D. C. Plummer; Y. Genovese; J. Mann; D. A.
Willis; D. Mitchell Smith; The Nexus of Forces: Social,
Mobile, Cloud and Information, Gartner Report, 2012,
https://www.gartner.com/doc/2049315
15 MacDonald, N.; Prevention Is Futile in 2020: Protect
Information Via Pervasive Monitoring and Collective
Intelligence, Gartner Research, 2013
The ISACA Journal is published by ISACA. Membership in the association, a voluntary organization serving ITgovernance professionals, entitles one to receive an annual subscription
to the ISACA Journal.
Opinions expressed in the ISACA Journal represent the views of the authors and advertisers. They may differ from policies and official statements of ISACA and/or the IT Governance
Institute and their committees, and from opinions endorsed by authors employers, or the editors of this Journal. ISACA Journal does not attest to the originality of authors content.
2014 ISACA. All rights reserved.
Instructors are permitted to photocopy isolated articles for noncommercial classroom use without fee. For other copying, reprint or republication, permission must be obtained in
writing from the association. Where necessary, permission is granted by the copyright owners for those registered with the Copyright Clearance Center (CCC), 27 Congress St.,
Salem, MA 01970, to photocopy articles owned by ISACA, for a flat fee of US $2.50 per article plus 25 per page. Send payment to the CCC stating the ISSN (1526-7407), date,
volume, and first and last page number of each article. Copying for other than personal use or internal reference, or of articles or columns not owned by the association without
express permission of the association or the copyright owner is expressly prohibited.
www.isaca.org
2014 ISACA. All rights reserved. www.isaca.org