Comments for Data Risk Governance

Comment on Privacy by Michael Sim

Michael Sim — Thu, 19 Apr 2012 16:03:14 +0000

March 2012 – Found your ISSA Feb 2011 article on the web (quite by chance) and found in enlightening. Thanks Matt for taking the time to work out the intricacies of data transfers regarding the 95/46/EC Directive and making it accessible to lay people such as myself. Michael SIM, CISA, CISM, CISSP, BS 25999 Business Continuity

Comment on Is the CISSP worth it anymore? by ITauditSecurity

ITauditSecurity — Mon, 24 Jan 2011 00:51:30 +0000

I think the CISSP is between 2 & 3, not 3 & 4. I still find it respected and valued. Certs don’t prove anything other than you were able to meet a certain level of qualification. Hiring managers still have to do their due diligence, but if you don’t have certs today, you will be passed over for jobs. It’s that simple.

There’s a lot of bad doctors and lawyers out there too.

If you’re reading this and were thinking of pursuing the CISSP, I still urge you to do it. If you’re not super skilled, you’ll gain from the study; if you already are super skilled, passing it should be easy. In either case, you’ll have an advantage over the next person. Where’s the downside?

Comment on Resources by Information Security Policy « Data Risk Governance

Information Security Policy « Data Risk Governance — Fri, 17 Dec 2010 21:33:04 +0000

[...] Resources [...]

Comment on Is the CISSP worth it anymore? by walterbyrd

walterbyrd — Mon, 08 Nov 2010 15:42:00 +0000

I am surprised that you have not taken DoD directive 8570 into account. For installations that are managed under that directive, the CISSP is not just a “de facto” standard, it is an official standard for most specializations.

There are other certs, which will sometimes qualify for this or that. But, from my experience the CISSP is “it” in an 8570 environment.

Comment on Is the CISSP worth it anymore? by Mike D

Mike D — Tue, 05 Oct 2010 20:56:41 +0000

Good to see that all my hard work is in vain..

Seriously, If a security manager takes a certification as gospel, then I guess they are leaving themselves open to all sorts of issues. As any CISSP can tell you, not doing your “due diligence” or not using “Due Care” or at least using the “Prudent Man Rule” can lead to all sorts of undesired consequences..

Having sat for the exam (and no results as of yet… 3 1/2 weeks & counting…) I believe in the certification process, and believe it can root out the no experience type of test taker. Without my extensive background of over 10 years in IT Management & 15 years as a programmer, I would’ve been somewhat lost.

Comment on Is the CISSP worth it anymore? by Ahmad Wasiuta

Ahmad Wasiuta — Thu, 16 Sep 2010 18:58:26 +0000

This is a very entertaining post. I am glad to see this subject being written about. I like reading these types of articles they help to keep me in the loop.

Comment on Zubulake v. UBS Warburg LLC (Zubulake V) by Chiriqui, Panama

Chiriqui, Panama — Wed, 12 May 2010 09:32:25 +0000

Super post – and nifty domain by the way!

Comment on Risk Management by Matt

Matt — Thu, 18 Feb 2010 20:42:21 +0000

Link fixed. Thanks!

Comment on Risk Management by J Barker

J Barker — Mon, 08 Feb 2010 14:18:23 +0000

The link to a “sample risk assessment” is broken on following page
http://datariskgovernance.com/risk-assessment/

Comment on eDiscovery by Gordon Thomas

Gordon Thomas — Mon, 01 Feb 2010 05:54:13 +0000

Thanks. There is some useful infomation here good work. sorry I cannot leave a constructive comment as i am abit out of my deph I will be checking back here periodically for your new updates. london insurance 30 St Mary Axe, london, EC3A 8EP 020 7193 4776