HomeReturn Home
Training & EventsInsist on Quality
Public Presentations
Training & Events Calendar
TrainingIncrease Your Net Worth
Certification TrainingISO Lead Implementer & Auditor
General CoursesProfessional Development Courses
Executive SummitsPremier Executive Networking
ConsultingKnowledge & Experience
Business ContinuityOptimize Your Sites Performance
Mergers & AcquisitionsAdvaned Menu System
Process ManagementImage Rotating Extension
Information SecurityAccordion Column Menu
CommunityFacilitating The Future
Executive CouncilComing SoonThe topic of security awareness and training has recently been re-emphasized in an international incident involving the publicly posting of classified travel plans of President Obama, by an Air Traffic Controller in Japan on an internet blog, reports the New York Times.
. The article offers the flight plans for Air Force One which will be carrying the President on at trip to Asia were posted to share with friends.
In a similar, but very different incident, a prestigious hospital accidently posted data of some 20,000 emergency room patients which included patients names, diagnosis codes, account numbers, admission and discharge dates, and as well as billing charges.
The article entitled Patient Data Posted Online in Major Breach of Privacy published in the New York Times, reported that the information was posted to the hospital's website in spreadsheet format and appears to have been available for a full year.
In an article posted by ComputerWorld entitled, Stupid, arrogant and greedy former RSA CEO of Security Dynamics, Kenneth P. Weiss offers an inside view of a bad decision that is attributed to the highly publicized RSA's security breach earlier in the year.
What all of these things have in common is that they were all avoidable. With proper awareness and training, employees would have the knowledge to make the right decisions, as well as the technical expertise to secure information. That's right, awareness and training does not have to be restricted to the general "all employee" training, it could and should include in-house technical training courses on technical security training like how to harden Unix servers, firewalls and others, as well as secure coding practices. All of this should be tied back to your organization's policy and standards.
CIMA One of the age old debates in information assurance is how to address the volume of issues on your plate, tactically or strategically? While it is understood a combined approach should be embraced, click here to see an intellectual argument on this important topic.
Click on the image above to watch a short introductory video.
Through knowledge and experience, we have developed and shared with our clients and others in the community "DIRECTION" a structured methodology for IT Governance.
Using DIRECTION, we take you step-by-step through the process of:
Give us a call and discover the difference we can make.
One of the least managed risk to organizations today is found at the heart of its supply chain and the management or lack thereof. In today's business climate with parts of our business outsourced and many stringent sanctions from regulators; organizations need a greater focus on supply chain risk management.
Areas such as outsourced payroll, HRIS, IT Infrastructure and application development, and more need particular attention to assessing and managing risk on an on-going basis due to the sensitive information and access they provide to people outside of the organization's boundaries and control.
Supply Chain Risk Management is more than just reviewing your existing contracts and getting vendors on-board with protecting information, it's also about having knowledge at your finger tips to know what might be affecting your suppliers to deliver goods and services, as well as being able to protect your customer data in the future.
At CIMA, we have the expertise to help your organization assess your current supply chain risks, develop policies and standards to set organizational expectations, and leverage technology to manage this critical issue on a go forward basis. Through our strategic alliances, we can provide tools to not only manage risks in your supply chain, but also provide alerts to incidents around the globe that could affect business.
Developing IT Governance - Through years of hands-on experience, we have developed "DIRECTION" a methodology for IT Governance.
Supply Chain Risk Management - Helping clients understand and measure the risks in their Supply Chain helps achiueve risk management goals. 
Enterprise Strategy Development - CIMA helps clients succeed at strategy development initiatives using our Base and Progressive Development Models. 
Awareness & Training - Leveraging a structured approach like our ACADEMICS methodology will help ensure the success of your communication program's goals.