Cyber IT Supervisory Forum eBook

Expanded Topic

New Topic

Version 2.0: Scope Expansion

• Technology governance • Control testing and evaluation • Exception management • Acceptable use policy & related policies and end-user agreements • Quality management program and continuous improvement • Technology architecture • Technology operations, problem management, and IT service and support • Project management • Asset lifecycle management

• Unsupported systems • Shadow IT management

• Data governance and management • Asset ownership and custodianship • Skill and resource assessment • Cloud services access and authorization • Procurement planning • Network device/firewall rule review • Email verification mechanisms • Encryption standards & key management

• Time services • Secure SDLC • End-user computing management • Applications management • Emergency changes • Insider threat management • Operational Technologies (OT) and Internet of Things (IoT) • Remote access devices (end points, mobile, virtual)

• Social media/dark web monitoring • Deception techniques (honeypots) • Forensic investigations • Returning systems to service • Business Impact Analyses

Includes Updated & New Mappings