The Blog

Integrating Security Architecture into Enterprise Architecture

By Jim, on 11 February, 2011

It sounds almost trite, but the only practical approach to developing a security architecture for an organisation is to start at the most abstract level and consider what the business drivers and requirements are. This is fundamental to any approach for developing an organisation-wide strategy.

GCSB Publish the New Zealand Information Security Manual (NZISM)

By Jim, on 14 December, 2010

GCSB have published the New Zealand Information Security Manual (NZISM) which replaces the New Zealand Security of Information Technology (NZSIT) 400 series documents which were published in 2008.

Best, good or generally accepted practice?

By Jim, on 25 November, 2010

I hate the term “best practice”. There I’ve said it….. It feels good to get that off my chest. But why do I hate it?

Axenic Sponsor ISACA Wellington’s Security Education Day

By Jim, on 8 November, 2010

Axenic have sponsored the ISACA Wellington chapter’s Security Education Day 2010.

Chris’ academic paper published

By Jim, on 26 October, 2010

Chris’ academic paper “Using COBIT to guide the adoption of Enterprise 2.0 technologies” was published in BACIT in December 2009 and is available to download in PDF format from here.

There is only one way to eliminate risk

By Jim, on 26 October, 2010

One common misconception of risk management that I have come up against time and time again is that by managing a risk it has been eliminated and can be closed and removed from the risk register. This is simply not the case as risks can evolve and change over time for any number of reasons.

Get our news as it happens

Click here to subscribe to our newsletter