Code: 52906472
Your last audit was clean. So was the one before that. And then something happened anyway. In modern enterprises, controls rarely fail outright. They continue to operate, pass their tests, and produce their evidence. What changes ... more
English
Enter your e-mail address and once book will be available,
we will send you a message. It's that simple.
You get 69 loyalty points
Book synopsis
Your last audit was clean. So was the one before that. And then something happened anyway. In modern enterprises, controls rarely fail outright. They continue to operate, pass their tests, and produce their evidence. What changes is the world the controls were designed to govern and that world is now governed by engineering, security, and operations teams moving faster than any assurance cycle was built to follow. This book introduces the concept of control decay: the gradual erosion of control effectiveness as the operating environment around a control evolves while the control itself does not.
Developed through analysis of consequential cases, including the Silicon Valley Bank collapse, the CrowdStrike outage of July 2024, and the Boeing 737 MAX MCAS case, the book presents C-DRAFT, a diagnostic framework that names six structural forces producing decay: Change Velocity, Dependency Drift, Role Dilution, Automation Opacity, Framework Lag, and Testing Illusion.
Established standards enforce and verify controls. They were not designed to detect when a control's design assumptions have drifted from the environment the control was meant to govern. C-DRAFT addresses that specific gap. Rather than replacing established standards such as COSO, COBIT, NIST, or ISO, or the security, engineering, and risk management frameworks organizations rely on day to day, C-DRAFT provides a shared lens through which audit, security, technology, engineering, and risk can read the same control environment. The focus is relevance, not compliance expansion. Control decay is everywhere. What it has lacked, until now, is a unified framework that can diagnose and respond to it.
What You Will Learn
Who This Book is For
This book is written for professionals responsible for evaluating, designing, or relying on control effectiveness in modern enterprises. Internal auditors, technology auditors, cybersecurity professionals, risk managers, GRC leaders, and assurance advisors will find practical guidance, as will technology and security leaders who rely on audit and risk outcomes to understand why their controls behave as they do.
Book details
Book category Books in English Reference, information & interdisciplinary subjects Research & information: general Decision theory: general
28.62 €
EnglishCollection points Bratislava a 12841 dalších
Copyright ©2008-26 najlacnejsie-knihy.sk All rights reservedPrivacyCookies
25686 collection points
Delivery 2.99 €
02/210 210 99 (8-15.30h)Shopping cart ( Empty )