Continuous Assurance Using Data Threat Modeling

ISACA & SecurityScorecard teamed up to write about continuous assurance using data threat modeling. If security, risk, governance or assurance practitioners are asked to name the most important consideration for their enterprises, there is a strong likelihood they will answer “the data.” Data are the lifeblood of modern enterprises. In fact, data are a factor in almost anything of significance that an enterprise seeks to accomplish.

In this white paper we will discuss:

  • Practical challenges of data storage
  • Regulatory Requirements in keeping track of data throughout their lifespan
  • Identifying subcomponents, dependencies and interaction points
  • How to identify and mitigate threats
  • Set of questions to help guide implementations