Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

Privacy/Data Protection

Welcome to the Privacy/Data Protection topic!

Collaborate, contribute, consume and create knowledge around topics such as privacy frameworks and governance (OECD), protection of data, data leaks and data communicated across borders

ISACA members can participate by clicking on the “Join this Community” button. You must be signed into the site. Set your alerts to be notified of new discussion activity within this community. Not an ISACA member? Join now!

This Topic Has:
1143 Members
0 Online
11305 Visits

Community Leader

Marc Vael

Marc Vael

Title: Chief Audit Executive

Badge: Influential



Badge: Social


NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Discussions: 113 total

Must be a Topic member to contribute
View All »
Dear colleagues, Would you have a rough idea on when we could expect to see COBIT5 for Privacy? Considering that data privacy and protection is among every company's top priorities, it would be extremely handful to have a go at something as comprehensive...
Prakharsworld | 2/4/2016 2:32:27 PM | COMMENTS(4)
Yesterday, the EU has announced, that an agreement on the successor to the Safe Harbor Act has been reached with the new EU-US Privacy Shield: Just recently I was attending ISACA's live webinar on the ...
Christoph N. | 2/4/2016 4:34:04 AM | COMMENTS(1)
Does anyone have a good resource for what the technical guidelines are for data protection and privacy across the globe? I read the work from DL Piper, but I'm looking for something a little more technical. For Example, the encryption requirements in Ch...
Geeta167 | 1/18/2016 5:45:22 AM | COMMENTS(2)
There are a significant number of fake profiles on LinkedIn.  This is a good article on signs to look for.
Phil Green | 1/9/2016 6:37:39 AM | COMMENTS(0)
Despite setting up stringent Privacy settings in Facebook to limit content view only to friends, contents 'liked' by friends are no more private such that it becomes visible to friends of friends or public based on the privacy settings on the friends prof...
ebenezerj | 1/7/2016 3:05:42 AM | COMMENTS(1)
This article, although not perfect, gives an extremely good overview of what is happening, the motives behind the perpetrators and the headaches you will face if/when it happens to you.  In today's climaite it's more likely to be "when"  :-(
Phil Green | 12/17/2015 4:21:36 AM | COMMENTS(1)

Documents & Publications: 51 total

Must be a Topic member to contribute
View All »
Information Systems Assurance and Control Guideline for Verifing Compliance with Personal Data Protection Act [POLAND]
Posted by JoannaK 736 days ago
Posted by ISACA 22 days ago
Posted by ISACA 75 days ago
Posted by ISACA 326 days ago
Posted by ISACA 368 days ago

Events & Online Learning: 10 total

19 Aug 2013
ISACA International Event
San Francisco, CA, USA
21 Sep 2015
ISACA International Event
06010 Mexico City, Panama
La Conferencia Latinoamericana CACS/ISRM
9 Nov 2015
ISACA International Event
Copenhagen, Denmark
Stay on top of the trends and opportunities of the dynamic technology industry at EuroCACS/ISRM —the leading European conference for IT audit, assurance, security and risk professionals.

Journal Articles: 126 total

Volume 1, 2016
by Mohammed J. Khan, CISA, CRISC, CIPM
Data protection and cybersecurity go hand-in-hand due to the nature of the risk involved. The underlying assumption is that all data, whether they are stationary or in motion, are threatened to be compromised.
Volume 1, 2016
by Steven J. Ross, CISA, CISSP, MBCP
Twice in the past year or so I have received replacement credit cards because the numbers and expiration dates had been disclosed by merchants that I frequented.
Volume 6, 2015
by Angelique Schouten
Cloud technology helps SMEs run and coordinate large external workforces, support operational management, and enable the building of new developments to ensure that they stay up to speed and futureproof within their markets.
Volume 6, 2015
by Doron Rotman, CIPP, Chris Kypreos, CIPP, and Sarah Pipes, CIPP
The Internet of Things (IoT) represents an unknown set of forces. However, one known is that IoT-connected devices will generate exponential levels of new data that will lead to powerful insights...
Volume 4, 2015
by Mohammed J. Khan, CISA, CRISC, CIPM
This article will align the UK Data Protection Act of 1998 and the American Institute of Certified Public Accountants Generally Accepted Privacy Principles in order to help global companies with a presence in both the US and the UK.
Volume 4, 2015
by Sivarama Subramanian, CISM, Varadarajan Vellore Gopal, CEH, and Marimuthu Muthusamy
The Internet of Things (IoT) is captivating organizations because of its potential to rapidly transform businesses and people’s lives.

Wikis: 2 total

Blog Posts: 21 total

During an audit you may find that shell scripts are used to connect to your Oracle database (these are often scheduled jobs).  In many instances this represents a security risk as the Oracle database password is hardcoded into the script.  This means th...
Posted By : Ian Cooke | 1 comments
Data Privacy in today's world has crossed over from a requirement dependent on one agency or organization to be the global phenomenon.  Today the data traverses across the countries as well as continents at the speed unimaginable in past. In a flash of se...
Posted By : Mayank | 0 comments
13 Nov 2014
Posted By : masarker | 4 comments
One of the many challenging risk management issues faced by organisations today is protecting the privacy of customers’ and employees’ personal information. When privacy is well managed, organisations earn the trust of their customers, employees, and othe...
Posted By : Patrick Soenen | 0 comments
13 Nov 2014
Now a days, you don’t need to be a IT guru or best software programmer to access /control other personal/organization data. If you follow below techniques, you can easily get confidential information.1. Masquerading2. Tailgeting (Piggy back)3. Dumpster di...
Posted By : Shaklain | 1 comments
On March 1st,  I was invited to speak at the CampIT conference on Enterprise Risk/Security Management at Rosemont Convention Center. Before me there were two speakers. The first presenter spent an hour presenting the story from the trenches of technolog...
Posted By : appolloconsulting | 2 comments