Downloads
Posted by ISACA 222 days ago
|
Cobit Related
Posted by ISACA 223 days ago
|
Downloads
Posted by ISACA 344 days ago
|
Downloads
Posted by ISACA 397 days ago
|
Research
Posted by ISACA 17 hours ago
|
Books
Posted by ISACA 11 days ago
|
7 May 2012
ISACA International Event
Orlando, Florida, USA
Get the knowledge you need to stay one step ahead of the competition and keep up with changing professional trends at ISACA’s North America CACS Conference.
|
12 Jun 2012
ISACA International Event
Dallas, Texas, USA
ISACA Training is a unique educational event designed to provide the tools you need to maintain, update and upgrade your skills, and to continue your professional development.
|
7 Aug 2012
ISACA International Event
Chicago, Illinois, USA
ISACA Training is a unique educational event designed to provide the tools you need to maintain, update and upgrade your skills, and to continue your professional development.
|
11 Sep 2012
ISACA International Event
San Francisco, California, USA
ISACA Training is a unique educational event designed to provide the tools you need to maintain, update and upgrade your skills, and to continue your professional development.
|
2 Oct 2012
ISACA International Event
Orlando, Florida, USA
ISACA Training is a unique educational event designed to provide the tools you need to maintain, update and upgrade your skills, and to continue your professional development.
|
6 Nov 2012
ISACA International Event
New York, New York, USA
ISACA Training is a unique educational event designed to provide the tools you need to maintain, update and upgrade your skills, and to continue your professional development.
|
Volume 2, 2012
by Ed Gelbstein, Ph.D.
In the last couple of years, it has become evident that no organization can avoid being influenced by the tsunami of innovative technology, with ever shorter life cycles.
|
Volume 1, 2012
by Ronke Oyemade, CISA, CRISC, PMP
This article defines IT governance, addresses its importance, and describes how to apply the three lines of defense by implementing a combination of the Risk IT and COBIT frameworks.
|
Volume 6, 2011
by Bob Treadway
Bob Treadway is a strategy advisor and consulting futurist who, for more than 25 years, has helped organizations and individuals anticipate and take action on what lies ahead.
|
Volume 5, 2011
by Steven De Haes, Ph.D., Dirk Gemke, John Thorp, CMC, ISP, and Wim Van Grembergen, Ph.D.
The goal of this article is to provide insight to practitioners regarding how to introduce better value management approaches.
|
Volume 5, 2011
by Rafael Etges, CISA, CRISC, CIPP/C, CISSP, and Anderson Ruysam, CRISC, CISSP, ITIL
What are the governance elements required to ensure the success of an IDM deployment in a complex enterprise environment? What is the bottom-line impact of having—or not having—these elements in place?
|
Volume 5, 2011
by Joseph Kirkpatrick
Security by abdication is when a company decides that rather than accept the responsibility of securing and maintaining systems, people or processes, it will abdicate the responsibility by moving to the cloud.
|
These links, which have been contributed by site users, link to external third-party web sites. ISACA has not evaluated these web sites and accepts no responsibility for their suitability, security or privacy practices.
nice article on the emerging gap between IT & CEO
|
Cloutage exists to empower organizations by providing cloud security knowledge and resources so that they may properly assess information security risks. The project aims to document known and reported incidents with cloud services while also providing a one-stop shop for cloud security news and resources.
|
Deploying data and applications to a cloud computing environment, whether private, community, or public, changes an organization's information technology (IT) security posture. Private cloud environments utilize new software layers, such as virtualization technologies, within the IT infrastructure. While community and public offerings may employ similar technologies, the security implications of community and public clouds are more complex. Use of these offerings changes the risk profile because some security responsibility is transferred to the cloud provider, and the organization’s security perimeter is extended to include the provider's computing resources and personnel. Given these changes, organizations need to understand the risks and appropriate mitigations.
|
Nevertheless, when it comes to IT governance, much can be said for a structured, methodical approach to managing risk, and in that context a GRC framework may be helpful under the right circumstances
Contributed by ISACA on 31 May 2010
|
Talk about a high-stakes journey. Three years ago, Amtrak's IT operations, which previously reported to the CFO, were moved to the purview of the CEO, with the goal of making IT a strategic partner to the business. CIO Ed Trainor was recruited to make it happen.
Contributed by ISACA on 31 May 2010
|
In the world of acronyms, information technologists seem to lag behind only government agencies in their ability to create jargon and abbreviations of cryptic concepts. IT-GRC is one member of the IT lingo club. The Information Technology Infrastructure Library, or ITIL, is a fellow acronym gaining more acceptance and popularity within the IT industry. ITIL provides a common framework to formalize a service-oriented management approach within IT and improve interaction between IT and the business.
Contributed by ISACA on 31 May 2010
|
|
Having been associated with the BS 7799 from its introduction as a Security Standard, and as a Contributor to the ISO 27001, and the last and final Chair of the ISO 27001 at the Department of Trade and Industry (DTI) I have been a long term supporter, and...
Posted By : John379 | 0 comments
|
Gone are the days of check list auditing (Tick and bash audit). To add value to business auditors need to go beyond check listing.
Be it an application control review (ACR), IT General Controls Review (ITGCR), A project review or an integrated audit, i...
|
|
During my audits, training & teaching sessions one of the frequent queries I came across is 'Sir, How do I become an IT Auditor? What are the qualification criteria?'
The best answer for this to quote from the famous book, Information Systems Control and ...
Posted By : KvR | 0 comments
|
So two things happened today. While talking about the need to get the business folks excited about IT Risk Management I used a simple analogy trying to relate to the usual perception, perhaps justifiably so, the business folks have, and that is, IT securi...
Posted By : Umesh391 | 0 comments
|
|
Hola, se les informa a todos los interesados para los cursos de CISM 2.012, que los mismos comenzarán los siguientes días:
06FEB - 40 Hrs Grupo A
13FEB - 40 Hrs Grupo B
20FEB - 40 Hrs Grupo C
Modalidad
16 Hrs intensivas y Presenciales (09:00 am - 12:00...
Posted By : Alexander Osorio | 0 comments
|
Hola, se les informa a todos los interesados para los cursos de CISM en JUNIO 2.011, que los mismos comenzarán los siguientes días:
06FEB - 40 Hrs Grupo A
13FEB - 40 Hrs Grupo B
20FEB - 40 Hrs Grupo C
Modalidad
16 Hrs intensivas y Presenciales (09:00 a...
Posted By : Alexander Osorio | 0 comments
|
|
|