Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.


NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Subscribe to all discussions

Recent Discussions

Hello - I'm here to help!

G'day everyone !I've just joined this community and am happy to assist anyone with any queries, que...

Matt_Campbell @ 11/21/2011 5:56 PM | Comments (0)

Auditing incident and problem management processes

I'm looking for key risks and key controls to adress in incident and problem management processes (...

BasKooi @ 9/9/2011 7:47 AM | Comments (1)

RE: Fraud Case

I'd recommend the first step is to report it to management and recommend that access to any system/...

Julie Wapma @ 3/19/2017 5:42 PM

RE: Fraud Case

Apprise the fraud to the correct Team(Infosec or Audit) so that team can taken necessary action on ...

Abhijeet412 @ 3/17/2017 5:40 AM

RE: Fraud Case

What are the first steps should be taken when fraud case is detected?

Tarek EL-Sherif @ 3/17/2017 4:18 AM

RE: Use Cases for Security Incident Management

Hi Phil,HR policy violation, acceptable use, data breach, espionage, hacking, physical theft, fraud...

Jatind @ 2/25/2016 5:23 AM

RE: Use Cases for Security Incident Management

Hi there,I would recommend to take a look at the ISO/IEC 27035 standard. It has a generic approach ...

jmoesgen @ 2/21/2016 6:28 AM

RE: Use Cases for Security Incident Management

There is  no  list of such cases but it is rather organization specific. Over the time the process ...

Jiorgos202 @ 2/16/2016 2:39 PM

RE: Audit of outsourced SIEM service Provider

I haven't conducted an audit of our SIEM provider beyond the information necessary to realize Dell ...

Kyle430 @ 2/4/2016 9:18 AM

RE: Audit Program for Incident Response

Jeff, You may also want to consult NIST Their framework is cros...

Yolanda Baker @ 1/28/2016 7:45 AM

RE: Audit Program for Incident Response

Thanks Phil! Right now we are having some preliminary concerns that they don't have a documented re...

Jeff Murfin @ 1/4/2016 7:18 PM

RE: Audit Program for Incident Response

I've used the ISACA one you mention and it's extremely good.   I found I just needed to ensure site...

Phil Green @ 1/1/2016 3:08 AM

RE: Good discussion on Incident Management vs Problem Management

An interesting discussion, yes, but, speaking as a service management expert, I don't feel the CISM...

Phil Green @ 12/24/2015 3:59 AM

RE: Security incident response metrics

Measures specifically for security incident response I've found useful are:Time to discover an inid...

Phil Green @ 12/23/2015 4:49 AM

RE: Security Incident Management according to ISO 27001

I've found that ISO/IEC 27001 provides the basis for a good security incident management process.A ...

Phil Green @ 12/23/2015 4:16 AM

Incident Management Tools

What types of cost effective incident management tools are being used/recommended? What are the opi...

Jim568 @ 4/14/2017 12:48 PM | Comments (0)

SME Reviewers for Incident Response Whitepaper

A volunteer group under the leadership of Salomon Rico as project chair has developed a whitepaper ...

eleighninger @ 1/3/2012 2:26 PM | Comments (0)

Remote Audit of IT helpdesk/Incident Management. What are the consequences

Hi, Im contemplating on conducting a remote audit of our service desk since travel may not be neces...

Eric810 @ 12/15/2016 1:59 AM | Comments (0)

ISACA Ireland Needs YOU!

Hope you don't mind me posting in this groupabout this year's ISACA Ireland conference, which is fo...

Neil_Curran @ 6/17/2015 4:12 AM | Comments (0)