Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

 

NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Subscribe to all discussions

Recent Discussions

InfoSec models inter-relationship mappings

I am looking for mapping of SABSA attributes taxonomy to ISO 27001's PDCA, ITIL & COBIT 5 model...

Glory Idehen @ 8/22/2014 12:41 PM | Comments (1)

Security Access Review Scope or Depth Query

Dear All,I think a security access review or identity certification is a common task to examine the...

chungangus @ 8/19/2014 11:05 PM | Comments (0)

Call for Papers and Discount Code for ISACA Ireland Conference on 3rd Oct 2014

Hi Everyone, I'm the chapter president of ISACA Ireland and would like to let members of this topic...

Neil_Curran @ 8/2/2014 12:39 PM | Comments (1)

Outsourcing:- information security as a service

What are the challenges, what should be the scope limitation, how do you enhance privacy of your da...

Simiyu @ 7/23/2014 2:29 AM | Comments (4)

Why is so difficult train the management about the importance of engage in a Security certification process?

In my experience is not so easy to convince Mangement about the importance to work towards a certif...

Cristina Ledesma @ 5/26/2014 8:50 AM | Comments (8)

Social Engineering

The idea is to analize this topic by its different components, information, people and legal consec...

Cristina Ledesma @ 2/17/2014 6:08 AM | Comments (5)

IS Governance

I want to know what techniques / methodologies are used to implement governance in IS, I mean for i...

Cristina Ledesma @ 2/3/2014 5:00 AM | Comments (1)

Content, Frequency and Effectiveness of IT Security Awareness

What suggestions do you have for increasing awareness without resulting in "training" fat...

LJC @ 1/15/2014 10:49 AM | Comments (4)

Applying military strategy to IT problems

It is well known that strategic management borrows heavily from military science.. How far do you a...

Simiyu @ 11/21/2013 9:54 PM | Comments (6)

Transferring Risk management: ISO27000 to COBIT

Has anyone had experience transferring their existing ISO 27000 risk management into the COBIT fram...

Catherine002 @ 11/3/2013 7:28 PM | Comments (1)

Let us make this group more active

Our group is sliding towards being inactive. Let us create time to discuss and share knowledge by w...

Simiyu @ 9/25/2013 1:28 AM | Comments (1)

What is Information Security Process Design All About?

Hello Everyone,Please i need your assistance in knowing what Information Security Process Design is...

Mary564 @ 9/13/2013 11:38 AM | Comments (1)

Secure file exchange

Hi everyone, Will be happy if someone can help with opinion or best practice here. I've got the fol...

Lilia Georgieva @ 8/16/2013 8:42 AM | Comments (0)

Is the Cloud Mature Enough to be Considered Mature

In 2012 the Cloud Security Alliance and ISACA conducted a Cloud Computing Market Maturity study tha...

Ron Hale Ph.D. CISM @ 8/12/2013 10:53 AM | Comments (0)

Information security audit for a core banking systems

I am looking for a generic (or tailored) template for auditing information security controls for a ...

Simiyu @ 7/30/2013 12:31 AM | Comments (2)

RE: Outsourcing:- information security as a service

@Marc, thanks for that insight. As you said, accreditation may not cover the entire environment, he...

Simiyu @ 8/26/2014 5:49 AM

RE: Outsourcing:- information security as a service

Before outsourcing, the bottom line and risk level of your company should be clear from management....

Marc Vael @ 8/26/2014 4:53 AM

RE: Relationship between IT Audit ad Information Security

Internal audit andinformation security have same goal, which is to mitigate risk. Internal audithas...

Marc Vael @ 8/26/2014 4:18 AM

RE: InfoSec models inter-relationship mappings

Good questionSABSA vs ISO27001 I only know of this overview http://www.gliffy.com/publish/3821896/S...

Marc Vael @ 8/26/2014 3:58 AM

RE: Call for Papers and Discount Code for ISACA Ireland Conference on 3rd Oct 2014

Thanks for giving our group an opportunity to submit papers for your conference. It is my hope that...

Simiyu @ 8/7/2014 2:47 AM

RE: Relationship between IT Audit ad Information Security

There is a strong relationship and overlap between IT Audit and Information Security management. Bo...

Simiyu @ 8/7/2014 2:36 AM

RE: Outsourcing:- information security as a service

@Chungangus.....I  absolutely agree with you, a risk profile should be determined before outsourcin...

Simiyu @ 8/7/2014 2:24 AM

RE: Relationship between IT Audit ad Information Security

On the position inside a company, I will say IT security is on the front line defense as they are i...

chungangus @ 8/7/2014 2:01 AM

RE: Outsourcing:- information security as a service

Before outsourcing, the bottom line and risk level of your company should be clear from management....

chungangus @ 8/7/2014 1:55 AM

RE: Why is so difficult train the management about the importance of engage in a Security certification process?

True, Len.As you mentioned, there is no single approach to such a challenge. My approach was simila...

Simiyu @ 5/27/2014 5:04 AM

RE: Why is so difficult train the management about the importance of engage in a Security certification process?

Simiyu, a difficult question to say the least, no easy answer! You need to know your customer and h...

Len Shingler @ 5/27/2014 4:29 AM

RE: Why is so difficult train the management about the importance of engage in a Security certification process?

Len Shingler, you are absolutely right. In one of my consultancies I was tasked by the executive ma...

Simiyu @ 5/27/2014 3:41 AM

RE: Why is so difficult train the management about the importance of engage in a Security certification process?

In my experience management are really interested in reputation and the bottom line. Certification ...

Len Shingler @ 5/27/2014 3:17 AM

RE: Applying BMIS in practice

In my view system thinking is critical component of InfoSec dynamics and not the other way round.

Simiyu @ 5/26/2014 10:01 AM

RE: Applying BMIS in practice

In my view system thinking is critical component of InfoSec dynamics and not the other way round.

Simiyu @ 5/26/2014 10:01 AM

Why is so difficult train the management about the importance of engage in a Security certification process?

In my experience is not so easy to convince Mangement about the importance to work towards a certif...

Cristina Ledesma @ 5/26/2014 8:50 AM | Comments (8)

Applying military strategy to IT problems

It is well known that strategic management borrows heavily from military science.. How far do you a...

Simiyu @ 11/21/2013 9:54 PM | Comments (6)

If a company wants to donate PC's to a charity, what is the right procedure for deleting all data?

A question started byAbbas Kudrati, Head - Quality & Information Security Standard at eGovernme...

Marc Vael @ 6/15/2010 8:45 AM | Comments (6)

Is gamification a solution for the information security awareness?

Hype or not, gamification becomes a professional solution which expands out of the entertainment an...

Marc Vael @ 1/5/2012 12:09 PM | Comments (6)

Information Security Governance: Why Is it Not More Prevasive?

I am an avid believer in the concept of information security governance, and I believe this concept...

Eugene510 @ 8/24/2010 1:20 PM | Comments (5)

CISA or CISM which one should I go for?

I am currently pursuing MS in Information Security. I have no work experience.Now I want to do a ce...

Rahul Das @ 6/30/2012 1:35 AM | Comments (5)

Social Engineering

The idea is to analize this topic by its different components, information, people and legal consec...

Cristina Ledesma @ 2/17/2014 6:08 AM | Comments (5)

New to IS Management

I have just been given responsibility for Information Security Management within my organisation.  ...

PHolmes @ 6/17/2011 9:47 AM | Comments (4)

Outsourcing:- information security as a service

What are the challenges, what should be the scope limitation, how do you enhance privacy of your da...

Simiyu @ 7/23/2014 2:29 AM | Comments (4)

Applying BMIS in practice

BMIS promotes systems thinking dynamic approach which can solve the balance question between pragma...

Marc Vael @ 5/25/2011 5:49 PM | Comments (4)

Greetings, and A Challenge to Our Members

Greetings to everyone who has joined our group for Information Security Management.  On behalf of I...

David Scott @ 11/16/2011 4:12 PM | Comments (4)

ISO 27001 Policy audits

HiFor those who have experience of ISO 27001 Accreditation audits can you tell me if the auditors a...

Len Shingler @ 2/21/2013 11:20 AM | Comments (4)

Content, Frequency and Effectiveness of IT Security Awareness

What suggestions do you have for increasing awareness without resulting in "training" fat...

LJC @ 1/15/2014 10:49 AM | Comments (4)

How to align between IT Audit, IT Assurance and Information Security(Infosec)

Hello, all. I would really like to get/have your expert view on this title. Lets say in an organisa...

Taty @ 9/11/2012 1:17 AM | Comments (3)

Cloud Computing & Security Management

Is cloud computing enhancing or worsening the security management for a company?

Marc Vael @ 6/10/2010 9:47 AM | Comments (3)