Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

NEW! Participate in Discussions Via Email. 

You can now respond to discussions by simply replying to the email alert. Just enable this feature in discussions on this topic. Learn more

Subscribe to all discussions

Recent Discussions

Social Engineering

The idea is to analize this topic by its different components, information, people and legal consec...

Cristina Ledesma @ 2/17/2014 6:08 AM | Comments (5)

IS Governance

I want to know what techniques / methodologies are used to implement governance in IS, I mean for i...

Cristina Ledesma @ 2/3/2014 5:00 AM | Comments (1)

Content, Frequency and Effectiveness of IT Security Awareness

What suggestions do you have for increasing awareness without resulting in "training" fat...

LJC @ 1/15/2014 10:49 AM | Comments (4)

Applying military strategy to IT problems

It is well known that strategic management borrows heavily from military science.. How far do you a...

Simiyu @ 11/21/2013 9:54 PM | Comments (6)

Transferring Risk management: ISO27000 to COBIT

Has anyone had experience transferring their existing ISO 27000 risk management into the COBIT fram...

Catherine002 @ 11/3/2013 7:28 PM | Comments (1)

Let us make this group more active

Our group is sliding towards being inactive. Let us create time to discuss and share knowledge by w...

Simiyu @ 9/25/2013 1:28 AM | Comments (1)

What is Information Security Process Design All About?

Hello Everyone,Please i need your assistance in knowing what Information Security Process Design is...

Mary564 @ 9/13/2013 11:38 AM | Comments (1)

Secure file exchange

Hi everyone, Will be happy if someone can help with opinion or best practice here. I've got the fol...

Lilia Georgieva @ 8/16/2013 8:42 AM | Comments (0)

Is the Cloud Mature Enough to be Considered Mature

In 2012 the Cloud Security Alliance and ISACA conducted a Cloud Computing Market Maturity study tha...

Ron Hale Ph.D. CISM @ 8/12/2013 10:53 AM | Comments (0)

Information security audit for a core banking systems

I am looking for a generic (or tailored) template for auditing information security controls for a ...

Simiyu @ 7/30/2013 12:31 AM | Comments (2)

Security Management at INSIGHTS 2013

Hi all,at INSIGHTS 2013 (http://www.isaca.org/Education/Conferences/Pages/INSIGHTS-2013.aspx) the t...

Marc Vael @ 4/12/2013 4:36 AM | Comments (0)

Relationship between IT Audit ad Information Security

Greetings!I need some advice since my searches have not come up with much just yet.Does anyone know...

edward352 @ 4/7/2013 9:09 AM | Comments (0)

Brand new book about Security Management "C(I)SO - And Now What"

Hello Thought Leaders - I have published a new book for exactly our group (title: "C(I)SO - An...

Michael S. Oberlaender @ 4/5/2013 12:52 PM | Comments (1)

Setting up an Information Security Department

Hi, I am setting up a new information security department in a fairly young technical University an...

Benjamin715 @ 4/1/2013 10:37 AM | Comments (3)

2013 IT Risk Management Whitepaper

IT RISK MANAGEMENTDRIVERS, CHALLENGES AND ENABLERS FOR AUSTRALIANORGANISATIONS To attain strategic,...

Paras_Shah1 @ 3/22/2013 7:01 AM | Comments (0)

RE: Applying military strategy to IT problems

This comment has been deleted by the administrator

Len Shingler @ 4/8/2014 9:22 AM

RE: Applying military strategy to IT problems

This comment has been deleted by the administrator

Eric Andersen @ 4/8/2014 9:12 AM

RE: Applying military strategy to IT problems

This comment has been deleted by the administrator

MaconMac @ 4/8/2014 9:11 AM

RE: Applying military strategy to IT problems

I agree that there are many parallels. Agility is one of the key themes in the article, but even to...

Ross Peachey @ 4/8/2014 9:10 AM

RE: Social Engineering

Often it's assumed that organisations have a single "culture". Christina, you raise a goo...

Ross Peachey @ 4/3/2014 4:46 PM

RE: Social Engineering

This comment has been deleted by the administrator

Len Shingler @ 2/24/2014 1:27 AM

RE: Content, Frequency and Effectiveness of IT Security Awareness

@ Simiyu , This is the reason why I strongly recommend that continous security awareness training s...

Farooq Wahab Naiyer @ 2/24/2014 1:08 AM

RE: Social Engineering

This comment has been deleted by the administrator

MaconMac @ 2/24/2014 1:04 AM

RE: Social Engineering

Chritina and Donatas you both have raised an interesting issue here. I would share my experience ov...

Farooq Wahab Naiyer @ 2/24/2014 1:03 AM

RE: Social Engineering

Hi Cristina,It's a good topic. You are right that you need to look at this issue from these differe...

Donatas @ 2/17/2014 6:43 AM

RE: Content, Frequency and Effectiveness of IT Security Awareness

@Shruti and @Farooq have mentioned all that you need to pay attention to. Consider using various me...

Simiyu @ 2/17/2014 2:11 AM

RE: Content, Frequency and Effectiveness of IT Security Awareness

Information Security Awareness Campaigns should be conducted  at least once a year and should compr...

Farooq Wahab Naiyer @ 2/9/2014 10:29 PM

RE: Applying military strategy to IT problems

@JEANLALLARD . ...... You are absolutely right. Military science provide a strong reference point w...

Simiyu @ 2/5/2014 10:26 PM

RE: Applying military strategy to IT problems

Hi Simiyu As a former officer of the Belgian Air Force, I'm inclined to follow you in your idea: Ye...

JEANLALLARD @ 2/5/2014 4:30 PM

RE: IS Governance

ISACA's COBIT 5 publications provide detailed guidelines, principles and best practices for effecti...

Simiyu @ 2/3/2014 5:29 AM

If a company wants to donate PC's to a charity, what is the right procedure for deleting all data?

A question started byAbbas Kudrati, Head - Quality & Information Security Standard at eGovernme...

Marc Vael @ 6/15/2010 8:45 AM | Comments (6)

Is gamification a solution for the information security awareness?

Hype or not, gamification becomes a professional solution which expands out of the entertainment an...

Marc Vael @ 1/5/2012 12:09 PM | Comments (6)

Applying military strategy to IT problems

It is well known that strategic management borrows heavily from military science.. How far do you a...

Simiyu @ 11/21/2013 9:54 PM | Comments (6)

Social Engineering

The idea is to analize this topic by its different components, information, people and legal consec...

Cristina Ledesma @ 2/17/2014 6:08 AM | Comments (5)

CISA or CISM which one should I go for?

I am currently pursuing MS in Information Security. I have no work experience.Now I want to do a ce...

Rahul Das @ 6/30/2012 1:35 AM | Comments (5)

Information Security Governance: Why Is it Not More Prevasive?

I am an avid believer in the concept of information security governance, and I believe this concept...

Eugene510 @ 8/24/2010 1:20 PM | Comments (5)

Greetings, and A Challenge to Our Members

Greetings to everyone who has joined our group for Information Security Management.  On behalf of I...

David Scott @ 11/16/2011 4:12 PM | Comments (4)

ISO 27001 Policy audits

HiFor those who have experience of ISO 27001 Accreditation audits can you tell me if the auditors a...

Len Shingler @ 2/21/2013 11:20 AM | Comments (4)

New to IS Management

I have just been given responsibility for Information Security Management within my organisation.  ...

PHolmes @ 6/17/2011 9:47 AM | Comments (4)

Content, Frequency and Effectiveness of IT Security Awareness

What suggestions do you have for increasing awareness without resulting in "training" fat...

LJC @ 1/15/2014 10:49 AM | Comments (4)

Setting up an Information Security Department

Hi, I am setting up a new information security department in a fairly young technical University an...

Benjamin715 @ 4/1/2013 10:37 AM | Comments (3)

How to align between IT Audit, IT Assurance and Information Security(Infosec)

Hello, all. I would really like to get/have your expert view on this title. Lets say in an organisa...

Taty @ 9/11/2012 1:17 AM | Comments (3)

Log Management Products

Hello group members! Does anyone know if Snare (open-source log management tool) will work in conju...

Charla Berry @ 7/20/2010 11:33 AM | Comments (3)

Cloud Computing & Security Management

Is cloud computing enhancing or worsening the security management for a company?

Marc Vael @ 6/10/2010 9:47 AM | Comments (3)

Reading recommendations?

Having moved relatively recently from IT Audit to Information Security, I'm looking to read around ...

Matt @ 1/17/2011 1:19 PM | Comments (3)