Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

Information Security Management

Welcome to the Information Security Management topic!

Collaborate, contribute, consume and create knowledge around topics such as cloud computing, application security, vulnerability management, PCI, and data protection.

ISACA members can participate by clicking on the “Join this Community” button. You must be signed into the site. Set your alerts to be notified of new discussion activity within this community. Not an ISACA member? Join now!

This Topic Has:
1103 Members
4 Online
11428 Visits

Community Leader

Marc Vael

Marc Vael

Title: Director Internal Audit & Risk Management

Badge: Influential

Ross Peachey

Ross Peachey

Badge: Energizer



Badge: Social



Badge: Influential


NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Discussions: 88 total

Must be a Topic member to contribute
View All »
Hello When doing an assessment for a new solution orsystem, and you identify critical, high, med, and low vulnerabilities which hasposed high risk to the solution. When discussing the risk register with thebusiness and technical owners for remediation’s. ...
AHMED359 | 10/3/2015 8:04:27 AM | COMMENTS(4)
Dear all Please find  link for FlipBoard Magazine, created for CISOs by CISO. For best reading experience, use FlipBoard app regards Gupta
Gupta Boda | 9/4/2015 9:57:32 AM | COMMENTS(3)
FOr firms looking to integrate security controls into their product lifecycle, integration with the organization's quality control & assurance governance is key. What recommendation can our community SMEs provide to an organization to ensure security gove...
David Scott | 8/6/2015 9:17:26 AM | COMMENTS(2)
Hello guys, I've done a matrix example for SOC activities, i would share it with you and your advices/comments for improving it. For the moment, i use dropbox for sharing and contact information are in the document. Link:
Damien643 | 7/17/2015 8:27:48 AM | COMMENTS(8)
Last week, the popular password management software LastPass got hacked. (see link for news detail: will get hacked, just like any systems out there these days...
ShanShan | 7/2/2015 3:32:06 AM | COMMENTS(5)
Hope you don't mind me posting in this groupabout this year's ISACA Ireland conference, which is focusing on placingbusiness first. Wewould like this conference to be as successful as last year's, which was trulyinternational with 24 speakers from 12 coun...
Neil_Curran | 6/17/2015 5:42:08 AM | COMMENTS(1)

Documents & Publications: 200 total

Events & Online Learning: 18 total

19 Aug 2013
ISACA International Event
San Francisco, CA, USA
14 Oct 2013
ISACA International Event
Boston, MA, USA
6 Nov 2013
ISACA International Event
Las Vegas, NV, USA
North America ISRM features relevant security and risk management topics presented by leading industry experts and practitioners.
11 Aug 2014
ISACA International Event
Seattle, WA, USA

Journal Articles: 500 total

Volume 5, 2015
by Jeimy J. Cano, Ph.D., COBIT Foundation, CFE
Cyberinsurance is a way to account for cyberrisk and considers the new possible business responsibilities arising from operating in an international context.
Volume 5, 2015
by Fredric Greene, CISSP
Detective controls are a key component of a cybersecurity program in providing visibility into malicious activity, breaches and attacks on an organization’s IT environment.
Volume 5, 2015
by Ganapathi Subramaniam
How do I ensure that my organization has controls to protect itself from cyberrisk?
Volume 5, 2015
by Omar Y. Sharkasi, CBCP, CFE, CRP
IT leaders must increase cybersecurity public awareness and coordination across the subset of federal governments, all while having to do more with less.
Volume 5, 2015
by Seymour Bosworth, Michel E. Kabay and Eric Whyne | Reviewed by Dino Ippoliti, CISA, CISM
Many students and young professionals want to know which topics they should master in the information security field.
Volume 4, 2015
by Sivarama Subramanian, CISM, Varadarajan Vellore Gopal, CEH, and Marimuthu Muthusamy
The Internet of Things (IoT) is captivating organizations because of its potential to rapidly transform businesses and people’s lives.

Wikis: 2 total

Blog Posts: 117 total

It is interesting to note that the Government of India's Department of Engineering and Information Technology has issued National Encryption Policy for public comment.  And today the first addendum for the same has been issued for the people to refer to. ...
Posted By : Mayank | 0 comments
Information Security and IT operations generally do not go hand in hand or I rather make a not so controversial statement that IT Operations Folks generally don't like Information Security Folks for they see the Information security folks to be the Show S...
Posted By : Mayank | 0 comments
One thing I learned early on in dealing with IT security issues at a small financial institution is that some of the client's vendors and service providers actually resort to lying as a way of dodging performing such tasks as patching servers, paying for ...
Posted By : Guy399 | 0 comments
Throughout my career I have experienced various “philosophies” in planning and design of IT projects. Some choose the fire fighter philosophy, while others choose the “agile as an excuse for insufficient design”. On the other end of the scale I have found...
Posted By : John410 | 0 comments
On my last post in the CCI Blog, I described how American Water Works Association Cyber Security Framework didn’t addressed the detection Cyber Security events measures for these control systems.Today I have seen a good tweet (as always) from our collea...
Posted By : Enrique229 | 0 comments
Water Management Cyber Security guide from the American Water Works Association is bypassing certain critical controls on ICS Networks. Are we still in time in Spain to avoid this mishap? I know I should be looking for the needle in the Haystack, but lo...
Posted By : Enrique229 | 0 comments