Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

Information Security Management

Welcome to the Information Security Management topic!

Collaborate, contribute, consume and create knowledge around topics such as cloud computing, application security, vulnerability management, PCI, and data protection.

ISACA members can participate by clicking on the “Join this Community” button. You must be signed into the site. Set your alerts to be notified of new discussion activity within this community. Not an ISACA member? Join now!

This Topic Has:
1261 Members
2 Online
12497 Visits

Community Leader

Marc Vael

Marc Vael

Title: Chief Audit Executive

Badge: Influential

Ross Peachey

Ross Peachey

Badge: Energizer



Badge: Social



Badge: Influential


NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Discussions: 107 total

Must be a Topic member to contribute
View All »
Hi All, There's alot of theory thrown around about ROSI. In theory it makes sense. But using these ideas seems problematic in practice. For one thing, ROSI relies on not one, but TWO risk estimates (current and residual).  It's rare to see formal calculat...
Ross Peachey | 6/5/2016 7:11:49 AM | COMMENTS(0)
We all know change control starts from a request (whether it's a user request or business request), however recently in a discussion with auditors they are saying there should be a control in place to address the "authorization of the request"- let it be ...
ShanShan | 6/2/2016 11:53:51 AM | COMMENTS(2)
I need information about typical organizational structure of information security areas in commercial airlines. Thanks
rsabella24 | 5/29/2016 9:22:52 AM | COMMENTS(1)
what is the ideal job description for Head of information security to setup a new infosec team in a bank, i need the job description to submit it to HR dept. to Determine the job weight and set a suitable corporate title for this position.
Tarek EL-Sherif | 5/28/2016 2:33:29 AM | COMMENTS(1)
ISO 27001 internal audits can be a strain on resource, especially if as Information Security Manager you are responsible for creating the schedules and scopes aligned to the standard. So how do you main integrity and impartiality when your organisation do...
Len Shingler | 5/25/2016 8:21:21 AM | COMMENTS(2)
what is the ideal job description for Head of information security
Tarek EL-Sherif | 5/22/2016 6:40:22 AM | COMMENTS(3)

Documents & Publications: 206 total

Must be a Topic member to contribute
View All »
Posted by ISACA 43 days ago
Posted by ISACA 113 days ago
Posted by ISACA 158 days ago

Events & Online Learning: 17 total

Journal Articles: 239 total

Volume 3, 2016
While mobile devices have enhanced productivity, these devices compete for limited attention span and may make it more difficult to gain sufficient attention for security awareness.
Volume 3, 2016
by Devassy Jose Tharakan, CISA, ISO 27001 LA, ITIL, PMP
Organizations that do not position their information security group (ISG) strategically within the organization’s structure often fail to receive the desired benefits.
Volume 3, 2016
Get to know your network.
Volume 3, 2016
by Steven J. Ross, CISA, CISSP, MBCP
Targeted attacks by powerful enemies are forcing us to reconsider almost everything we thought we knew about protecting information resources.
Volume 3, 2016
by Aleksandr Kuznetcov, CISM
This article addresses an existing imbalance between technical issues and process aspects related to SIEM.
Volume 2, 2016
by Jeroen van Lewe, CISA, CEH, CIA, ECSA
In the Netherlands, large-scale cyberattacks on government web sites began in 2011. In 2012, the Dutch government decided to use IT audits as one of the remedies for this issue.

Wikis: 2 total

Blog Posts: 139 total

Yesterday’s security technology will not keep your network safe today, nor will today’s solutions protect you tomorrow. Network security must evolve. And at a rate that keeps it always one step ahead of the threats. These could include factors such as you...
Posted By : rasoolirfan | 0 comments
Big Data, Internet of Things, Ciberseguridad, Transformación Digital, son sin duda las tendencias más mencionadas en todos los medios especializados y no tan especializados. Todas ellas relacionadas, todas ellas fruto de la evolución de conceptos no tan ...
Posted By : AlejandroAV | 0 comments
Every day each employee is part of our Data Loss Prevention Program, protecting the confidentiality of our customers' personnal information.  I would like to ask for your help in protecting PII in email exchanges.  These exchanges occur daily betwe...
Posted By : Robert658 | 0 comments
One of the things that security-minded professionals need to employ is the "trust, but verify" mantra as a part of our daily practices. This is especially true for cloud-hosted applications. During a recent audit of cloud hosted solutions, a very simp...
Posted By : Gary055 | 0 comments
This Gartner article is freely available to the general public. Thought it worthy enough to post here.
Posted By : Gary055 | 0 comments
The perception of time passing is a funny thing. It only seems like yesterday that I was still a child and the summer holiday seemed to last a lifetime. And now, here I am somewhat surprised that my complement of fingers and toes are no longer enough to c...
Posted By : martin.oneal | 0 comments