Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

Information Security Management

Welcome to the Information Security Management topic!

Collaborate, contribute, consume and create knowledge around topics such as cloud computing, application security, vulnerability management, PCI, and data protection.

ISACA members can participate by clicking on the “Join this Community” button. You must be signed into the site. Set your alerts to be notified of new discussion activity within this community. Not an ISACA member? Join now!

 
This Topic Has:
895 Members
4 Online
9819 Visits

 Recent Discussions

IS Security Reporting Structures. Posted by grayowl.
Any standard checking for security process in ITIL. Posted by chungangus.
Asset based versus holistic information securi... Posted by Koen Béroudiaux.

Community Leader

Farooq Wahab Naiyer
Marc Vael

Marc Vael

Badge: Influential

Ross Peachey

Ross Peachey

Badge: Social

Simiyu

Simiyu

Badge: Influential

 

NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Discussions: 64 total

Must be a Topic member to contribute
View All »
I am reviewing an existing security process in the ITIL framework.  All new services have to go through a security checklist before the service going to launch in the service catalog. I am thinking any standard template or methodology we have to follow? I...
chungangus | 9/18/2014 6:20:17 AM | COMMENTS(2)
On of the biggest impacts in the ISO 27001:2013 standard is the omission of the words "asset based" in the requirements of risk assessment. Risk assessment may still be asset based, but as of chapter 4 (Context of the organization) risks are much more end...
Koen Béroudiaux | 9/18/2014 6:15:39 AM | COMMENTS(3)
Dear All, I think a security access review or identity certification is a common task to examine the authority are fulfilling "need-to-know" or "least privilege" principles or more for a user access.The question is how deep or wide of the scope is minimum...
chungangus | 9/14/2014 11:14:05 PM | COMMENTS(4)
I am looking for mapping of SABSA attributes taxonomy to ISO 27001's PDCA, ITIL & COBIT 5 models.
Glory Idehen | 9/3/2014 7:39:14 AM | COMMENTS(2)
What are the challenges, what should be the scope limitation, how do you enhance privacy of your data and processes.
Simiyu | 8/26/2014 5:49:54 AM | COMMENTS(4)
Greetings! I need some advice since my searches have not come up with much just yet. Does anyone know of any good reference materials I could use that would help me for a presentation I need to give that covers the relationship between IT Audit and Info...
edward352 | 8/26/2014 4:18:20 AM | COMMENTS(3)

Documents & Publications: 200 total

Must be a Topic member to contribute
View All »
Books
Posted by ISACA 12 days ago
Books
Posted by ISACA 12 days ago
Downloads
Posted by ISACA 29 days ago
Downloads
Posted by ISACA 29 days ago
Downloads
Posted by ISACA 29 days ago

Events & Online Learning: 19 total

19 Aug 2013
ISACA International Event
San Francisco, CA, USA
14 Oct 2013
ISACA International Event
Boston, MA, USA
6 Nov 2013
ISACA International Event
Las Vegas, NV, USA
North America ISRM features relevant security and risk management topics presented by leading industry experts and practitioners.

Journal Articles: 500 total

Volume 5, 2014
by William Emmanuel Yu, Ph.D., CISM, CRISC, CISSP, CSSLP
As enterprises attempt to determine the best ways of handling today’s bring your own device (BYOD) trends, they also realize the potential for mobilizing their existing enterprise systems and applications.
Volume 5, 2014
by Giuliano Pozza
The discussion around bring your own device (BYOD) policies is often focused on topics such as the opportunity, risk and security implications of using personal devices and user apps in the business context.
Volume 5, 2014
by Steven J. Ross, CISA, CISSP, MBCP
“CERT,” in the context of information security, is a term with a long and noble pedigree.
Volume 5, 2014
by John Simiyu Masika, CISA, CISM
Leading change means putting in place systematic processes aimed at transforming the information security management and practices within the organisation.
Volume 5, 2014
by Ed Gelbstein, Ph.D.
There are three domains that impact information security.
Volume 5, 2014
by Thomas Borton, CISA, CISM, CRISC, CISSP
Get to know your network.

Wikis: 2 total

Blog Posts: 126 total

8 Sep 2014
Posted By : masarker | 3 comments
Kali Linux is a versatile operating system that comes with a number of security assessment and penetration testing tools. Deriving and practicing these tools without a proper framework can lead to unsuccessful testing and might produce unsatisfied resul...
Posted By : Rungga | 0 comments
7 Sep 2014
Now a days, you don’t need to be a IT guru or best software programmer to access /control other personal/organization data. If you follow below techniques, you can easily get confidential information. 1. Masquerading 2. Tailgeting (Piggy back) 3. Dum...
Posted By : Shaklain | 0 comments
Penetration testing, often abbreviated as pentest, is a process that is followed to conduct an in-depth security assessment or audit. A methodology defines a set of rules, practices, and procedures that are pursued and implemented during the course of an...
Posted By : Rungga | 0 comments
There is always a need to understand and practice the correct terminology for security assessment. Throughout your career, you may run into commercial grade companies and non-commercial organizations that are likely to misinterpret the term penetration t...
Posted By : Rungga | 0 comments
My self-study is a combination of CISA 2009 and CISA 2014. The profit of knowledge gained through career experience is not enough to understand job practice area. In today's condition, the auditing process needs attention! Auditing and Auditors: A...
Posted By : Shanthamurthy926 | 0 comments