Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

Information Security Management

Welcome to the Information Security Management topic!

Collaborate, contribute, consume and create knowledge around topics such as cloud computing, application security, vulnerability management, PCI, and data protection.

ISACA members can participate by clicking on the “Join this Community” button. You must be signed into the site. Set your alerts to be notified of new discussion activity within this community. Not an ISACA member? Join now!

This Topic Has:
875 Members
0 Online
9634 Visits

 Recent Discussions

Outsourcing:- information security as a service. Posted by Simiyu.
Why is so difficult train the management about... Posted by Cristina Ledesma.
Applying BMIS in practice. Posted by Marc Vael.

Community Leader

Farooq Wahab Naiyer
Marc Vael
Ross Peachey


Title: IS Audits Manager

NEW! Participate in Discussions Via Email. 

You can now respond to discussions by simply replying to the email alert. Just enable this feature in discussions on this topic. Learn more

Discussions: 59 total

Must be a Topic member to contribute
View All »
What are the challenges, what should be the scope limitation, how do you enhance privacy of your data and processes.
Simiyu | 7/23/2014 2:29:30 AM | COMMENTS(0)
In my experience is not so easy to convince Mangement about the importance to work towards a certification process in Security, they do not yet percieved it as a value added nor a competitive advantages. If any of you has arguments that works for you plea...
Cristina Ledesma | 5/27/2014 5:04:03 AM | COMMENTS(8)
BMIS promotes systems thinking dynamic approach which can solve the balance question between pragmatic solutions and dogmatic behaviour on information & IT security alike. So here is my question to you: is this systems thinking valid for information secur...
Marc Vael | 5/26/2014 10:01:36 AM | COMMENTS(4)
It is well known that strategic management borrows heavily from military science.. How far do you agree with the below article?.
Simiyu | 4/8/2014 9:22:49 AM | COMMENTS(6)
The idea is to analize this topic by its different components, information, people and legal consecuences. My first concern is how to deal in an effective way with it if in my opinion the worst vulerability is in people who can be of very different cultur...
Cristina Ledesma | 4/3/2014 4:46:40 PM | COMMENTS(5)
What suggestions do you have for increasing awareness without resulting in "training" fatigue?  Our goal is to have annual formal awareness training but although well received it has been only moderately successful.  We still have folks falling prey to te...
LJC | 2/24/2014 1:08:05 AM | COMMENTS(4)

Documents & Publications: 193 total

Events & Online Learning: 16 total

19 Aug 2013
ISACA International Event
San Francisco, CA, USA
14 Oct 2013
ISACA International Event
Boston, MA, USA
6 Nov 2013
ISACA International Event
Las Vegas, NV, USA
North America ISRM features relevant security and risk management topics presented by leading industry experts and practitioners.

Journal Articles: 500 total

Volume 4, 2014
by Robert E Stroud, CGEIT, CRISC
Get to know your network.
Volume 4, 2014
by Steven J. Ross, CISA, CISSP, MBCP
The time has come to accept that cyberattacks are a global reality—malicious forces in the world have gone beyond vandalism toward institutionalized espionage, sabotage and crime.
Volume 4, 2014
by Viktor Polic, Ph.D., CISA, CRISC, CISSP
Information security vendors have recognized the need to optimize the process of managing ethical hacking projects with the goal to reduce their costs.
Volume 3, 2014
by Paul John Steinbart, Robyn Raschke, Graham Gal and William N. Dilla, Ph.D., CPA
The internal audit and information security functions can synergistically work together to optimize the overall effectiveness of information security.
Volume 3, 2014
by Steven J. Ross, CISA, CISSP, MBCP
The issue is no longer whether cyberattacks occur, but what to do about them.
Volume 3, 2014
by Benjamin Power, CISA, CPA
It is critical that IS audit and control professionals know how to write a good risk statement that is impactful and aligned to better practice.

Wikis: 2 total

Blog Posts: 121 total

  Rob Stroud is the New York based Vice President of Strategy and Innovation at CA Technologies and is the current President for the 2014-15 administrative term.  I caught up with Rob in Australia when he...
Posted By : Robert564 | 1 comments
21 Jul 2014
Hello Friends. Recently published in whole youtube chats security conferiencia Rooted Con  2014  (Security conference in Spain)They have generally been very interesting. Here some links:
Posted By : ALBERTO883 | 0 comments
Hi everyone!  I've drawn a big picture based on the information of the COBIT 5 Process as well as the ISO Standards and ITIL, to present and share it with other colleagues and for further discussions.  Well, I hope that Model will be useful, bec...
Posted By : Dirk445 | 9 comments
19 Jun 2014
Posted By : masarker | 2 comments
As an IT-security specialist i read a lot of standards, guides, frameworks and drafts on all matters of information security. When the EU Data Protection Regulation draft was first published in January 2012, i was eager to see what visions the EU h...
Posted By : Gaffri | 0 comments
In business the information security is the most important factor of operations stability. Prevents data loss , ensures companies data classified or not , to remain intact. Security Officers should establish company policies , procedures etc.. in orde...
Posted By : Constantinos297 | 0 comments