Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

Information Security Management

Welcome to the Information Security Management topic!

Collaborate, contribute, consume and create knowledge around topics such as cloud computing, application security, vulnerability management, PCI, and data protection.

ISACA members can participate by clicking on the “Join this Community” button. You must be signed into the site. Set your alerts to be notified of new discussion activity within this community. Not an ISACA member? Join now!

This Topic Has:
1241 Members
0 Online
12325 Visits

Community Leader

Marc Vael

Marc Vael

Title: Chief Audit Executive

Badge: Influential

Ross Peachey

Ross Peachey

Badge: Energizer



Badge: Observer



Badge: Influential


NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Discussions: 102 total

Must be a Topic member to contribute
View All »
We all know change control starts from a request (whether it's a user request or business request), however recently in a discussion with auditors they are saying there should be a control in place to address the "authorization of the request"- let it be ...
ShanShan | 5/3/2016 1:55:51 PM | COMMENTS(0)
I am looking for template or any advice from you regarding IT control KPI if functions are distributed on the basis of ISO 27002. Thank you in advance!
Tomas Martinkenas | 4/26/2016 7:17:53 AM | COMMENTS(0)
ISO 27001 internal audits can be a strain on resource, especially if as Information Security Manager you are responsible for creating the schedules and scopes aligned to the standard. So how do you main integrity and impartiality when your organisation do...
Len Shingler | 4/11/2016 7:23:26 AM | COMMENTS(1)
To what extent is mobile malware a significant threat to enterprises? There's alot of discussion about the vulnerabilities of certain mobile platforms, and noise about mobile malware, usually defined very broadly. Also, the prevalence of banking tro...
Ross Peachey | 4/11/2016 7:16:27 AM | COMMENTS(1)
Hello, I am looking for help with developing categorization for ArcSight Flex connector. If anyone in the group has knowledge regarding Flex connectors for ArcSight then please get in touch with me. Thanks
Anita165 | 3/22/2016 7:55:05 AM | COMMENTS(0)
Hello, I am working on a Cyber Security Awareness program for my company and I was looking for some suggestions, guidance, templates, etc. that anyone could provide. I want this to be an all year program that reiterates the areas covered in the annual cyb...
uvesed | 2/24/2016 3:46:53 AM | COMMENTS(9)

Documents & Publications: 206 total

Must be a Topic member to contribute
View All »
Posted by ISACA 57 days ago
Posted by ISACA 57 days ago
Posted by ISACA 102 days ago

Events & Online Learning: 15 total

Journal Articles: 238 total

Volume 3, 2016
by Devassy Jose Tharakan, CISA, ISO 27001 LA, ITIL, PMP
Organizations that do not position their information security group (ISG) strategically within the organization’s structure often fail to receive the desired benefits.
Volume 3, 2016
Get to know your network.
Volume 3, 2016
by Steven J. Ross, CISA, CISSP, MBCP
Targeted attacks by powerful enemies are forcing us to reconsider almost everything we thought we knew about protecting information resources.
Volume 3, 2016
by Aleksandr Kuznetcov, CISM
This article addresses an existing imbalance between technical issues and process aspects related to SIEM.
Volume 2, 2016
by Jeroen van Lewe, CISA, CEH, CIA, ECSA
In the Netherlands, large-scale cyberattacks on government web sites began in 2011. In 2012, the Dutch government decided to use IT audits as one of the remedies for this issue.
Volume 2, 2016
by Shubhamangala B. R. and Snehanshu Saha, Ph.D.
Why are breaches continuing despite deploying cutting-edge solutions supported by compliance to thwart the attacks?

Wikis: 2 total

Blog Posts: 130 total

1. Objective and Convergence of BYOD According to PCWorld definition; BYOD —also called bring your own technology (BYOT), bring your own phone (BYOP), and bring your own PC (BYOPC)—refers to the policy of permitting employees to bring personally owned mo...
Posted By : Navid Baradaran | 0 comments
Disclaimer: This only represent my experience Views and opinion Introduction Information Security Manager’s oversee information security programs which includes network security in organisations or business enterprises. With documented knowledge ab...
Posted By : Prince143 | 0 comments
I must be honest and say that up until the day I saw the advert inviting applications for trainee IT Analyst positions in one of the members of the Big-4 that operate in Swaziland, I had no clue about the exciting world of assurance in IT. I had always vi...
Posted By : Tipho217 | 0 comments
If life were a comic book, I would be the Villain ‘Two-Face’. My career as a Privacy and Information Security professional brings me into a constant battle between my role as an advocate for keeping information secret and a defender of Security. The str...
Posted By : HPMahan | 0 comments
The PCI Council has announced some new information on the upcoming version of PCI - Version 3.2.  Find out the latest here: http:/
Posted By : Stewart141 | 0 comments
Let us have positive inspirational slogans for every situation. Last week I started the project meeting like this: I don't know you are all so good at tuning the website. The performance is now is wonderful. I could witness reduction of stress, anxiety an...
Posted By : Jayakumar Sundaram | 0 comments