Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

Information Security Management

Welcome to the Information Security Management topic!

Collaborate, contribute, consume and create knowledge around topics such as cloud computing, application security, vulnerability management, PCI, and data protection.

ISACA members can participate by clicking on the “Join this Community” button. You must be signed into the site. Set your alerts to be notified of new discussion activity within this community. Not an ISACA member? Join now!

 
This Topic Has:
984 Members
3 Online
10322 Visits

Community Leader

Farooq Wahab Naiyer
Marc Vael

Marc Vael

Badge: Influential

Ross Peachey

Ross Peachey

Badge: Social

Simiyu

Simiyu

Badge: Influential

 

NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Discussions: 70 total

Must be a Topic member to contribute
View All »
Please find my latest article here: http://blog.norsecorp.com/2015/01/26/iot-ioe-if-it-has-an-ip-address-it-can-be-hacked/
Michael S. Oberlaender | 1/27/2015 12:36:45 PM | COMMENTS(2)
I am looking for sample/examples of other healthcare facilities Chief Information Security Officer, or similar positions, job descriptions. Thanks in advance for your cooperation.
Lisa850 | 11/18/2014 7:44:45 AM | COMMENTS(4)
This is an interesting article to share about Managing the Information Security Life Cycle http://www.isaca.org/Journal/Past-Issues/2014/Volume-6/Pages/From-Here-to-Maturity.aspx This is like a road map to achieve a high mature information security progra...
AHMED359 | 11/18/2014 5:39:14 AM | COMMENTS(0)
Our healthcare organization is reorganizing its overall reporting structures to include IS Security.  We currently report to the VP/CIO.  We would appreciate hearing from others what model(s) are in use for IS Security reporting. Thank you
grayowl | 11/17/2014 1:23:31 PM | COMMENTS(4)
I am reviewing an existing security process in the ITIL framework.  All new services have to go through a security checklist before the service going to launch in the service catalog. I am thinking any standard template or methodology we have to follow? I...
chungangus | 11/5/2014 7:38:58 AM | COMMENTS(3)
I am going to have the consultant to perform a holistic IT risk assessment for the company, what factors will you consider in picking the best vendor to offer the service? Vendor size, brand, personnel professionalism, reference, cost? Anything else? It i...
chungangus | 11/5/2014 7:34:29 AM | COMMENTS(4)

Documents & Publications: 181 total

Must be a Topic member to contribute
View All »
Research
Posted by ISACA 17 days ago
Books
Posted by ISACA 45 days ago

Events & Online Learning: 17 total

19 Aug 2013
ISACA International Event
San Francisco, CA, USA
14 Oct 2013
ISACA International Event
Boston, MA, USA
6 Nov 2013
ISACA International Event
Las Vegas, NV, USA
North America ISRM features relevant security and risk management topics presented by leading industry experts and practitioners.
11 Aug 2014
ISACA International Event
Seattle, WA, USA

Journal Articles: 500 total

Volume 1, 2015
by Steven J. Ross, CISA, CISSP, MBCP
The jumble of systems, new and antiquated, well and poorly controlled, leads me to conclude that: Cyberthreats are not a security problem. They are a systems problem.
Volume 1, 2015
by Mary Lou Heastings | Reviewed by A. Krista Kivisild, CISA, CA
Everyone from technical practitioners to those just beginning their IS audit, security, risk or governance careers can find value in this general management book as it keeps readers aware of the latest risk concerns.
Volume 1, 2015
by Tieu Luu
In November 2013, the US Office of Management and Budget (OMB) issued memorandum M-14-03 requiring all federal departments and agencies to establish an information security continuous monitoring (ISCM) program.
Volume 1, 2015
by John Nye, CISA, CISM, CRISC, CISSP
For some organizations, the decision to move to the cloud is both obvious and instant. For others, cloud solutions represent intolerable risk.
Volume 1, 2015
by Bill Hargenrader, CISM, CEH, CISSP
ISCM has a major positive impact on improving risk management and compliance across many industries and bodies, including the US federal government, the DoD, and commercial and financial organizations.
Volume 1, 2015
by Seemant Sehgal, CISA, CISM, BS7799 LI, CCNA, CEH, CIW Security Analyst, SABSA
Over the past few decades, cybersecurity has gained pivotal importance in the way businesses operate and survive in their value systems.

Wikis: 2 total

Blog Posts: 99 total

If you are still using excel for your governance, risk and compliance Maclear eGRC SuiteTM have put together a whitepaper to help you understand the benefits of automation and what to look for when selecting your solution. IT GRC Whitepaper includes: 1...
Posted By : Shanthamurthy926 | 0 comments
Ina fast changing world of business and relentless competition, strategicplanning is not only critical, but also the differentiating factor for anorganization. Since IT has moved from a supportive role to a more strategicrole, the IT Strategic Planning an...
Posted By : SA | 0 comments
Telecoms in Uganda have busted a huge fraud scheme perpetuated by an international gang of criminals.This is how it was done:Fraudsters travel from abroad and buy local SIM cards of the different telecoms. In Uganda, the fraudsters bought SIM cards of all...
Posted By : Mustapha345 | 0 comments
Infosec community celebrates new versions of ISO 27001:2013 and ISO 27002:2013. Worth to look at:http://blog.iso27001standard.com/2013/10/08/infographic-new-iso-27001-2013-revision-what-has-changed and everyone should read the story of genesis of  ISO 270...
Posted By : Vilius | 1 comments
Based on recent Research with overseas Commercial Partners, and two Academic Institutions, some significant discoveries were made relating to Cyber Security Vulnerabilities which are being made public later in 2012, which will reveal issues relating to th...
Posted By : John379 | 0 comments
Having been associated with the BS 7799 from its introduction as a Security Standard, and as a Contributor to the ISO 27001, and the last and final Chair of the ISO 27001 at the Department of Trade and Industry (DTI) I have been a long term supporter, and...
Posted By : John379 | 0 comments