Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

Information Security Management

Welcome to the Information Security Management topic!

Collaborate, contribute, consume and create knowledge around topics such as cloud computing, application security, vulnerability management, PCI, and data protection.

ISACA members can participate by clicking on the “Join this Community” button. You must be signed into the site. Set your alerts to be notified of new discussion activity within this community. Not an ISACA member? Join now!

 
This Topic Has:
939 Members
2 Online
10074 Visits

 Recent Discussions

CISO Job Description. Posted by Lisa850.
Managing the Information Security Life Cycle. Posted by AHMED359.
IS Security Reporting Structures. Posted by grayowl.

Community Leader

Farooq Wahab Naiyer
Marc Vael

Marc Vael

Badge: Influential

Ross Peachey

Ross Peachey

Badge: Social

Simiyu

Simiyu

Badge: Influential

 

NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Discussions: 69 total

Must be a Topic member to contribute
View All »
I am looking for sample/examples of other healthcare facilities Chief Information Security Officer, or similar positions, job descriptions. Thanks in advance for your cooperation.
Lisa850 | 11/18/2014 7:44:45 AM | COMMENTS(4)
This is an interesting article to share about Managing the Information Security Life Cycle http://www.isaca.org/Journal/Past-Issues/2014/Volume-6/Pages/From-Here-to-Maturity.aspx This is like a road map to achieve a high mature information security progra...
AHMED359 | 11/18/2014 5:39:14 AM | COMMENTS(0)
Our healthcare organization is reorganizing its overall reporting structures to include IS Security.  We currently report to the VP/CIO.  We would appreciate hearing from others what model(s) are in use for IS Security reporting. Thank you
grayowl | 11/17/2014 1:23:31 PM | COMMENTS(4)
I am reviewing an existing security process in the ITIL framework.  All new services have to go through a security checklist before the service going to launch in the service catalog. I am thinking any standard template or methodology we have to follow? I...
chungangus | 11/5/2014 7:38:58 AM | COMMENTS(3)
I am going to have the consultant to perform a holistic IT risk assessment for the company, what factors will you consider in picking the best vendor to offer the service? Vendor size, brand, personnel professionalism, reference, cost? Anything else? It i...
chungangus | 11/5/2014 7:34:29 AM | COMMENTS(4)
I am looking for mapping of SABSA attributes taxonomy to ISO 27001's PDCA, ITIL & COBIT 5 models.
Glory Idehen | 10/8/2014 11:13:35 PM | COMMENTS(7)

Documents & Publications: 179 total

Must be a Topic member to contribute
View All »
Research
Posted by ISACA 22 days ago
Books
Posted by ISACA 27 days ago
Books
Posted by ISACA 61 days ago

Events & Online Learning: 18 total

19 Aug 2013
ISACA International Event
San Francisco, CA, USA
14 Oct 2013
ISACA International Event
Boston, MA, USA
6 Nov 2013
ISACA International Event
Las Vegas, NV, USA
North America ISRM features relevant security and risk management topics presented by leading industry experts and practitioners.
11 Aug 2014
ISACA International Event
Seattle, WA, USA

Journal Articles: 500 total

Volume 6, 2014
by Steven J. Ross, CISA, CISSP, MBCP
Cyberattacks are a known threat to the information systems of organizations around the world.
Volume 6, 2014
by Ulf T. Mattsson
Data analysts require access to the data to efficiently perform meaningful analysis and gain a return on investment (ROI), and traditional data security has served to limit that access.
Volume 6, 2014
by Kathleen M. Stetz, CISA, CISM, CRISC, PMP
Get to know your network.
Volume 6, 2014
by Kerry A. Anderson, CISA, CISM, CGEIT, CRISC, CCSK, CFE, CISSP, CSSLP, ISSAP, ISSMP
The information security model, while not scientifically vetted, can help the information security practitioner quickly estimate the maturation stage of an information security program.
Volume 6, 2014
by Jeimy J. Cano M., Ph.D, CFE
International trends reflect a paradigmatic change in current business models caused by the markets’ asymmetry and dynamics where instability is the constant and change is the norm.
Volume 5, 2014
by William Emmanuel Yu, Ph.D., CISM, CRISC, CISSP, CSSLP
As enterprises attempt to determine the best ways of handling today’s bring your own device (BYOD) trends, they also realize the potential for mobilizing their existing enterprise systems and applications.

Wikis: 2 total

Blog Posts: 99 total

Ina fast changing world of business and relentless competition, strategicplanning is not only critical, but also the differentiating factor for anorganization. Since IT has moved from a supportive role to a more strategicrole, the IT Strategic Planning an...
Posted By : SA | 0 comments
Telecoms in Uganda have busted a huge fraud scheme perpetuated by an international gang of criminals.This is how it was done:Fraudsters travel from abroad and buy local SIM cards of the different telecoms. In Uganda, the fraudsters bought SIM cards of all...
Posted By : Mustapha345 | 0 comments
Infosec community celebrates new versions of ISO 27001:2013 and ISO 27002:2013. Worth to look at:http://blog.iso27001standard.com/2013/10/08/infographic-new-iso-27001-2013-revision-what-has-changed and everyone should read the story of genesis of  ISO 270...
Posted By : Vilius | 1 comments
Based on recent Research with overseas Commercial Partners, and two Academic Institutions, some significant discoveries were made relating to Cyber Security Vulnerabilities which are being made public later in 2012, which will reveal issues relating to th...
Posted By : John379 | 0 comments
Having been associated with the BS 7799 from its introduction as a Security Standard, and as a Contributor to the ISO 27001, and the last and final Chair of the ISO 27001 at the Department of Trade and Industry (DTI) I have been a long term supporter, and...
Posted By : John379 | 0 comments
and Become More Secure As a penetration tester I find it TOO EASY to fully compromise an internal network – without finding a single “vulnerability”! I spend most of my time on two types of engagements — PCI projects and penetration tests. The pen test...
Posted By : Stewart141 | 0 comments