Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

Information Security Management

Welcome to the Information Security Management topic!

Collaborate, contribute, consume and create knowledge around topics such as cloud computing, application security, vulnerability management, PCI, and data protection.

ISACA members can participate by clicking on the “Join this Community” button. You must be signed into the site. Set your alerts to be notified of new discussion activity within this community. Not an ISACA member? Join now!

 
This Topic Has:
847 Members
3 Online
9394 Visits

 Recent Discussions

Applying military strategy to IT problems. Posted by Simiyu.
Social Engineering. Posted by Cristina Ledesma.
Content, Frequency and Effectiveness of IT Sec... Posted by LJC.
NEW! Participate in Discussions Via Email. 

You can now respond to discussions by simply replying to the email alert. Just enable this feature in discussions on this topic. Learn more

Discussions: 57 total

Must be a Topic member to contribute
View All »
It is well known that strategic management borrows heavily from military science.. How far do you agree with the below article?.http://www.techrepublic.com/blog/tech-decision-maker/applying-military-strategy-to-it-problems/?tag=nl.e019&s_cid=e019&ttag=e01...
Simiyu | 4/8/2014 9:22:49 AM | COMMENTS(6)
The idea is to analize this topic by its different components, information, people and legal consecuences. My first concern is how to deal in an effective way with it if in my opinion the worst vulerability is in people who can be of very different cultur...
Cristina Ledesma | 4/3/2014 4:46:40 PM | COMMENTS(5)
What suggestions do you have for increasing awareness without resulting in "training" fatigue?  Our goal is to have annual formal awareness training but although well received it has been only moderately successful.  We still have folks falling prey to te...
LJC | 2/24/2014 1:08:05 AM | COMMENTS(4)
I want to know what techniques / methodologies are used to implement governance in IS, I mean for instance objectives, metrics, balance scorecard, etc..
Cristina Ledesma | 2/3/2014 5:29:42 AM | COMMENTS(1)
BMIS promotes systems thinking dynamic approach which can solve the balance question between pragmatic solutions and dogmatic behaviour on information & IT security alike. So here is my question to you: is this systems thinking valid for information secur...
Marc Vael | 2/3/2014 5:07:42 AM | COMMENTS(2)
Has anyone had experience transferring their existing ISO 27000 risk management into the COBIT framework? Understandably management want more value out of the risk register but I'm hestitant to throw identified risks in the bin and start again as has bee...
Catherine002 | 11/12/2013 11:28:26 PM | COMMENTS(1)

Documents & Publications: 178 total

Must be a Topic member to contribute
View All »
Books
Posted by ISACA 14 days ago
Books
Posted by ISACA 14 days ago
White Papers
Posted by ISACA 16 days ago
Downloads
Posted by ISACA 16 days ago
Downloads
Posted by ISACA 16 days ago

Events & Online Learning: 12 total

19 Aug 2013
ISACA International Event
San Francisco, CA, USA
14 Oct 2013
ISACA International Event
Boston, MA, USA
6 Nov 2013
ISACA International Event
Las Vegas, NV, USA
North America ISRM features relevant security and risk management topics presented by leading industry experts and practitioners.

Journal Articles: 500 total

Volume 2, 2014
by Key Mak, CISM, CAP, CISSP, ITIL, PMP, Security Plus, ECMp
Whether launching an information security project or developing a road map for an enterprise, determining where to start can be overwhelming.
Volume 2, 2014
by John H. White, Ph.D., CISA, CPA
IT professionals must be aware of the recent, important changes in the COSO framework.
Volume 2, 2014
by Paul John Steinbart, Robyn Raschke, Graham Gal and William N. Dilla, Ph.D., CPA
The internal audit and information security functions should play complementary roles in an organization’s information security program.
Volume 2, 2014
by Vimal Mani, CISA, CICA
In November 2013, the ISO and the IEC formally released the long-anticipated updates to ISO/IEC 27001 and 27002.
Volume 2, 2014
by Steven J. Ross, CISA, CISSP, MBCP
While certain systems and their associated data may be of obvious importance to a department or an organization as a whole, it does not follow that that which is less evident is not vital to the organization’s welfare.
Volume 2, 2014
by Steven J. Ross, CISA, CISSP, MBCP
There is always something newsworthy about information security, risk management and disaster recovery.

Wikis: 2 total

Blog Posts: 196 total

22 Mar 2014
SGSI Risk Management in LATAM-Argentina
Posted By : GMB_Gustavo Blanco | 0 comments
19 Mar 2014
At a recent IT event a show of hands was used to provide theback drop for how change is a consistently evolving event. How many of youbelieve that the number one enterprise Network security Threat is external Hacking?Fifty percent of the room. Ok, how man...
Posted By : Jamie L Yancy | 0 comments
"Combatirse a sí mismo es la guerra más difícil; vencerse a sí mismo es la victoria más bella"Friedrich von Logau (1605-1655) Poeta alemán.En estos momentos en que la contratación de un profesional para una empresa debe de ser un tema muy bien planteado, ...
Posted By : Javier | 0 comments
13 Mar 2014
Complying with a multitude of complex regulations, assessing risks of non-compliance with each statute and guideline, implementing controls for every process across multiple lines of business and at every level of an organization can be overwhelming. So m...
Posted By : CraigerGRC | 0 comments
Community of Sponsoring Organizations, essentially the large audit/consulting firms are big proponents of COSO as an ERM framework of choice. However, ERM programs must work with ITRM programs as majority if not almost all enterprises have their key bus...
Posted By : Umesh391 | 0 comments
Enterprise Architecture Practice provides several benefits to organization. Some of the benefits are listed below:  an improved road map for strategy execution; focused and measured strategy implementation; creating synergies; cost reduction (value for m...
Posted By : SA | 0 comments