Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

Information Security Management

Welcome to the Information Security Management topic!

Collaborate, contribute, consume and create knowledge around topics such as cloud computing, application security, vulnerability management, PCI, and data protection.

ISACA members can participate by clicking on the “Join this Community” button. You must be signed into the site. Set your alerts to be notified of new discussion activity within this community. Not an ISACA member? Join now!

This Topic Has:
1361 Members
1 Online
13461 Visits

Community Leader

Marc Vael

Marc Vael

Title: Chief Audit Executive

Badge: Energizer

Ross Peachey

Ross Peachey

Badge: Energizer



Badge: Social



Badge: Influential


NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Discussions: 119 total

Must be a Topic member to contribute
View All »
Boards of Director are taking an increasingly active role in cybersecurity governance.  The question is: what are they looking for and how should you manage your security program to meet their needs? This topic has been addressed in the “Cyber-Risk Oversi...
Ramakrishna593 | 5/9/2017 10:14:14 AM | COMMENTS(1)
I'm currently reviewing the information security function within our organization. I have now the IS charter and the IS program. Upon checking the charter, it says that "the IS Program shall adopt a risk based approach." However, upon checking the IS Prog...
Edzern | 3/28/2017 3:00:31 AM | COMMENTS(2)
What is the information security perspective if the customers reported receiving SMS for transactions they had not performed where this transactions for others customers and sent to them by system error ?
Tarek EL-Sherif | 3/12/2017 5:09:39 AM | COMMENTS(0)
How do you ensure vulnerabilities in your organisation are identified and fixed efficiently? I work in a relatively large organisation (about 4500 employees/about 7000 devices by IP). When we perform vulnerability scans; they always come out with more tha...
Eliud433 | 1/17/2017 6:54:38 AM | COMMENTS(0)
What is the difference between IT Security and IT Risk ?
Tarek EL-Sherif | 1/17/2017 12:43:14 AM | COMMENTS(11)
Hello all, I am searching information regarding topic of Cyber Security Capability Maturity Models. Currently analyzing:> Electricity Subsector Cybersecurity Capability Maturity MODEL (ES-C2M2) as main background document;> ISO/IEC 33071 DIS PAS Informati...
Tomejus | 12/4/2016 6:20:13 AM | COMMENTS(4)

Documents & Publications: 139 total

Must be a Topic member to contribute
View All »
In 2017, Attacks will follow your Data Cyberthreats : What's Coming Next and how to prepare for it.
Posted by Mohamad Javed 108 days ago
A turning point for eGovernment development in Europe?
Posted by Mohamad Javed 109 days ago
How to Protect Yourself and Your Family Worth Spending some time on this Release from Cisco on How to Protect yourself. How do websites collect information? Why do websites collect information about you? What information do websites collect from your computer? Google Analytics How can you give or deny permission to collect information about you?
Posted by Mohamad Javed 109 days ago
Posted by ISACA 111 days ago
Posted by ISACA 230 days ago

Events & Online Learning: 23 total

16 Mar 2015
ISACA International Event
Orlando, FL, USA
15 Jun 2015
ISACA International Event
Ciudad de México, Mexico
21 Sep 2015
ISACA International Event
Miami, FL, USA
21 Sep 2015
ISACA International Event
06010 Mexico City, Panama
La Conferencia Latinoamericana CACS/ISRM

Journal Articles: 290 total

Volume 3, 2107
by Jayakumar Sundaram, CISA, ISO 27001 LA
The SoA is a continuously updated and controlled document that provides an overview of information security implementation.
Volume 3, 2017
The resolve to address IoT device security at various levels—hardware and software, government and enterprise, consumers and services—is widespread.
Volume 3, 2017
by Hemant Patel, CISM, ITIL, PMP, TOGAF
Security needs to be addressed at all stages of the IoT system life cycle, including the design, installation, configuration and operational stages.
Volume 3, 2017
What are threats associated with the use of the Internet of Things (IoT) and what approach should one have in implementing security for IoT?
Volume 3, 2017
by Jane Whitgift, CISM, MBCS
Get to know your network.
Volume 3, 2017
by Sakthivel Rajendran, CISA, CRISC, CISM, CEH, GMOB
In today’s age of bring your own device (BYOD), the smartphone is one of the preferred mobile devices to access enterprise information.

Wikis: 2 total

Blog Posts: 175 total

Seguro que todos hemos oído en los últimos meses noticiassobre ataques cibernéticos y el impacto que los mismos han tenido en diferentesindustrias y empresas. El último de ellos denominado “WannaCry” ha sidoconsiderado como uno de los mayores ataques info...
Posted By : Rene372 | 0 comments
Have you ever taken a moment to think about what you would do should yourmobile phone become lost or stolen? What if your Personal Identifiable Information(PII) or Sensitive Personal Information (SPI) were sold and used along with yourmobile number? Would...
Posted By : Robert658 | 1 comments
Background At early 2017, Govtech released an article which summarized the top cybersecurity prediction for 2017 from several organizations and companies. If we look back at 2016, cybersecurity attacks are evolved along with the rise of cloud computin...
Posted By : proferyk | 0 comments
Lately I have received a number of questions and concerns around NIST 800-171 so I wanted to write a quick brief on what you need to know.What is NIST 800-171?This is a special publication released by the National Institute of Standards and Technology (NI...
Posted By : Justin238 | 1 comments
The Regulation (EU) N°910/2014 on electronic identification and trust services for electronic transactions in the internal market (eIDAS Regulation) was adopted by the European Union on 23 July 2014 and entered into force on 17.09.2014.The rules on trust ...
Posted By : Julian075 | 0 comments
As end users have increased their usage of mobile devices, the number and sophistication of attacks are also increasing.  While I will focus on protecting your smartphones, you should keep in mind that many of the items discussed apply to your iPa...
Posted By : Robert658 | 1 comments