Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

Information Security Management

Welcome to the Information Security Management topic!

Collaborate, contribute, consume and create knowledge around topics such as cloud computing, application security, vulnerability management, PCI, and data protection.

ISACA members can participate by clicking on the “Join this Community” button. You must be signed into the site. Set your alerts to be notified of new discussion activity within this community. Not an ISACA member? Join now!

This Topic Has:
1050 Members
2 Online
10895 Visits

Community Leader

Marc Vael

Marc Vael

Title: Director Internal Audit & Risk Management

Badge: Influential

Ross Peachey

Ross Peachey

Badge: Energizer



Badge: Observer



Badge: Influential


NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Discussions: 82 total

Must be a Topic member to contribute
View All »
helloI have posted a new topic discussion asking for an advice for general IS policy and AUP with the draft version if you a...
AHMED359 | 5/11/2015 9:44:07 AM | COMMENTS(2)
Anyone has experience or under the requirements of the UK Data Protection Act? I am in Hong Kong following the data privacy ordinance but it is an ordinance, no legal impact at this moment but more on reputation if issue found.  So most of the companies i...
chungangus | 5/6/2015 10:37:09 AM | COMMENTS(4)
Hello guys, I've done a matrix example for SOC activities, i would share it with you and your advices/comments for improving it. For the moment, i use dropbox for sharing and contact information are in the document. Link:
Damien643 | 5/3/2015 4:56:09 PM | COMMENTS(4)
Dear Gentlemen,I have a topic here I need to your expert advice, in a newlyformed Information security section in a very low mature organization which hadthe security function scattered and didn’t have a clear direction. After theformation of the new func...
AHMED359 | 5/1/2015 2:37:05 PM | COMMENTS(13)
Does anyone know of a CISM study group for the upcoming exam, or have any suggestions on what and how to study for the exam.
REGGIE554 | 5/1/2015 2:13:11 PM | COMMENTS(6)
Many writers urgue that CISOs are generally misunderstood and under-appreciated by their C-Level Peers. One of the reasons advanced is that of CISOs inability to connect security and business. The article below seems to resonate the same urguement. http:/...
Simiyu | 4/19/2015 11:09:44 PM | COMMENTS(4)

Documents & Publications: 197 total

Must be a Topic member to contribute
View All »
White Papers
Posted by ISACA 11 days ago
Posted by ISACA 25 days ago
Posted by ISACA 39 days ago

Events & Online Learning: 17 total

19 Aug 2013
ISACA International Event
San Francisco, CA, USA
14 Oct 2013
ISACA International Event
Boston, MA, USA
6 Nov 2013
ISACA International Event
Las Vegas, NV, USA
North America ISRM features relevant security and risk management topics presented by leading industry experts and practitioners.
11 Aug 2014
ISACA International Event
Seattle, WA, USA

Journal Articles: 500 total

Volume 3, 2015
by Steve Woo
The adoption of cloud-based retail applications, as well as increasing demands for agility, for example, with pop-up retail, is changing the requirements for network access.
Volume 3, 2015
by Daniel Mellado, Luis Enrique Sanchez, Eduardo Fernandez-Medina and Mario Piattini | Reviewed by A. Krista Kivisild, CISA, CA, CPA
With new technology supporting all areas of life, management increasingly needs to evaluate the areas of risk and concern that they need to be aware of and address within the business.
Volume 3, 2015
by Roberto Puricelli, CISM
In recent years, numerous cases of advanced persistent threats (APTs) and data breaches have been seen, with those involving the largest, most high-profile enterprises garnering the most media attention.
Volume 3, 2015
by Steven J. Ross, CISA, CISSP, MBCP
Every now and again, I like to take a poke at standards, just to see what makes them work. Under consideration here is the cybersecurity framework published by the US National Institute of Standards and Technology early in 2014.
Volume 3, 2015
by Brett van Niekerk, Ph.D., and Pierre Jacobs
According to a survey by Infonetics Research, companies operating their own data centers spent an average of US $17 million on security products in 2013.
Volume 3, 2015
by Robert F. Smallwood | Reviewed by Upesh Parekh, CISA
By 2016, one in five chief information officers in regulation industries will be fired from their job for a failed information governance (IG) initiative.

Wikis: 2 total

Blog Posts: 106 total

Lately i have been pre-occupied with how to add value to the Audit function as against the more established assurance service Audit has been known for. I see the value in the consulting approach, this is a more pre-emptive approach, allowing the organizat...
Posted By : Clemmento | 0 comments
Un solo control o contramedida suele no ser suficiente para eliminar el riesgo, por este motivo suelen usarse distintos controles para proteger un activo. Al proceso de establecer defensas en distintas capas se le denomina defensa en profundidad (tamb...
Posted By : AlejandroAV | 0 comments
Según un estudio realizado por ISACA y RSA Conference, el 82 por ciento de las organizaciones esperar a ser atacado en 2015, pero dependen de profesionales que consideran poco cualificado e incapaz de manejar las complejas amenazas o entender su negoc...
Posted By : AlejandroAV | 0 comments
Recently, I participated in the First Annual Conference of ICT SECURITY WORLD held on Wednesday, March 4, 2015 at the National Centre for Public Administration and Local Government in Tavros, Athens. The presence of ISACA Athens Chapter was a pleasant sur...
Posted By : Konstantinos741 | 0 comments
29 Mar 2015
As I interview IA professionals I get the feeling that as organizations move toward the adoption of the big-data fueled decision-making paradigm senior decision makers are focusing on the implications of big-data as it pertains to their locust of control....
Posted By : Ben Apple | 0 comments
Data Privacy in today's world has crossed over from a requirement dependent on one agency or organization to be the global phenomenon.  Today the data traverses across the countries as well as continents at the speed unimaginable in past. In a flash of se...
Posted By : Mayank | 0 comments