Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

Information Security Management

Welcome to the Information Security Management topic!

Collaborate, contribute, consume and create knowledge around topics such as cloud computing, application security, vulnerability management, PCI, and data protection.

ISACA members can participate by clicking on the “Join this Community” button. You must be signed into the site. Set your alerts to be notified of new discussion activity within this community. Not an ISACA member? Join now!

This Topic Has:
882 Members
1 Online
9717 Visits

 Recent Discussions

Security Access Review Scope or Depth Query. Posted by chungangus.
Call for Papers and Discount Code for ISACA Ir... Posted by Neil_Curran.
Relationship between IT Audit ad Information Security. Posted by edward352.

Community Leader

Farooq Wahab Naiyer
Marc Vael

Marc Vael

Badge: Energizer

Ross Peachey

Ross Peachey

Badge: Social



Points: 14462

Badge: Energizer


NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Discussions: 61 total

Must be a Topic member to contribute
View All »
Dear All, I think a security access review or identity certification is a common task to examine the authority are fulfilling "need-to-know" or "least privilege" principles or more for a user access.The question is how deep or wide of the scope is minimum...
chungangus | 8/19/2014 11:05:16 PM | COMMENTS(0)
Hi Everyone, I'm the chapter president of ISACA Ireland and would like to let members of this topic know that we are seeking innovative, practical and / or thought provoking session proposals for our conference on 3rd Oct 2014.  For knowledge center membe...
Neil_Curran | 8/7/2014 2:47:28 AM | COMMENTS(1)
Greetings! I need some advice since my searches have not come up with much just yet. Does anyone know of any good reference materials I could use that would help me for a presentation I need to give that covers the relationship between IT Audit and Info...
edward352 | 8/7/2014 2:36:37 AM | COMMENTS(2)
What are the challenges, what should be the scope limitation, how do you enhance privacy of your data and processes.
Simiyu | 8/7/2014 2:24:22 AM | COMMENTS(2)
In my experience is not so easy to convince Mangement about the importance to work towards a certification process in Security, they do not yet percieved it as a value added nor a competitive advantages. If any of you has arguments that works for you plea...
Cristina Ledesma | 5/27/2014 5:04:03 AM | COMMENTS(8)
BMIS promotes systems thinking dynamic approach which can solve the balance question between pragmatic solutions and dogmatic behaviour on information & IT security alike. So here is my question to you: is this systems thinking valid for information secur...
Marc Vael | 5/26/2014 10:01:36 AM | COMMENTS(4)

Documents & Publications: 195 total

Must be a Topic member to contribute
View All »
Posted by ISACA 18 hours ago
Posted by ISACA 10 days ago
Posted by ISACA 23 days ago
Posted by ISACA 29 days ago

Events & Online Learning: 15 total

19 Aug 2013
ISACA International Event
San Francisco, CA, USA
14 Oct 2013
ISACA International Event
Boston, MA, USA
6 Nov 2013
ISACA International Event
Las Vegas, NV, USA
North America ISRM features relevant security and risk management topics presented by leading industry experts and practitioners.

Journal Articles: 500 total

Volume 4, 2014
by Robert E Stroud, CGEIT, CRISC
Get to know your network.
Volume 4, 2014
by Steven J. Ross, CISA, CISSP, MBCP
The time has come to accept that cyberattacks are a global reality—malicious forces in the world have gone beyond vandalism toward institutionalized espionage, sabotage and crime.
Volume 4, 2014
by Viktor Polic, Ph.D., CISA, CRISC, CISSP
Information security vendors have recognized the need to optimize the process of managing ethical hacking projects with the goal to reduce their costs.
Volume 3, 2014
by Paul John Steinbart, Robyn Raschke, Graham Gal and William N. Dilla, Ph.D., CPA
The internal audit and information security functions can synergistically work together to optimize the overall effectiveness of information security.
Volume 3, 2014
by Steven J. Ross, CISA, CISSP, MBCP
The issue is no longer whether cyberattacks occur, but what to do about them.
Volume 3, 2014
by Benjamin Power, CISA, CPA
It is critical that IS audit and control professionals know how to write a good risk statement that is impactful and aligned to better practice.

Wikis: 2 total

Blog Posts: 121 total

  Rob Stroud is the New York based Vice President of Strategy and Innovation at CA Technologies and is the current President for the 2014-15 administrative term.  I caught up with Rob in Australia when he...
Posted By : Rob Hanson | 1 comments
21 Jul 2014
Hello Friends. Recently published in whole youtube chats security conferiencia Rooted Con  2014  (Security conference in Spain)They have generally been very interesting. Here some links:
Posted By : ALBERTO883 | 0 comments
Hi everyone!  I've drawn a big picture based on the information of the COBIT 5 Process as well as the ISO Standards and ITIL, to present and share it with other colleagues and for further discussions.  Well, I hope that Model will be useful, bec...
Posted By : Dirk445 | 9 comments
19 Jun 2014
Posted By : masarker | 2 comments
As an IT-security specialist i read a lot of standards, guides, frameworks and drafts on all matters of information security. When the EU Data Protection Regulation draft was first published in January 2012, i was eager to see what visions the EU h...
Posted By : Gaffri | 0 comments
In business the information security is the most important factor of operations stability. Prevents data loss , ensures companies data classified or not , to remain intact. Security Officers should establish company policies , procedures etc.. in orde...
Posted By : Constantinos297 | 0 comments