Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

Information Security Management

Welcome to the Information Security Management topic!

Collaborate, contribute, consume and create knowledge around topics such as cloud computing, application security, vulnerability management, PCI, and data protection.

ISACA members can participate by clicking on the “Join this Community” button. You must be signed into the site. Set your alerts to be notified of new discussion activity within this community. Not an ISACA member? Join now!

This Topic Has:
1144 Members
0 Online
11663 Visits

Community Leader

Marc Vael

Marc Vael

Title: Director Internal Audit & Risk Management

Badge: Influential

Ross Peachey

Ross Peachey

Badge: Energizer



Badge: Social



Badge: Influential


NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Discussions: 91 total

Must be a Topic member to contribute
View All »
On the basis that there is no such thing as a 'stupid' question (and assume positive intent), can we formulate a definition of the term 'security breach'. We all know intuitively what it means, providing a definition is a little harder.
Phil Green | 11/26/2015 11:57:41 AM | COMMENTS(6)
Hi All, I'm interested in what measures people are reporting upwards to demonstrate that the security program is on-track. That the expected business benefits are being delivered cost-effectively and that security risk is managed.Are you able to re-use ex...
Ross Peachey | 11/2/2015 8:39:34 AM | COMMENTS(1)
Is there a document/resource on the ISACA website which provides some content on Security Awareness for employees on topics such as Email Security, Internet Security, etc. ? Alternately, is there some resource on the internet which provides content which ...
Sharad407 | 10/22/2015 9:40:17 AM | COMMENTS(5)
FOr firms looking to integrate security controls into their product lifecycle, integration with the organization's quality control & assurance governance is key. What recommendation can our community SMEs provide to an organization to ensure security gove...
David Scott | 10/22/2015 9:36:34 AM | COMMENTS(4)
Hello When doing an assessment for a new solution orsystem, and you identify critical, high, med, and low vulnerabilities which hasposed high risk to the solution. When discussing the risk register with thebusiness and technical owners for remediation’s. ...
AHMED359 | 10/22/2015 4:25:55 AM | COMMENTS(5)
Dear all Please find  link for FlipBoard Magazine, created for CISOs by CISO. For best reading experience, use FlipBoard app regards Gupta
Gupta Boda | 9/4/2015 9:57:32 AM | COMMENTS(3)

Documents & Publications: 201 total

Must be a Topic member to contribute
View All »
Posted by ISACA 6 days ago
Posted by ISACA 16 days ago
Posted by ISACA 16 days ago

Events & Online Learning: 20 total

19 Aug 2013
ISACA International Event
San Francisco, CA, USA
14 Oct 2013
ISACA International Event
Boston, MA, USA
6 Nov 2013
ISACA International Event
Las Vegas, NV, USA
North America ISRM features relevant security and risk management topics presented by leading industry experts and practitioners.
11 Aug 2014
ISACA International Event
Seattle, WA, USA

Journal Articles: 500 total

Volume 6, 2015
by Doron Rotman, CIPP, Chris Kypreos, CIPP, and Sarah Pipes, CIPP
The Internet of Things (IoT) represents an unknown set of forces. However, one known is that IoT-connected devices will generate exponential levels of new data that will lead to powerful insights...
Volume 6, 2015
by Wanbil W. Lee, DBA
Of all the human inventions since the dawn of civilization, the computer is the only one that extends our intellectual power.
Volume 6, 2015
For the past several years, a lot of research, writing and speaking has been focused on the Internet of Things (IoT) and the smart devices that are used within it.
Volume 6, 2015
by Deepak Rout, CISM, CRISC, CISSP
Cybersecurity is frequently discussed, but the meaning and scope of the term have not been consistent. There is even disagreement on how the term is spelt.
Volume 6, 2015
by Jim Seaman, CISM, CRISC
The fantasy once associated with science fiction films is becoming increasingly similar to modern life.
Volume 5, 2015
by Omar Y. Sharkasi, CBCP, CFE, CRP
IT leaders must increase cybersecurity public awareness and coordination across the subset of federal governments, all while having to do more with less.

Wikis: 2 total

Blog Posts: 119 total

Information Security Managers (ISMs) are task with providing security oversight in defending organisations data, systems and building Infrastructures it depends on for making profit, against threats, risks and vulnerabilities such as cyber attacks from th...
Posted By : Prince143 | 0 comments
I am currently recruiting for a Senior IT Auditor - Financial Services , to join the team in Paddington. If you’re a CISA qualified Auditor and keen to travel internationally, please click on the link below. NO AGENCIES
Posted By : Stephen913 | 0 comments
It is interesting to note that the Government of India's Department of Engineering and Information Technology has issued National Encryption Policy for public comment.  And today the first addendum for the same has been issued for the people to refer to. ...
Posted By : Mayank | 0 comments
Information Security and IT operations generally do not go hand in hand or I rather make a not so controversial statement that IT Operations Folks generally don't like Information Security Folks for they see the Information security folks to be the Show S...
Posted By : Mayank | 0 comments
One thing I learned early on in dealing with IT security issues at a small financial institution is that some of the client's vendors and service providers actually resort to lying as a way of dodging performing such tasks as patching servers, paying for ...
Posted By : Guy399 | 0 comments
Throughout my career I have experienced various “philosophies” in planning and design of IT projects. Some choose the fire fighter philosophy, while others choose the “agile as an excuse for insufficient design”. On the other end of the scale I have found...
Posted By : John410 | 0 comments