Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

Information Security Management

Welcome to the Information Security Management topic!

Collaborate, contribute, consume and create knowledge around topics such as cloud computing, application security, vulnerability management, PCI, and data protection.

ISACA members can participate by clicking on the “Join this Community” button. You must be signed into the site. Set your alerts to be notified of new discussion activity within this community. Not an ISACA member? Join now!

 
This Topic Has:
1036 Members
1 Online
10796 Visits

Community Leader

Marc Vael

Marc Vael

Title: Director Internal Audit & Risk Management

Badge: Influential

Ross Peachey

Ross Peachey

Badge: Energizer

ShanShan

ShanShan

Badge: Lively

Simiyu

Simiyu

Badge: Influential

 

NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Discussions: 81 total

Must be a Topic member to contribute
View All »
Anyone has experience or under the requirements of the UK Data Protection Act? I am in Hong Kong following the data privacy ordinance but it is an ordinance, no legal impact at this moment but more on reputation if issue found.  So most of the companies i...
chungangus | 5/4/2015 12:20:28 PM | COMMENTS(1)
Hello guys, I've done a matrix example for SOC activities, i would share it with you and your advices/comments for improving it. For the moment, i use dropbox for sharing and contact information are in the document. Link: https://www.dropbox.com/...
Damien643 | 5/3/2015 4:56:09 PM | COMMENTS(4)
Dear Gentlemen,I have a topic here I need to your expert advice, in a newlyformed Information security section in a very low mature organization which hadthe security function scattered and didn’t have a clear direction. After theformation of the new func...
AHMED359 | 5/1/2015 2:37:05 PM | COMMENTS(13)
Does anyone know of a CISM study group for the upcoming exam, or have any suggestions on what and how to study for the exam.
REGGIE554 | 5/1/2015 2:13:11 PM | COMMENTS(6)
Many writers urgue that CISOs are generally misunderstood and under-appreciated by their C-Level Peers. One of the reasons advanced is that of CISOs inability to connect security and business. The article below seems to resonate the same urguement. http:/...
Simiyu | 4/19/2015 11:09:44 PM | COMMENTS(4)
Hi All, I've been asked by a colleague about information security Threat Taxomonies (or lists) to assist him with the risk identification process. He already has the ISF IRAM2 documentation (Appendix F). Have provided additional references to: NIST S...
Ross Peachey | 3/30/2015 4:32:01 AM | COMMENTS(3)

Documents & Publications: 196 total

Events & Online Learning: 16 total

19 Aug 2013
ISACA International Event
San Francisco, CA, USA
14 Oct 2013
ISACA International Event
Boston, MA, USA
6 Nov 2013
ISACA International Event
Las Vegas, NV, USA
North America ISRM features relevant security and risk management topics presented by leading industry experts and practitioners.
11 Aug 2014
ISACA International Event
Seattle, WA, USA

Journal Articles: 500 total

Volume 3, 2015
by Steve Woo
The adoption of cloud-based retail applications, as well as increasing demands for agility, for example, with pop-up retail, is changing the requirements for network access.
Volume 3, 2015
by Daniel Mellado, Luis Enrique Sanchez, Eduardo Fernandez-Medina and Mario Piattini | Reviewed by A. Krista Kivisild, CISA, CA, CPA
With new technology supporting all areas of life, management increasingly needs to evaluate the areas of risk and concern that they need to be aware of and address within the business.
Volume 3, 2015
by Roberto Puricelli, CISM
In recent years, numerous cases of advanced persistent threats (APTs) and data breaches have been seen, with those involving the largest, most high-profile enterprises garnering the most media attention.
Volume 3, 2015
by Steven J. Ross, CISA, CISSP, MBCP
Every now and again, I like to take a poke at standards, just to see what makes them work. Under consideration here is the cybersecurity framework published by the US National Institute of Standards and Technology early in 2014.
Volume 3, 2015
by Brett van Niekerk, Ph.D., and Pierre Jacobs
According to a survey by Infonetics Research, companies operating their own data centers spent an average of US $17 million on security products in 2013.
Volume 2, 2015
by Dan Shoemaker and William Arthur Conklin | Reviewed by Dauda Sule, CISA
Cybersecurity: The Essential Body of Knowledge is based on the US Department of Homeland Security’s compendium of best practices.

Wikis: 2 total

Blog Posts: 104 total

Según un estudio realizado por ISACA y RSA Conference, el 82 por ciento de las organizaciones esperar a ser atacado en 2015, pero dependen de profesionales que consideran poco cualificado e incapaz de manejar las complejas amenazas o entender su negoc...
Posted By : AlejandroAV | 0 comments
Recently, I participated in the First Annual Conference of ICT SECURITY WORLD held on Wednesday, March 4, 2015 at the National Centre for Public Administration and Local Government in Tavros, Athens. The presence of ISACA Athens Chapter was a pleasant sur...
Posted By : Konstantinos741 | 0 comments
29 Mar 2015
As I interview IA professionals I get the feeling that as organizations move toward the adoption of the big-data fueled decision-making paradigm senior decision makers are focusing on the implications of big-data as it pertains to their locust of control....
Posted By : Ben Apple | 0 comments
Data Privacy in today's world has crossed over from a requirement dependent on one agency or organization to be the global phenomenon.  Today the data traverses across the countries as well as continents at the speed unimaginable in past. In a flash of se...
Posted By : Mayank | 0 comments
I saw Garry at the Sydney Chapter’s successful Strategic Planning event in July 2014.  He was animated and gregarious during the evening’s cocktail event and it felt good to see him again and catch...
Posted By : Rob Hanson | 0 comments
If you are still using excel for your governance, risk and compliance Maclear eGRC SuiteTM have put together a whitepaper to help you understand the benefits of automation and what to look for when selecting your solution. IT GRC Whitepaper includes: 1...
Posted By : SHAMU2015 | 0 comments