Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

Information Security Management

Welcome to the Information Security Management topic!

Collaborate, contribute, consume and create knowledge around topics such as cloud computing, application security, vulnerability management, PCI, and data protection.

ISACA members can participate by clicking on the “Join this Community” button. You must be signed into the site. Set your alerts to be notified of new discussion activity within this community. Not an ISACA member? Join now!

 
This Topic Has:
1261 Members
2 Online
12499 Visits

Community Leader

Marc Vael

Marc Vael

Title: Chief Audit Executive

Badge: Influential

Ross Peachey

Ross Peachey

Badge: Energizer

ShanShan

ShanShan

Badge: Social

Simiyu

Simiyu

Badge: Influential

 

NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Discussions: 107 total

Must be a Topic member to contribute
View All »
Hi All, There's alot of theory thrown around about ROSI. In theory it makes sense. But using these ideas seems problematic in practice. For one thing, ROSI relies on not one, but TWO risk estimates (current and residual).  It's rare to see formal calculat...
Ross Peachey | 6/5/2016 7:11:49 AM | COMMENTS(0)
We all know change control starts from a request (whether it's a user request or business request), however recently in a discussion with auditors they are saying there should be a control in place to address the "authorization of the request"- let it be ...
ShanShan | 6/2/2016 11:53:51 AM | COMMENTS(2)
I need information about typical organizational structure of information security areas in commercial airlines. Thanks
rsabella24 | 5/29/2016 9:22:52 AM | COMMENTS(1)
what is the ideal job description for Head of information security to setup a new infosec team in a bank, i need the job description to submit it to HR dept. to Determine the job weight and set a suitable corporate title for this position.
Tarek EL-Sherif | 5/28/2016 2:33:29 AM | COMMENTS(1)
ISO 27001 internal audits can be a strain on resource, especially if as Information Security Manager you are responsible for creating the schedules and scopes aligned to the standard. So how do you main integrity and impartiality when your organisation do...
Len Shingler | 5/25/2016 8:21:21 AM | COMMENTS(2)
what is the ideal job description for Head of information security
Tarek EL-Sherif | 5/22/2016 6:40:22 AM | COMMENTS(3)

Documents & Publications: 206 total

Must be a Topic member to contribute
View All »
Books
Posted by ISACA 44 days ago
Books
Posted by ISACA 114 days ago
Books
Posted by ISACA 160 days ago

Events & Online Learning: 17 total

Journal Articles: 243 total

Volume 4, 2016
by Debbie Newman, CISA
Get to know your network.
Volume 4, 2016
by Mohammed J. Khan, CISA, CRISC, CIPM
It is imperative that IT auditors work with all teams within the organization responsible for the development of mobile apps—business, IT development, IT security, legal and compliance.
Volume 4, 2016
by Steven J. Ross, CISA, CISSP, MBCP
I can hear the rejoinder now: There is no need for a chief cyber officer because the chief information security officer (CISO) performs that function.
Volume 4, 2016
by Farbod Hosseyndoust Foomany, Ph.D., Ehsan Foroughi, CISM, CISSP, and Rohit Sethi
The article investigates security requirements of traditional remote code execution techniques in light of threat modeling results and expounds on the sections of security compliance regulations that stipulate those requirements.
Volume 3, 2016
by Kerry A. Anderson, CISA, CISM, CGEIT, CRISC, CCSK, CFE, CISSP, CSSLP, ISSAP, ISSMP
While mobile devices have enhanced productivity, these devices compete for limited attention span and may make it more difficult to gain sufficient attention for security awareness.
Volume 3, 2016
by Devassy Jose Tharakan, CISA, ISO 27001 LA, ITIL, PMP
Organizations that do not position their information security group (ISG) strategically within the organization’s structure often fail to receive the desired benefits.

Wikis: 2 total

Blog Posts: 140 total

I Just have to say it aloud to myself over and over again, A casino operator sued a cybersecurity firm for it alleged lack of quality in an investigation following a breach of the casino operator’s system.Your organization’s stupidity and complete disre...
Posted By : Alexander246 | 0 comments
Yesterday’s security technology will not keep your network safe today, nor will today’s solutions protect you tomorrow. Network security must evolve. And at a rate that keeps it always one step ahead of the threats. These could include factors such as you...
Posted By : rasoolirfan | 0 comments
Big Data, Internet of Things, Ciberseguridad, Transformación Digital, son sin duda las tendencias más mencionadas en todos los medios especializados y no tan especializados. Todas ellas relacionadas, todas ellas fruto de la evolución de conceptos no tan ...
Posted By : AlejandroAV | 0 comments
Every day each employee is part of our Data Loss Prevention Program, protecting the confidentiality of our customers' personnal information.  I would like to ask for your help in protecting PII in email exchanges.  These exchanges occur daily betwe...
Posted By : Robert658 | 0 comments
One of the things that security-minded professionals need to employ is the "trust, but verify" mantra as a part of our daily practices. This is especially true for cloud-hosted applications. During a recent audit of cloud hosted solutions, a very simp...
Posted By : Gary055 | 0 comments
This Gartner article is freely available to the general public. Thought it worthy enough to post here. http://www.gartner.com/smarterwithgartner/top-10-security-predictions-2016/
Posted By : Gary055 | 0 comments