Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

Information Security Management

Welcome to the Information Security Management topic!

Collaborate, contribute, consume and create knowledge around topics such as cloud computing, application security, vulnerability management, PCI, and data protection.

ISACA members can participate by clicking on the “Join this Community” button. You must be signed into the site. Set your alerts to be notified of new discussion activity within this community. Not an ISACA member? Join now!

This Topic Has:
1340 Members
2 Online
13299 Visits

Community Leader

Marc Vael

Marc Vael

Title: Chief Audit Executive

Badge: Energizer

Ross Peachey

Ross Peachey

Badge: Energizer



Badge: Social



Badge: Influential


NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Discussions: 118 total

Must be a Topic member to contribute
View All »
What is the information security perspective if the customers reported receiving SMS for transactions they had not performed where this transactions for others customers and sent to them by system error ?
Tarek EL-Sherif | 3/12/2017 5:09:39 AM | COMMENTS(0)
Boards of Director are taking an increasingly active role in cybersecurity governance.  The question is: what are they looking for and how should you manage your security program to meet their needs? This topic has been addressed in the “Cyber-Risk Oversi...
Ramakrishna593 | 2/23/2017 1:04:30 AM | COMMENTS(0)
How do you ensure vulnerabilities in your organisation are identified and fixed efficiently? I work in a relatively large organisation (about 4500 employees/about 7000 devices by IP). When we perform vulnerability scans; they always come out with more tha...
Eliud433 | 1/17/2017 6:54:38 AM | COMMENTS(0)
What is the difference between IT Security and IT Risk ?
Tarek EL-Sherif | 1/17/2017 12:43:14 AM | COMMENTS(11)
Hello all, I am searching information regarding topic of Cyber Security Capability Maturity Models. Currently analyzing:> Electricity Subsector Cybersecurity Capability Maturity MODEL (ES-C2M2) as main background document;> ISO/IEC 33071 DIS PAS Informati...
Tomejus | 12/4/2016 6:20:13 AM | COMMENTS(4)
It was brought to my attention the need to create information security charters for each department, although I really feel that it meant to say “create an information security program for each department” as part of the organization’s security charter. F...
Raul Dusa | 11/25/2016 5:49:08 AM | COMMENTS(6)

Documents & Publications: 142 total

Must be a Topic member to contribute
View All »
In 2017, Attacks will follow your Data Cyberthreats : What's Coming Next and how to prepare for it.
Posted by Mohamad Javed 45 days ago
A turning point for eGovernment development in Europe?
Posted by Mohamad Javed 46 days ago
How to Protect Yourself and Your Family Worth Spending some time on this Release from Cisco on How to Protect yourself. How do websites collect information? Why do websites collect information about you? What information do websites collect from your computer? Google Analytics How can you give or deny permission to collect information about you?
Posted by Mohamad Javed 46 days ago
Posted by ISACA 49 days ago
Posted by ISACA 167 days ago

Events & Online Learning: 18 total

16 Mar 2015
ISACA International Event
Orlando, FL, USA
15 Jun 2015
ISACA International Event
Ciudad de México, Mexico
21 Sep 2015
ISACA International Event
Miami, FL, USA
21 Sep 2015
ISACA International Event
06010 Mexico City, Panama
La Conferencia Latinoamericana CACS/ISRM

Journal Articles: 277 total

Volume 2, 2017
by Steven J. Ross, CISA, CISSP, MBCP
It is those three dots that save me from accusations of rank lunacy. (Oh, well, from accusations based on this subject.)
Volume 2, 2017
by Mukul Pareek, CISA, ACA, ACMA, PRM
Most security metrics programs are typically based on two assumptions: There is a secure way to manage any system, and the task of security management is to maintain that state.
Volume 2, 2017
by Shan Senanayake, CISA, CRISC, CISSP
Get to know your network.
Volume 2, 2017
by Farewell Ron Hale
ISACA is grateful to Ron Hale for his years of knowledge, leadership and dedication.
Volume 2, 2017
by Jo Anna Bennerson, CISA, CGEIT, CPA, ITILv3, PMP
This article discusses approaches to increase an information security professional’s knowledge about the US federal government ATO security authorization process and one’s duties in the narrow US federal government industry.
Volume 1, 2017
Now that senior executives have begun to take a serious interest in cyber and technology risk, it is necessary to provide meaningful and useful answers to the questions they are beginning to ask.

Wikis: 2 total

Blog Posts: 169 total

Senior Manager           ultimate responsibility Information security Officer          functional responsibility Security Analyst           Strategic, develops policies and guidelines Owner         - Responsible for asset         - Determine level of clas...
Posted By : Muhammad554 | 0 comments
Manejo de TI interno. El tener toda la estructura de TI internamente, sin subcontrataciones, puede dar una acumulación de problemas difíciles de manejar para una sola organización.Asociaciones con contrapartes. Al trabajar en un proyecto conjunto con una...
Posted By : Gladys789 | 0 comments
  Vulnerator es una herramienta que ha sido creada para apoyar a la DoD –  Departamento de Defensa de Estados Unidos  para analizar la seguridad informática y verificar los datos de vulnerabilidades de las numerosas fuentes que va recibiendo las siguentes...
Posted By : Gladys789 | 0 comments
The DoT (Department of Telecommunications) in India has enforced the telecom operators holding license(s) to ensure that they comply to security amendment dated 31st May 2011, likewise Ofcom in UK and other nations has got regulatory compliance for teleco...
Posted By : rasoolirfan | 0 comments
Here in my country (Hungary) state offices still tend to take mother's maiden name as an identifying information of an individual. [] Besides the fact that i...
Posted By : Karoly Arnhoffer | 0 comments
La demanda de servicios bancarios a través de Internet, producto del surgimiento de nuevas necesidades en los consumidores atraídos por el auge tecnológico, mantiene a las entidades financieras inmersas en una encrucijada en la cual deben equilibrar el ni...
Posted By : Gerardo Zuñiga | 0 comments