Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

Information Security Management

Welcome to the Information Security Management topic!

Collaborate, contribute, consume and create knowledge around topics such as cloud computing, application security, vulnerability management, PCI, and data protection.

ISACA members can participate by clicking on the “Join this Community” button. You must be signed into the site. Set your alerts to be notified of new discussion activity within this community. Not an ISACA member? Join now!

This Topic Has:
1349 Members
0 Online
13384 Visits

Community Leader

Marc Vael

Marc Vael

Title: Chief Audit Executive

Badge: Energizer

Ross Peachey

Ross Peachey

Badge: Energizer



Badge: Observer



Badge: Influential


NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Discussions: 119 total

Must be a Topic member to contribute
View All »
I'm currently reviewing the information security function within our organization. I have now the IS charter and the IS program. Upon checking the charter, it says that "the IS Program shall adopt a risk based approach." However, upon checking the IS Prog...
Edzern | 3/28/2017 3:00:31 AM | COMMENTS(2)
What is the information security perspective if the customers reported receiving SMS for transactions they had not performed where this transactions for others customers and sent to them by system error ?
Tarek EL-Sherif | 3/12/2017 5:09:39 AM | COMMENTS(0)
Boards of Director are taking an increasingly active role in cybersecurity governance.  The question is: what are they looking for and how should you manage your security program to meet their needs? This topic has been addressed in the “Cyber-Risk Oversi...
Ramakrishna593 | 2/23/2017 1:04:30 AM | COMMENTS(0)
How do you ensure vulnerabilities in your organisation are identified and fixed efficiently? I work in a relatively large organisation (about 4500 employees/about 7000 devices by IP). When we perform vulnerability scans; they always come out with more tha...
Eliud433 | 1/17/2017 6:54:38 AM | COMMENTS(0)
What is the difference between IT Security and IT Risk ?
Tarek EL-Sherif | 1/17/2017 12:43:14 AM | COMMENTS(11)
Hello all, I am searching information regarding topic of Cyber Security Capability Maturity Models. Currently analyzing:> Electricity Subsector Cybersecurity Capability Maturity MODEL (ES-C2M2) as main background document;> ISO/IEC 33071 DIS PAS Informati...
Tomejus | 12/4/2016 6:20:13 AM | COMMENTS(4)

Documents & Publications: 139 total

Must be a Topic member to contribute
View All »
In 2017, Attacks will follow your Data Cyberthreats : What's Coming Next and how to prepare for it.
Posted by Mohamad Javed 78 days ago
A turning point for eGovernment development in Europe?
Posted by Mohamad Javed 79 days ago
How to Protect Yourself and Your Family Worth Spending some time on this Release from Cisco on How to Protect yourself. How do websites collect information? Why do websites collect information about you? What information do websites collect from your computer? Google Analytics How can you give or deny permission to collect information about you?
Posted by Mohamad Javed 79 days ago
Posted by ISACA 82 days ago
Posted by ISACA 201 days ago

Events & Online Learning: 21 total

16 Mar 2015
ISACA International Event
Orlando, FL, USA
15 Jun 2015
ISACA International Event
Ciudad de México, Mexico
21 Sep 2015
ISACA International Event
Miami, FL, USA
21 Sep 2015
ISACA International Event
06010 Mexico City, Panama
La Conferencia Latinoamericana CACS/ISRM

Journal Articles: 280 total

Volume 2, 2017
by Steven J. Ross, CISA, CISSP, MBCP
It is those three dots that save me from accusations of rank lunacy. (Oh, well, from accusations based on this subject.)
Volume 2, 2017
by Mukul Pareek, CISA, ACA, ACMA, PRM
Most security metrics programs are typically based on two assumptions: There is a secure way to manage any system, and the task of security management is to maintain that state.
Volume 2, 2017
by Shan Senanayake, CISA, CRISC, CISSP
Get to know your network.
Volume 2, 2017
by Farewell Ron Hale
ISACA is grateful to Ron Hale for his years of knowledge, leadership and dedication.
Volume 2, 2017
by Jo Anna Bennerson, CISA, CGEIT, CPA, ITILv3, PMP
This article discusses approaches to increase an information security professional’s knowledge about the US federal government ATO security authorization process and one’s duties in the narrow US federal government industry.
Volume 2, 2017
by Trevor J. Dildy, CCNA
Today’s enterprises have solutions in place to help with the detection and management of their information systems vulnerabilities, especially as it relates to system software and firmware.

Wikis: 2 total

Blog Posts: 174 total

Background At early 2017, Govtech released an article which summarized the top cybersecurity prediction for 2017 from several organizations and companies. If we look back at 2016, cybersecurity attacks are evolved along with the rise of cloud computin...
Posted By : proferyk | 0 comments
Lately I have received a number of questions and concerns around NIST 800-171 so I wanted to write a quick brief on what you need to know.What is NIST 800-171?This is a special publication released by the National Institute of Standards and Technology (NI...
Posted By : Justin238 | 1 comments
The Regulation (EU) N°910/2014 on electronic identification and trust services for electronic transactions in the internal market (eIDAS Regulation) was adopted by the European Union on 23 July 2014 and entered into force on 17.09.2014.The rules on trust ...
Posted By : Julian075 | 0 comments
As end users have increased their usage of mobile devices, the number and sophistication of attacks are also increasing.  While I will focus on protecting your smartphones, you should keep in mind that many of the items discussed apply to your iPa...
Posted By : Robert658 | 1 comments
Now a days, cyber security is often used interchangeably with the information security and sometime they feel that cyber security is more in fashion and have better market value than information security, so they prefered to use the cyber security term in...
Posted By : Muhammad Irfan Bashir | 1 comments
30 Mar 2017
When you think about your company information security, a greatest image come into your mind: * if my storage device crashed;* if my flashcopy in other storage device crashed too;* if my backup tape was in flame;* if my archive data was missed;* if my sec...
Posted By : MGPlay | 0 comments