Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

Information Security Management

Welcome to the Information Security Management topic!

Collaborate, contribute, consume and create knowledge around topics such as cloud computing, application security, vulnerability management, PCI, and data protection.

ISACA members can participate by clicking on the “Join this Community” button. You must be signed into the site. Set your alerts to be notified of new discussion activity within this community. Not an ISACA member? Join now!

 
This Topic Has:
1034 Members
0 Online
10752 Visits

Community Leader

Farooq Wahab Naiyer
Marc Vael

Marc Vael

Title: Director Internal Audit & Risk Management

Badge: Influential

Ross Peachey

Ross Peachey

Badge: Energizer

Simiyu

Simiyu

Badge: Influential

 

NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Discussions: 80 total

Must be a Topic member to contribute
View All »
Dear Gentlemen,I have a topic here I need to your expert advice, in a newlyformed Information security section in a very low mature organization which hadthe security function scattered and didn’t have a clear direction. After theformation of the new func...
AHMED359 | 4/27/2015 1:42:52 PM | COMMENTS(2)
Does anyone know of a CISM study group for the upcoming exam, or have any suggestions on what and how to study for the exam.
REGGIE554 | 4/24/2015 5:15:19 AM | COMMENTS(5)
Many writers urgue that CISOs are generally misunderstood and under-appreciated by their C-Level Peers. One of the reasons advanced is that of CISOs inability to connect security and business. The article below seems to resonate the same urguement. http:/...
Simiyu | 4/19/2015 11:09:44 PM | COMMENTS(4)
Hello guys, I've done a matrix example for SOC activities, i would share it with you and your advices/comments for improving it. For the moment, i use dropbox for sharing and contact information are in the document. Link: https://www.dropbox.com/...
Damien643 | 4/18/2015 12:48:36 PM | COMMENTS(1)
Hi All, I've been asked by a colleague about information security Threat Taxomonies (or lists) to assist him with the risk identification process. He already has the ISF IRAM2 documentation (Appendix F). Have provided additional references to: NIST S...
Ross Peachey | 3/30/2015 4:32:01 AM | COMMENTS(3)
HelloI need your expertise help to make a roadmap document forestablishing a new security operation center. The current security operationsfunctions are scattered in the organizationand we need to start consolidating them in one function. Ineed a referenc...
AHMED359 | 3/24/2015 6:30:55 AM | COMMENTS(20)

Documents & Publications: 196 total

Events & Online Learning: 15 total

19 Aug 2013
ISACA International Event
San Francisco, CA, USA
14 Oct 2013
ISACA International Event
Boston, MA, USA
6 Nov 2013
ISACA International Event
Las Vegas, NV, USA
North America ISRM features relevant security and risk management topics presented by leading industry experts and practitioners.
11 Aug 2014
ISACA International Event
Seattle, WA, USA

Journal Articles: 500 total

Volume 2, 2015
by Marcelo Hector Gonzalez, CISA, CRISC, and Jana Djurica
There are a number of definitions of Internet of Things (IoT), with all of them having slightly different meanings.
Volume 2, 2015
by Fredric Greene, CISSP
Selected processes from the COBIT 5 framework can improve the effectiveness of enterprise security in an organization.
Volume 2, 2015
by Larry G. Wlosinski, CISA, CISM, CRISC, CAP, CBCP, CDP, CISSP, ITIL V3
Information security events that affect cloud systems are occurring with no end in sight, so it should be no surprise that the cloud should be treated as a nonsecure environment with numerous threats and concerns.
Volume 2, 2015
by Kerry A. Anderson, CISA, CISM, CGEIT, CRISC, CCSK, CFE, CISSP, CSSLP, ISSAP, ISSMP
One of biggest budget busters for an information security program is technology solutions that are not a good match for the organization.
Volume 2, 2015
by Mauricio Rocha Lyra, Ph.D., COBIT Foundation, CTFL, ISO 20000, ITIL, MCSO, OCUP, PMP, RUP and Jose Carlos Ferrer Simoes
The transformations experienced by organizations due to technological advances has made information, arguably, an enterprise’s most valuable asset.
Volume 2, 2015
by Dan Shoemaker and William Arthur Conklin | Reviewed by Dauda Sule, CISA
Cybersecurity: The Essential Body of Knowledge is based on the US Department of Homeland Security’s compendium of best practices.

Wikis: 2 total

Blog Posts: 104 total

Según un estudio realizado por ISACA y RSA Conference, el 82 por ciento de las organizaciones esperar a ser atacado en 2015, pero dependen de profesionales que consideran poco cualificado e incapaz de manejar las complejas amenazas o entender su negoc...
Posted By : AlejandroAV | 0 comments
Recently, I participated in the First Annual Conference of ICT SECURITY WORLD held on Wednesday, March 4, 2015 at the National Centre for Public Administration and Local Government in Tavros, Athens. The presence of ISACA Athens Chapter was a pleasant sur...
Posted By : Konstantinos741 | 0 comments
29 Mar 2015
As I interview IA professionals I get the feeling that as organizations move toward the adoption of the big-data fueled decision-making paradigm senior decision makers are focusing on the implications of big-data as it pertains to their locust of control....
Posted By : Ben Apple | 0 comments
Data Privacy in today's world has crossed over from a requirement dependent on one agency or organization to be the global phenomenon.  Today the data traverses across the countries as well as continents at the speed unimaginable in past. In a flash of se...
Posted By : Mayank | 0 comments
I saw Garry at the Sydney Chapter’s successful Strategic Planning event in July 2014.  He was animated and gregarious during the evening’s cocktail event and it felt good to see him again and catch...
Posted By : Rob Hanson | 0 comments
If you are still using excel for your governance, risk and compliance Maclear eGRC SuiteTM have put together a whitepaper to help you understand the benefits of automation and what to look for when selecting your solution. IT GRC Whitepaper includes: 1...
Posted By : SHAMU2015 | 0 comments