Within the current of mobile devices ( smart mobile phone , flash memories , iPad , laptops) in addition to the extension of network world wide , data classification , control protection and security become a real challenges , mostly this threat the confi...
|
When it comes to architecture, I always preach measure twice, cut once approach. However, with policies and standards, it's not always possible, especially in rapidly changing IT environments. Over the years, I've seen many of my clients spending 6 months...
apoizner | 3/6/2013 10:42:13 AM | COMMENTS(1)
|
It's no secret that value of information depreciates over time. This principle is used in military through cascading data re-classification. However many enterprises ignore this fact and spend vast amount of money trying to maintain protection for the dat...
apoizner | 2/21/2013 10:32:48 AM | COMMENTS(3)
|
If you allow personally-owned devices to be used with enterprise data, how are you handling evaluation of compliance for those devices? Are you using some sort of BYOD management software, or another type of solution?
|
Hi everyone. For the last few days I have been having a harrowing time at work. Audit has found a number of instances of users sharing their ERP passwords with their colleagues. This is as per our ERP team a licensing violation as well as IT Policy violat...
|
Hello,
I'm curious to what companies recommend for password complexity standards for their network, os, and databases. I would particularly like to hear more on thoughts for what password retention and reuse settings should be configured at.
I would ...
SArndt | 10/4/2012 12:25:47 PM | COMMENTS(1)
|
Books
Posted by ISACA 16 days ago
|
Books
Posted by ISACA 16 days ago
|
Downloads
Posted by ISACA 16 days ago
|
Exam Preparation
Posted by ISACA 16 days ago
|
Downloads
Advanced persistent threat (APT) has been a term used frequently during security threat discussion; however, confusion exists as to what an APT is and how to manage the risk associated with it.
Posted by ISACA 118 days ago
|
Books
Posted by ISACA 119 days ago
|
29 Oct 2012
ISACA International Event
New York, NY, USA
|
22 Jul 2013
ISACA International Event
Seattle, WA, USA
|
30 Sep 2013
ISACA International Event
Medellín, Colombia
La Conferencia Latinoamericana CACS/ISRM 2013 en Medellín, Colombia es la conferencia principal latinoamericana para los profesionales de auditoría, riesgo y seguridad de la información. Ahorre más de EE.UU. $ 100 si se inscribe antes del 7 de agosto!
|
14 Oct 2013
ISACA International Event
Boston, MA, USA
|
Volume 2, 2011
by Gan Subramaniam, CISA, CISM, CCNA, CCSA, CIA, CISSP, ISO 27001 LA, SSCP
What should be our approach to determining and reaching agreement on the optimal percentage of business operations that must be or can be recovered in the event of a crisis?
|
Volume 3, 2010
by Steven J. Ross, CISA, MBCP, CISSP
Any organization planning to utilize cloud computing services should be well aware of the risks and should implement a robust control structure to counter them. Among the foremost risks is disruption of service, which includes both downtime and data loss.
|
Volume 2, 2010
by Chris Fry and Martin Nystrom | Reviewed by Tansu Gumus, CISA, CCNA
|
Volume 2, 2010
by John P. Pironti, CISA, CISM, CGEIT, CISSP, ISSAP, ISSMP
|
Volume 2, 2010
by Shahab Nayyer, CISA, CIA
|
Volume 2, 2010
by Steven J. Ross, CISA, MBCP, CISSP
|
These links, which have been contributed by site users, link to external third-party web sites. ISACA has not evaluated these web sites and accepts no responsibility for their suitability, security or privacy practices.
A brief discussion/article on ISMS. By Prasanna Ramakrishnan
Contributed by lamd on 19 Oct 2010
|
The IA Policy Chart was inspired by the creation of a similar Acquisition Security Policy Chart by the Office of the Under Secretary of Defense for Acquisition, Technology & Logistics. The goal of the IA Policy Chart is to capture the tremendous breadth of applicable policies, some of which many IA practitioners may not even be aware, in a helpful organizational scheme.
|
Would you hire someone convicted of a computer crime to fill a position of trust in your computer network? Or, more generally, would you hire someone convicted of a crime for a job related to that crime?
Contributed by ISACA on 30 Jun 2010
|
ISACA's Risk IT is a global IT-related risk framework to provide a comprehensive view of the business risks associated with IT initiatives. Risk IT builds on ISACA's COBIT framework for IT governance to provide a missing link between conventional enterprise risk management and IT risk management and control.
Contributed by ISACA on 29 May 2010
|
On the surface of it, it seems like IT Governance is a lot of trouble for no tangible return. Yet, if we really take the time to think about it, a business runs on information.
Contributed by ISACA on 29 May 2010
|
This paper provides seven practical steps any information security organization can take to improve information system security and achieve compliance with relevant regulations, standards and internal security and operational policy.
Contributed by ISACA on 29 May 2010
|
|
Grupos de Estudio para Acreditaciones de JUNIO, SEPTIEMBRE Y DICIEMBRE 2013.
Para los que esten interesados en la presentación del exámen de certificación CISA y CISM o para cualquiera que desee comenzar a prepararse para estas o las próximas pruebas, pu...
Posted By : Alexander Osorio | 0 comments
|
Information security has been and remains a very specialized subject. Its early beginnings can be traced to the study of advanced mathematics and cryptography. even today the real theoretical advances happen in University Research Departments, Computer La...
Posted By : Dr Vishnu | 1 comments
|
|
On March 1st, I was invited to speak at the CampIT conference on Enterprise Risk/Security Management at Rosemont Convention Center.
Before me there were two speakers. The first presenter spent an hour presenting the story from the trenches of technolog...
Posted By : Umesh391 | 1 comments
|
Es importantísimo reconocer que la banca móvil y pagos móviles han llegado para quedarse y que aquellos bancos que no se ocupen ahora en prepararse tendrán grandes problemas en el largo plazo y esta es una opinión compartida con el equipo de BITS (Financi...
Posted By : Diego San Esteban | 0 comments
|
|
To share various espects in cloud computing viz; history, availability, deployment, integrity, availability, confidentiality, security, cloud sharing etc.
Posted By : MoizB583519 | 2 comments
|
I am interested in system security & control and therefore have joined ISACA as a member for several years. Besides, I am a CISA and CISM in titles. To take advantage of membership privilege, I can easily collect up-to-date information related to standar...
Posted By : Calvin Tsang | 2 comments
|
|
|