Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.


Welcome to the Compliance topic!

Collaborate, contribute, consume and create knowledge around compliance with topics such as regulatory (Dodd-Frank, SSAE16, PCI, etc.), and activity used to comply with these topics.

ISACA members can participate by clicking on the “Join this Community” button. You must be signed into the site. Set your alerts to be notified of new discussion activity within this community. Not an ISACA member? Join now!

This Topic Has:
672 Members
1 Online
10416 Visits

Community Leader

Knowledge Center Manager

Knowledge Center Manager

Title: Become a Topic Leader!

Badge: Energizer


NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Discussions: 50 total

Must be a Topic member to contribute
View All »
Hello, Have anyone implemented Compliance Forge - Digital Security Program (DSP). My interest in it structured policies, standards and procedures aligned with major security frameworks, as well as KPI and KRI. Thank you for your input.
Joyce | 12/26/2017 1:21:31 AM | COMMENTS(2)
Hello All, Can anyone suggest a good Compliance Management (both internal / external compliance requirements) tool offered as a SaaS model (Cloud)?  The work flow would be  1. Identify requirements (Contractual / security / legal / continuity / HR etc) ...
Bala Ramanan | 12/26/2017 1:15:33 AM | COMMENTS(2)
As business broaden in scope and relevant regulations, laws, and internal policies and procedures play a major role in operational constraints and opportunities. Given that Information Technology resources and record sources are increasingly widespread a...
Ralph498 | 12/25/2017 11:32:40 PM | COMMENTS(1)
Do you have a view on the UK governments Cyber Essentials scheme? I'm conducting a MSc research project to assess the awareness of the UK governments Cyber Essentials scheme, this aims to establish how it is working in-practice. The outcome is to propo...
Andy542 | 9/25/2016 6:24:01 AM | COMMENTS(0)
Has anyone come across a  "outcomes based approach" (as opposed to the usual controls based approach)?
Phil Green | 4/12/2016 6:50:37 AM | COMMENTS(1)
Good afternoon all, What is your opinion in respect of the date in the copyright notice of a website, more specifically as to whether one should include the date when the website was originally published as in "(c) 2000 - 2016 ABC Limited" or just leave i...
Robert271 | 3/16/2016 9:40:25 AM | COMMENTS(0)

Documents & Publications: 17 total

Must be a Topic member to contribute
View All »
Posted by ISACA 828 days ago
Posted by ISACA 1111 days ago
Posted by ISACA 1131 days ago

Events & Online Learning: 3 total

11 Sep 2017
ISACA International Event
Portland, OR, USA
13 Aug 2018
ISACA International Event
Nashville, Tennessee, US
2018 GRC Conference - 13-15 August , Nashville, TN. Explore the future of Governance Risk and Control through expert-led workshops and sessions developed by the IIA and ISACA. Register early for our GRC learning tracks.

Journal Articles: 62 total

Volume 1, 2018
by Mike Van Stone, CISA, CISSP, CPA, and Ben Halpert
Ever-changing laws continue to increase the risk and cost of noncompliance when unintentional data losses occur.
Volume 1, 2018
by Joao Souza Neto, Ph.D., CRISC, CGEIT, COBIT Certified Assessor, Rafael Almeida, Pedro Linares Pinto and Miguel Mira da Silva, Ph.D.
The new ISO/IEC 330xx family of standards presents a more detailed and well-defined process assessment model than the older ISO/IEC 15504 family.
Volume 6, 2017
by Robert Putrus, CISM, CFE, CMC, PE, PMP
This article presents a risk-based management approach to third-party data security risk and compliance through the development of a third-party risk register.
Volume 6, 2017
by Guy Pearce
The modern GRC landscape has a significant impact on how an enterprise-scale big data project would be undertaken today.
Volume 5, 2017
by T. Sean Kelly
Certain steps can be taken to build a strong respect for and practice of security into the cultural fabric of any organization, across all departments and areas of the business.
Volume 5, 2017
Ransomware-like breaches occur despite paper certifications confirming the existence of adequate security controls.

Wikis: 2 total

Blog Posts: 90 total

There are some math models for business that MBAs are taught. Just like assembling burgers for fast food or call wait queue management in a call center, vulnerability patching is a time based business opportunity. Leadership can be expected to use this ...
Posted By : Don Turnblade | 0 comments
I predict that on 1 July 2018, I will be calmly eating a barbecue sandwich, talking with friends and possibly, I will burn a copy of the RFC2246: TLS version 1.0 standard for entertainment value.  Those will less effective Vendor, Network, Systems, Applic...
Posted By : Don Turnblade | 0 comments
2 Feb 2018
We are happy to announce that  on Feb//2018  the ISACA awareness session  was held in Baghdad.This the first time to speak about ISACA Value in Iraq.Professional from government and private sector were excited to hear about ISACA value and they started to...
Posted By : Ali099 | 0 comments
There is need to for ISACA through our local; chapter to allow fees to be paid in installments or split invoices given the fact that in our country - one has to find currency first and then deposit into a VISA card account. Thus i can raise my exam and ma...
Posted By : Hamadzashe | 1 comments
In your experience, what is the best Risk Management definition and how to explain to to other IT teams the importance of Risk Management and how that is related with a chosen standard, methodology (ISO 27001, CObit, OCTAVE, etc) What is the source defini...
Posted By : Isaias_Telhado | 1 comments
Have you experienced ransomware attack so far and, if yes, what did you do to resolve? I set up Twitter poll here: It lasts for seven days. Thank you for taking part in the poll.
Posted By : Dragan Pleskonjic | 1 comments