Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.


Welcome to the Compliance topic!

Collaborate, contribute, consume and create knowledge around compliance with topics such as regulatory (Dodd-Frank, SSAE16, PCI, etc.), and activity used to comply with these topics.

ISACA members can participate by clicking on the “Join this Community” button. You must be signed into the site. Set your alerts to be notified of new discussion activity within this community. Not an ISACA member? Join now!

This Topic Has:
666 Members
0 Online
10302 Visits

Community Leader

Knowledge Center Manager

Knowledge Center Manager

Title: Become a Topic Leader!

Badge: Energizer


NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Discussions: 50 total

Must be a Topic member to contribute
View All »
Hello, Have anyone implemented Compliance Forge - Digital Security Program (DSP). My interest in it structured policies, standards and procedures aligned with major security frameworks, as well as KPI and KRI. Thank you for your input.
Joyce | 7/31/2017 2:39:33 PM | COMMENTS(1)
As business broaden in scope and relevant regulations, laws, and internal policies and procedures play a major role in operational constraints and opportunities. Given that Information Technology resources and record sources are increasingly widespread a...
Ralph498 | 12/20/2016 9:10:02 AM | COMMENTS(0)
Hello All, Can anyone suggest a good Compliance Management (both internal / external compliance requirements) tool offered as a SaaS model (Cloud)?  The work flow would be  1. Identify requirements (Contractual / security / legal / continuity / HR etc) ...
Bala Ramanan | 12/20/2016 9:08:10 AM | COMMENTS(1)
Do you have a view on the UK governments Cyber Essentials scheme? I'm conducting a MSc research project to assess the awareness of the UK governments Cyber Essentials scheme, this aims to establish how it is working in-practice. The outcome is to propo...
Andy542 | 9/25/2016 6:24:01 AM | COMMENTS(0)
Has anyone come across a  "outcomes based approach" (as opposed to the usual controls based approach)?
Phil Green | 4/12/2016 6:50:37 AM | COMMENTS(1)
Good afternoon all, What is your opinion in respect of the date in the copyright notice of a website, more specifically as to whether one should include the date when the website was originally published as in "(c) 2000 - 2016 ABC Limited" or just leave i...
Robert271 | 3/16/2016 9:40:25 AM | COMMENTS(0)

Documents & Publications: 17 total

Must be a Topic member to contribute
View All »
Posted by ISACA 736 days ago
Posted by ISACA 1019 days ago
Posted by ISACA 1039 days ago

Events & Online Learning: 4 total

16 Aug 2017
ISACA International Event
Grapevine, Texas, US
2018 GRC Conference - 13-15 August , Nashville, TN. Explore the future of Governance Risk and Control through expert-led workshops and sessions developed by the IIA and ISACA. Register early for our GRC learning tracks.
11 Sep 2017
ISACA International Event
Portland, OR, USA

Journal Articles: 60 total

Volume 6, 2017
by Robert Putrus, CISM, CFE, CMC, PE, PMP
This article presents a risk-based management approach to third-party data security risk and compliance through the development of a third-party risk register.
Volume 6, 2017
by Guy Pearce
The modern GRC landscape has a significant impact on how an enterprise-scale big data project would be undertaken today.
Volume 5, 2017
Ransomware-like breaches occur despite paper certifications confirming the existence of adequate security controls.
Volume 5, 2017
by T. Sean Kelly
Certain steps can be taken to build a strong respect for and practice of security into the cultural fabric of any organization, across all departments and areas of the business.
Volume 5, 2017
by Filip Caron, Ph.D.
Blockchain technology, commonly expected to drive the next wave of digital infrastructure and process innovation, is rapidly developing into maturity.
Volume 2, 2017
by Ed Gelbstein, Ph.D.
Every organization tries to formalize aspects of its culture through policies. These policies define what is expected of members of the workforce and describe how noncompliance is dealt with.

Wikis: 2 total

Blog Posts: 82 total

Globally, many organizations are spending millions of dollars protecting their businesses and its enabling infrastructure, but are they really secure? We shall discuss answer to this question in a little while. We need to understand core basics before we ...
Posted By : SudireddyRamreddy | 0 comments
Hello fellow members COBIT 5 is an excellent guide to developing ICT Governance Frameworks. Many organisations have well documented Frameworks but find it challenging when it comes to implementation. The objective of this post is to start a debate o...
Posted By : Thansen Singh | 0 comments
In your experience, what is the best Risk Management definition and how to explain to to other IT teams the importance of Risk Management and how that is related with a chosen standard, methodology (ISO 27001, CObit, OCTAVE, etc) What is the source defini...
Posted By : Isaias_Telhado | 0 comments
Tools What to do for such an assignment practical auditing of the OS and Database CLOUD Computing challenges Third Party integration and the Audit functions
Posted By : Kemza | 0 comments
What do you think by starting new chapter at Nepal: 1. What benifit will Nepal Get?2. What ICT sectrer will Get?3. What ISACA's current/future member will Get?4. What IS Auditor will get?
Posted By : Dr. Pawan K. Sharma | 0 comments
28 Sep 2017
Recently, I witnessed an interesting webcast by Scopism, an UK-based consulting and training company. They announced the publication of the SIAM(c) Foundation Body of Knowledge, available for free through their website Service Integration...
Posted By : Peter873 | 0 comments