Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.


Welcome to the Compliance topic!

Collaborate, contribute, consume and create knowledge around compliance with topics such as regulatory (Dodd-Frank, SSAE16, PCI, etc.), and activity used to comply with these topics.

ISACA members can participate by clicking on the “Join this Community” button. You must be signed into the site. Set your alerts to be notified of new discussion activity within this community. Not an ISACA member? Join now!

This Topic Has:
677 Members
0 Online
10528 Visits

Community Leader

Knowledge Center Manager

Knowledge Center Manager

Title: Become a Topic Leader!

Badge: Energizer


NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Discussions: 50 total

Must be a Topic member to contribute
View All »
Hello, Have anyone implemented Compliance Forge - Digital Security Program (DSP). My interest in it structured policies, standards and procedures aligned with major security frameworks, as well as KPI and KRI. Thank you for your input.
Joyce | 5/15/2018 4:48:31 PM | COMMENTS(3)
Hello All, Can anyone suggest a good Compliance Management (both internal / external compliance requirements) tool offered as a SaaS model (Cloud)?  The work flow would be  1. Identify requirements (Contractual / security / legal / continuity / HR etc) ...
Bala Ramanan | 12/26/2017 1:15:33 AM | COMMENTS(2)
As business broaden in scope and relevant regulations, laws, and internal policies and procedures play a major role in operational constraints and opportunities. Given that Information Technology resources and record sources are increasingly widespread a...
Ralph498 | 12/25/2017 11:32:40 PM | COMMENTS(1)
Do you have a view on the UK governments Cyber Essentials scheme? I'm conducting a MSc research project to assess the awareness of the UK governments Cyber Essentials scheme, this aims to establish how it is working in-practice. The outcome is to propo...
Andy542 | 9/25/2016 6:24:01 AM | COMMENTS(0)
Has anyone come across a  "outcomes based approach" (as opposed to the usual controls based approach)?
Phil Green | 4/12/2016 6:50:37 AM | COMMENTS(1)
Good afternoon all, What is your opinion in respect of the date in the copyright notice of a website, more specifically as to whether one should include the date when the website was originally published as in "(c) 2000 - 2016 ABC Limited" or just leave i...
Robert271 | 3/16/2016 9:40:25 AM | COMMENTS(0)

Documents & Publications: 16 total

Must be a Topic member to contribute
View All »
Posted by ISACA 926 days ago
Posted by ISACA 1209 days ago
Posted by ISACA 1437 days ago

Events & Online Learning: 4 total

11 Sep 2017
ISACA International Event
Portland, OR, USA
13 Aug 2018
ISACA International Event
Nashville, Tennessee, US
2018 GRC Conference - 13-15 August , Nashville, TN. Explore the future of Governance Risk and Control through expert-led workshops and sessions developed by the IIA and ISACA. Register early for our GRC learning tracks.

Journal Articles: 64 total

Volume 3, 2018
by Kevin Alvero, CFE, Randy Pierson, CISA, and Wade Cassels, CISA, CIA, CFE, CRMA
As organizations try to keep up with rapid changes in technology, they are using acquisitions as a way to quickly develop entirely new lines of business or to simply close gaps in technological capability.
Volume 2, 2018
by Mina Miri, Farbod H. Foomany, Ph.D., CISSP and Nathanael Mohammed
This article presents a case study of a smart bracelet that bears many of the privacy challenges of a typical Internet of Things (IoT) project.
Volume 1, 2018
by Joao Souza Neto, Ph.D., CRISC, CGEIT, COBIT Certified Assessor, Rafael Almeida, Pedro Linares Pinto and Miguel Mira da Silva, Ph.D.
The new ISO/IEC 330xx family of standards presents a more detailed and well-defined process assessment model than the older ISO/IEC 15504 family.
Volume 1, 2018
by Mike Van Stone, CISA, CISSP, CPA, and Ben Halpert
Ever-changing laws continue to increase the risk and cost of noncompliance when unintentional data losses occur.
Volume 6, 2017
by Robert Putrus, CISM, CFE, CMC, PE, PMP
This article presents a risk-based management approach to third-party data security risk and compliance through the development of a third-party risk register.
Volume 6, 2017
by Guy Pearce
The modern GRC landscape has a significant impact on how an enterprise-scale big data project would be undertaken today.

Wikis: 2 total

Blog Posts: 92 total

14 May 2018
Recently, I witnessed an interesting webcast by Scopism, an UK-based consulting and training company. They announced the publication of the SIAM(c) Foundation Body of Knowledge, available for free through their website Service Integration...
Posted By : Peter873 | 1 comments
20 Apr 2018
Good day. I have an interesting situation that came about just this week.  New career opportunities are not all that they seem to be.  What I thought was going to be a great career change ended up in disaster.  With only one week and two day's, I was dism...
Posted By : Brian824 | 0 comments
2 Apr 2018
After privacy was silently lost in modern era, GDPR will try to put the ghost back in the bottle. Will it succeed?
Posted By : Dragan Pleskonjic | 0 comments
Have you experienced ransomware attack so far and, if yes, what did you do to resolve? I set up Twitter poll here: It lasts for seven days. Thank you for taking part in the poll.
Posted By : Dragan Pleskonjic | 5 comments
21 Feb 2018
We are happy to announce that  on Feb//2018  the ISACA awareness session  was held in Baghdad.This the first time to speak about ISACA Value in Iraq.Professional from government and private sector were excited to hear about ISACA value and they started to...
Posted By : Ali099 | 1 comments
There are some math models for business that MBAs are taught. Just like assembling burgers for fast food or call wait queue management in a call center, vulnerability patching is a time based business opportunity. Leadership can be expected to use this ...
Posted By : Don Turnblade | 1 comments