ISACA's Guidance and Practices Committee is looking for volunteers for a project that will focus on privacy risks and controls associated with big data. If you are an ISACA member who has practical experience in this area and are interested in participati...
|
I'd like to open a discussion about why we should worry about Privacy in the Smart Grid/Smart Meter world.
I knew that in America there isn't much work done to provide such protection as a legislation or Industry practice, but in EU there much concer...
|
Can someone help me in finding out the best way for disposal of Data Centre Hard Drives / Media in a cost effective way.
|
Hi all,at INSIGHTS 2013 (http://www.isaca.org/Education/Conferences/Pages/INSIGHTS-2013.aspx) the topic privacy will be discussed in panels.What burning questions would you like to ask to the panel and get a reply from?M.
PS. why don't you join in person ...
Marc Vael | 4/27/2013 1:09:57 PM | COMMENTS(1)
|
Hello Privacy and Security Professionals -
I have published a new book for exactly our group (title: "C(I)SO - And Now What?") - available at https://www.createspace.com/4043003 or via Amazon etc. online.
More details below:
The ISBN#s are:
ISBN-1...
|
Q&A: Ontario Commissioner and Leading Privacy Expert Dr. Ann Cavoukian
http://www.oracle.com/us/dm/nsl100162749-qadrcavoukian-1919966.html
Ian Cooke | 3/22/2013 4:00:09 AM | COMMENTS(0)
|
Books
Posted by ISACA 118 days ago
|
Books
Posted by ISACA 147 days ago
|
Books
Posted by ISACA 203 days ago
|
Downloads
Posted by ISACA 281 days ago
|
Downloads
Posted by ISACA 281 days ago
|
Books
Posted by ISACA 306 days ago
|
5 Nov 2012
ISACA International Event
Dallas, TX, USA
|
|
|
22 Apr 2013
ISACA International Event
Chicago, IL, USA
|
10 Jun 2013
ISACA International Event
Berlin, Germany
Early bird deadline has been extended: save over US $350 when you register by 1 May. Learn from industry-leading IT experts at Insights 2013. This is a unique opportunity to discover revolutionary new ideas at the world’s premier business event.
|
16 Sep 2013
ISACA International Event
London, England
Stay on top of the trends and opportunities of the dynamic technology industry at EuroCACS/ISRM 2013—the leading European conference for IT audit, assurance, security and risk professionals. Save over US $200 when you register by 22 July!
|
30 Sep 2013
ISACA International Event
Medellín, Colombia
La Conferencia Latinoamericana CACS/ISRM 2013 en Medellín, Colombia es la conferencia principal latinoamericana para los profesionales de auditoría, riesgo y seguridad de la información. Ahorre más de EE.UU. $ 100 si se inscribe antes del 7 de agosto!
|
Volume 3, 2013
by Dan Bogdanov, Ph.D., and Aivo Kalu, Ph.D., CISA
A cloud is a remote-access platform; thus, technical controls that remotely enforce a particular security policy are especially efficient.
|
Volume 2, 2013
by Joanne Joseph, CISA
This article explores the threats as well as the policy measures that are universally applied to protect users’ data from privacy infringement.
|
Volume 6, 2012
by S. Srinivasan
Social networks have opened up a new avenue of communication for millions of people around the world.
|
Volume 5, 2012
by Guy-Hermann Ngambeket Ndiandukue, CISA, CISM, CGEIT, ITIL V3(F), PMP
The aim of this article is twofold: to identify, based on the motivations of Internet users visiting social networks, the risk of violating users’ privacy, and to analyze and evaluate the effectiveness of the control methods used.
|
Volume 5, 2012
by Steven J. Ross, CISA, CISSP, MBCP
In a recent meeting, the question being debated was whether there were situations in which the security of information could be prudently reduced.
|
Volume 5, 2012
by Simon Moffatt, CISA, CISSP, MBCS
This article reviews the definition of an insider threat and its impact, and provides an overview of the techniques to control and remediate these threats.
|
These links, which have been contributed by site users, link to external third-party web sites. ISACA has not evaluated these web sites and accepts no responsibility for their suitability, security or privacy practices.
The National Institute of Standards and Technology issued on April 30 the latest version of its quintessential guidance: Special Publication 800-53, Revision 4: Security and Privacy Controls for Federal Information Systems and Organizations.
|
No single privacy law blankets the country. Instead, there is a crazy quilt of laws with which every organization doing business in the U.S. must comply.
|
Europe and the United States are operating at far different speeds with respect to data privacy regulation. And that could be a stumbling block in future trade talks.
|
At first glance, it seems a revolutionary sentence, but it's not. It's just the same old rule (respect for privacy) in all cases when Police uses Municipal Registers to expel Foreigners with no permission (I can't call them "illegal")
|
Google Inc's privacy practices are drawing heat after an Australian software developer said the company was providing him with personal information, including email addresses, of everyone who purchased his mobile app.
|
here is a link to all presentations from an amazing privacy conference in Brussels (you can go back 5 years)
|
|
Resumen
El imparable crecimiento de internet en el mundo, y la integración de los diversos sistemas informáticos conectados a la red de Internet han hecho que la Seguridad de la Información alcance un papel de suma importancia actualmente. Desde el moment...
Posted By : ArthurHuamani | 0 comments
|
It is disheartening in the extreme when privacy, security, audit, governance and legal professionals persist the self-fulfilling-prophetic chant that “privacy is dead.” It isn't dead—or even dying.
Quite the opposite, in fact.
Seven bills have come b...
Posted By : WLWells | 1 comments
|
|
მოგესალმებით,
მოკლედ, იმდენი რამ მოხდა 2012-ში, რომ დავდექი რთული ამოცანის წინაშე, უბრალოდ ჩამომეთვალა საინტერესო უსაფრთხოების მოვლენები, თუ გამეცხრილა და ერთი-ორზე უფრო დეტალურად გვესაუბრა. გადავწყვიტე ნაზავით დავემშვიდობოთ 2012-ს, და 2013-ზე გადავერთოთ ...
Posted By : David190 | 0 comments
|
During an audit you may find that shell scripts are used to connect to your Oracle database (these are often scheduled jobs). In many instances this represents a security risk as the Oracle database password is hardcoded into the script. This means th...
Posted By : Ian Cooke | 0 comments
|
|
As with configurations the company you are auditing should have a policy on password controls.
We have previously discussed that SQL Server allows two methods of authenticating to the database – Mixed Mode and Windows Authentication (see http://www.isa...
Posted By : Ian Cooke | 0 comments
|
Typically application access to a SQL Server database is via one of two methods.
Either all users access the same database using a single (proxy) user which is defined in an initialisation (.INI) file, registry etc.
Or the users access the database ...
Posted By : Ian Cooke | 2 comments
|
|
|