While reading a discussion in this forum about enterprise architecture, I had a lightbulb moment which brought with itself, a lot of questions and speculations.
As an auditor, I have always been intrigued by the solution frameworks deployed within the or...
|
Hello All,
For those of you unable to make the ISACA Los Angeles IT risk workshop, there are two options on the US east coast (might also be easier for those coming from Europe). Washington DC June 11-12 (2 day version at the National Capital Area Chapt...
|
Hello all, if you happen to be attending the Conference in Los Angeles, please let me know. Always nice to meet people live. Best, Brian
|
As a member of ISACA we must professionally and independently verifies the ERF(Enterprise Risk Framework ) by checking the operational and design effectiveness of controls in mitigating the IT Risks. The process must not be confused with regulatory audit ...
Tariq296 | 4/26/2013 3:03:15 PM | COMMENTS(1)
|
I've worked on Agile project and I found it very hard to embed Risk Management as part of many small iterations of the project, an I'd appreciate if you anyone can share his experience around Risk Management best practice in Agile projects.
|
I am registered for the CRISC exam on June 11. I would like to be in contact with colleagues reading the CRISC Review Manual to discuss topics and make the reading experience more enjoyable.
Juan769 | 4/12/2013 2:01:54 AM | COMMENTS(6)
|
Downloads
Posted by ISACA 214 days ago
|
Downloads
Posted by ISACA 1089 days ago
|
Research
Posted by ISACA 21 days ago
|
IT RISK MANAGEMENT
DRIVERS, CHALLENGES AND ENABLERS FOR AUSTRALIAN ORGANISATIONS
To attain strategic, program and operational objectives, most organisations rely on the right IT services to be delivered at the right time. This is only possible if IT risks have been identified and mitigated to an acceptable level.
This whitepaper has been written to help organisations protect, enable and optimise their value chain, through an effective IT risk management capability. This document identifies the key drivers and challenges of IT risk management. It also outlines what enablers are available to solve these challenges.
|
Books
Posted by ISACA 128 days ago
|
Books
Posted by ISACA 128 days ago
|
6 May 2013
ISACA International Event
Washington, DC, US
|
|
|
10 Jun 2013
ISACA International Event
Berlin, Germany
Early bird deadline has been extended: save over US $350 when you register by 1 May. Learn from industry-leading IT experts at Insights 2013. This is a unique opportunity to discover revolutionary new ideas at the world’s premier business event.
|
16 Sep 2013
ISACA International Event
London, England
Stay on top of the trends and opportunities of the dynamic technology industry at EuroCACS/ISRM 2013 in Berlin—the leading European conference for IT audit, assurance, security and risk professionals. Save over US $200 when you register by 22 July!
|
30 Sep 2013
ISACA International Event
Medellín, Colombia
La Conferencia Latinoamericana CACS/ISRM 2013 en Medellín, Colombia es la conferencia principal latinoamericana para los profesionales de auditoría, riesgo y seguridad de la información. Ahorre más de EE.UU. $ 100 si se inscribe antes del 7 de agosto!
|
14 Oct 2013
ISACA International Event
Boston, MA, USA
|
Volume 3, 2013
by Steven DeFino and Larry Greenblatt | Reviewed by Dauda Sule, CISA
This Guide is targeted toward individuals who wish to attain the Certified Ethical Hacker (CEH) certification.
|
Volume 2, 2013
by Darlene Tester
Not performing a full risk assessment before determining what security controls should be implemented is equivalent to not “looking before you leap.”
|
Volume 2, 2013
by Bob Smart, CISA, CISM, CRISC, MACS Snr, MBIS
Professional certifications can be defined as a promise made by the certifying body that the recipient has demonstrated a minimum level of capabilities.
|
Volume 2, 2013
by Samuel Pierre-Louis, CISSP-ISMP, René Sanchez, CISM, CBCP, MBCI, and Molly Shek, CISM, CGEIT, CRISC, PMP, RHIA
How does an organization that is faced with numerous federal and state compliance requirements meet the challenge?
|
Volume 2, 2013
by Vicki Gatewood, CGEIT, CRISC
For all of the positive claims about the benefits of cloud computing, there have been as many articles warning of the dangers.
|
Volume 2, 2013
by Rajesh Bhatia, CISA, CGEIT, PMP, MDP
This article discusses the benefits of using the framework of the five IT governance focus areas.
|
These links, which have been contributed by site users, link to external third-party web sites. ISACA has not evaluated these web sites and accepts no responsibility for their suitability, security or privacy practices.
In December 2012, the Economic Intelligence Unit (EIU) conducted a global survey, sponsored by KPMG International, to explore how effectively companies are integrating a holistic governance, risk and compliance (GRC) framework throughout the enterprise. The survey included responses from more than 1000 C-suite executives.
The survey questions cantered around priority areas for assessing the evolution of GRC namely:
(a) operationalizing/embedding the risk management program and linking it to organizational strategy,
(b) ensuring accuracy of the risk profile,
(c) clarity of roles and responsibilities through the three lines of defense structure,
(d) converging the risk and control functions across the organization,
(e) enhancing the aggregation and analysis of data to create an enterprise wide view of risk,
(f) increasing transparency with enhanced reporting and communicating and
(g) adapting to an evolving regulatory environment.
|
Could be helpful to share with your business and/or IT leaders to spark conversation and action.
|
The world’s vulnerability to further economic shocks and social upheaval risk undermining the progress that globalization has brought, warns the World Economic Forum in its Global Risks 2012 report. The seventh edition of this annual publication was published. The report looked at 50 global risks and used a survey of 469 experts and industry leaders to capture the perceived impact, likelihood and interconnectedness of the risks.
From this process the top five risks in terms of likelihood emerged as:
Severe income disparity
Chronic fiscal imbalances
Rising greenhouse gas emission
Cyber attacks
Water supply crises.
The top five risks ranked by potential impact are:
Major systemic financial failure
Water supply crises
Food shortage crises
Chronic fiscal imbalances
Extreme volatility in energy and agriculture prices.
|
Discusses differences between industries and countries in what drives risk management
|
Tailor for financial companies, lessons draw on all industries. In depth understanding of scenario analysis based on how the environment and enterprise capabilities interaction. Discussion of dependencies on IT from one of the co-authors of ISACA's Risk IT.
|
Great debate.
Contributed by Don on 8 Mar 2011
|
|
Check out the video interview with Jack Danahy on the 2013 Global Reputational Risk and IT Study and please leaving your ratings and feedback on the video landing page. https://ibm.biz/Bdxb3k
Posted By : Calvin Powers | 0 comments
|
Grupos de Estudio para Acreditaciones de JUNIO, SEPTIEMBRE Y DICIEMBRE 2013.
Para los que esten interesados en la presentación del exámen de certificación CISA y CISM o para cualquiera que desee comenzar a prepararse para estas o las próximas pruebas, pu...
Posted By : Alexander Osorio | 0 comments
|
|
It is disheartening in the extreme when privacy, security, audit, governance and legal professionals persist the self-fulfilling-prophetic chant that “privacy is dead.” It isn't dead—or even dying.
Quite the opposite, in fact.
Seven bills have come b...
Posted By : WLWells | 1 comments
|
If I were to tell you that the following capture was off a WiFi Access Point - you may be alarmed. If however, I was also to tell you this was an AP supporting the WiFi access needs for the Clients of a very well known 4 Star London Hotel, you may be even...
Posted By : John379 | 0 comments
|
|
Wehave observed groups arrive on the Hacking Scene, and one very notablerepresentation is the now infamous Anonymous. But, who are they, what is thereobjective, and what are the implications for the future?Whoare they? To shed a little light, and possibly...
Posted By : John379 | 0 comments
|
I find that history has a habit of repeating itself. Back in the eighties,based on some early studies by Fred Cohen, I was one of a handful ofprofessionals who saw the dangers presented by the new phenomena of theComputer Virus – at which time it was only...
Posted By : John379 | 0 comments
|
|
|