ISACA Journal Author Blog

 ‭(Hidden)‬ Admin Links

ISACA > Journal > Journal Author Blog

Experiences During Government-mandated Audits

Jeroen van Lewe, CISA, CEH, CIA, ECSA
Posted: 4/28/2016 3:02:00 PM | Category: | Permalink | Email this post

My recent Journal article is a case study about mandatory audits in the Netherlands. I am interested in comparing similar events on an international scale. I have already researched sectorwide IT projects to improve government services to citizens. In my opinion, the insights drawn from these comparisons are valuable. One can use these insights to avoid the same difficulties. It can save a lot of time and money if you can learn from insights gained elsewhere.

In the Netherlands, a digital crisis in 2011 resulted in many different types of changes over a short period of time. Some of the changes were mandatory IT audits and changes in the approach to IT audits. It was an important step forward, and as IT auditors, we had to overcome complex challenges.

 
Read More >>
    

Board Involvement With IT Governance

Nancy Lankton, CISA, CPA, and Jean Price
Posted: 4/25/2016 3:15:00 PM | Category: | Permalink | Email this post

Interest in IT governance is increasing due to the changing role and relevance of IT within organizations for supporting, sustaining and expanding business. According to the IT Governance Institute, IT governance is the form of leadership, organizational structures and processes that ensure an organization's IT sustains and extends the organization's strategies and objectives. While management’s role in IT governance is imperative, practitioners and academics have also long advocated board involvement in IT governance. However, the literature shows that boards may not be very involved in IT governance. This could be because board members may not have the needed IT expertise to provide direction on important operational and strategic IT-related issues. Boards may also not be very involved because IT does not get put on the board’s agenda or board members simply do not understand their roles regarding IT governance.

 
Read More >>
    

Effective Data Visualization

Karina Korpela, CISA, CISM, CISSP, PMP
Posted: 4/21/2016 4:15:00 PM | Category: | Permalink | Email this post

Part 1 of my Journal article covered the 4 layers to understand well before designing your visualizations. Those are:  know your data, know your message, know your audience and know your options. In part 2, my aim was to cover the science aspect of data visualization, which entails understanding how the brain stores and process visual information.

Cognitive load is essential to understand when designing visuals. There are ways to decrease the load and, therefore, maximize data processing and understanding. Some charts are better than others when trying to convey the greatest number of ideas with the least ink.

 
Read More >>
    

Is Cybersecurity Everyone's Concern?

Sanjiv Agarwala, CISA, CISM, CGEIT, BS25999/ISO 22301 LA, CISSP, ISO 27001:2013 LA, MBCI
Posted: 4/18/2016 3:06:00 PM | Category: | Permalink | Email this post

Is your business connected to the Internet for any services? Do you shop online or purchase any products or services online? Are you on Facebook, Twitter, LinkedIn or any other social networking web sites? Do you have a high-end mobile phone and use chat applications such as WhatsApp? If so, cybersecurity is an issue about which you should be concerned.

If you think that you could never be a victim of an attack originating on any of these platforms, you should think twice, because cybercriminals are keenly tracking your identities and researching your shopping behavior, watching what you do online and, ultimately, profiling the very devices through which you are connected to cyberspace. Since you are part of the bigger, interconnected network, you are a potential target of a cyberattack.

 
Read More >>
    

Using Technology for Right or Wrong

Vasant Raval, DBA, CISA, ACMA
Posted: 4/11/2016 3:08:00 PM | Category: | Permalink | Email this post

Technology, including its byproducts, is most likely value-neutral. By itself, it seems unable to commit any wrongdoing. And yet, we find so many scenarios in which technology provides a breeding ground for nurturing a wrongful act, as if luring people  to take advantage of it. Features offering anonymity, as in the case of e-currency, offer confidentiality assurance. But they could also mask illegitimate or illegal transactions. Bitcoin can neither prevent, nor should it promote, illegal use of its currency system. But then, once the system is open for everyone’s use, who would guard against morally or legally improper use of the system? Apparently, technology appears to be a weak partner in the process of prevention or detection of moral compromises, but this may change in the future.

 
Read More >>
    
<< First   < Previous     Page: 1 of 61     Next >   Last >>