John R. Vaccal | Reviewed by Horst Karin, Ph.D., CISA, CISSP, ITIL
This handbook is a great addition to the information security professional's technical reference library.

Edited by C. Warren Axelrod, Jennifer Bayuk and Daniel Schutzer | Reviewed by Sarathy BSP Emani, CISA, CISM
This book serves as a reference for information security and privacy professionals.

Based on Volume 2, 2010

Christopher Reed, Yaping Wang, CISA, PMP, and Angsuman Dutta
The proposed approach outlines a framework for ensuring the integrity of data warehouse information by using end-to-end information controls.

Chong Ee, CISA, CGEIT
The framework can be a useful tool in identifying opportunities for fraud, incentives for fraud and rationalization of fraud.

Michael Hoesing, CISA, ACDA, CDP, CIA, CISSP, CMA, CPA
This article wishes to expand on the prior articles by providing specific implementations of data analytics to the IS audit scope of the audit universe, moving beyond financial audit techniques.

Christopher P. Buse, CISA, CISSP, CPA, Larry Marks, CISA, CGEIT, CFE, CISSP, PMP, and Steve Sizemore, CISA, CGAP, CIA
This article will briefly describe the HITECH Act and its impact on IT professionals.

Fariborz Farahmand, Ph.D.
This article presents an introduction to the cloud and some of its advantages and disadvantages.

Thomas J. Bell III, Ph.D., CISA
This article will explore how a SAS 70 audit is improved by understanding and applying PM tools and techniques. The basic tenets of PM principles will be examined and synthesized with the SAS 70 auditing process.

William R. Stanek
Stanek is a leading technology expert, an award-winning author and an instructional trainer.

Gan Subramaniam, CISA, CISM, CCNA, CCSA, CIA, CISSP, SSCP, ISO 27001 LA
Please list the ‘things we hate’ about IT security or information security from your point of view. You may also wish to add what IT security must do in terms of making amends.

Steven J. Ross, CISA, CISSP, MBCP
I believe that there are differences of custom, law, communications, politics and history that make the realization of a Platonic ideal of information security unachievable.

Tommie W. Singleton, Ph.D., CISA, CITP, CMA, CPA
This article attempts to identify some of the most important facts about fraud that are particularly applicable to the IT audit function.

Haris Hamidovic, CIA
This article focuses and comments on the ISO privacy standard and PIA in general.

Ladislav Beranek, Ph.D., CISA
The purpose of this article is to highlight the nature of the various risks inherent in electronic auctions and to outline some controls to prevent and/or mitigate these risks.

Erwin van der Zwan, CISA, CISM, CISSP
The purpose of this article is to summarize the major cybersecurity issues of ICS to help improve awareness among owners, (security) professionals, auditors and policy makers and to help organizations recognize threats and vulnerabilities.

Haiyan Chen, CISA, CIA
Properly assessing SoD has increasingly become a challenge in today’s businesses, due to increasing reliance on complicated information systems and deficient knowledge of the new forms of risks posed by computerized business processes.

ISACA Member and Certification Holder Compliance
Get an up-to-date listing of the current IT Audit and Assurance Standards, Guidelines, and Tools and Techniques.