Volume 1, 2012

The ISACA Journal is dedicated to the publication of managerial and technical guidance from experienced global authors to enhance the proficiency and competitive advantage of its international readership. With volume 1, 2012, the Journal focuses on the theme Critical Resource Management, with articles on implement business continuity projects, database backup and recovery, and information risk management, among others.

Journal
- Current Issue
- JOnline
- Past Issues
  - 2013
  - 2012
    - Volume 6
    - Volume 5
    - Volume 4
    - Volume 3
    - Volume 2
    - Volume 1
  - 2011
  - 2010
  - 2009
  - 2008
  - 2007
  - 2006
  - 2005
  - 2004
  - 2003
  - 2002
  - 2001
  - 2000
- Journal Author Blog
- Submit an Article
- Advertise
- CPE Quizzes
- Current Digital Journal
- Journal Mobile Apps

Cloud Computing

Securing Cloud-based Applications

Michael Mendelsohn, CISSP, Antoine Philipovitch, William Welch, CISM, and Robert Zanella, CISA
One of today’s big security marketing pushes is enterprise single sign-on (ESSO).

CPE Quiz

Quiz 140

Based on Volume 5, 2011

Features

Database Backup and Recovery Best Practices

Ali Navid Akhtar, OCP, Jeff Buchholtz, Michael Ryan, CIA, CPA, and Kumar Setty, CISA
This article covers the topics related to data loss and the types of database backup and recovery available.

Effective IT Governance Through the Three Lines of Defense, Risk IT and COBIT

Ronke Oyemade, CISA, CRISC, PMP
This article defines IT governance, addresses its importance, and describes how to apply the three lines of defense by implementing a combination of the Risk IT and COBIT frameworks.

Incorporating COBIT Best Practices in PCI DSS V2.0 for Effective Compliance

Mathew Nicho, Ph.D., CEH, SAP-SA, RWSP
With more and more transactions based on credit cards, merchants dealing with these are forced to comply with standards such as PCI DSS v2.0 or face huge penalties.

Information Risk Management for Supporting a Basel II Initiative

Angsuman Dutta and Prasad Sista
To reduce information risk exposure through appropriate risk mitigation processes, financial organizations need to put a stronger focus on information quality management.

Key Issues, Challenges and Resolutions in Implementing Business Continuity Projects

Rama Lingeswara Satyanarayana Tammineedi, CISA, BCCE, CBCP, CISSP, PMP
Business continuity management (BCM) is a holistic process to ensure uninterrupted availability of all key business resources required to support critical business activities, whether manual or IT-enabled, in the event of business disruption.

The Devil’s in the Details

Seth Davis, CFA, CIA, CPCU, Pat Ferrell, ARe, AIC, CPCU, Sean Scranton, CISA, CISM, CCNA, CISSP, and Peter Millar
Fraud impacted 87 percent of organizations in 2010, according to the Kroll Global Fraud Report.

HelpSource Q&A

Gan Subramaniam, CISA, CISM, CCNA, CCSA, CIA, CISSP, ISO 27001 LA, SSCP
What kind of risks should organizations be cognizant about particularly when they outsource their internal processes and data processing to third parties?

Information Security Matters

A Room With Machines

Steven J. Ross, CISA, CISSP, MBCP
If there is to be any advanced technology, the data center and the machines in it need to be operated and maintained in a manner consistent with prudent business practices.

IT Audit Basics

Evaluating Access Controls Over Data

Tommie W. Singleton, Ph.D., CISA, CGEIT, CITP, CPA
This article offers some basic guidance to IT auditors in evaluating the access controls over relevant data files.

Online Exclusive

JOnline: Book Review—Cyber Attacks: Protecting National Infrastructure

Edward Amoroso | Reviewed by Jeimy J. Cano M., Ph.d., CFC, CFE, CMAS
This book is particularly interesting to and useful for information security and IT governance professionals because of its strategic and tactical guidance that can help refine decisions on the protection of critical infrastructure.

JOnline: Book Review—Information Security and Privacy

Thomas J. Shaw Esq. | Reviewed by Horst Karin, Ph.d., CISA, CRISC, CISSP
It is critical for businesses to understand legal implications and compliance and to have appropriate safeguards and risk management efforts in place to protect the information and private data of customers and the organization.

JOnline: Log Management: A Pragmatic Approach to PCI DSS

Prakhar Srivastava and Tarun Verma
Log management can play a pivotal role in addressing PCI DSS requirements, be a success factor and enabler for safeguarding cardholder transaction data, and provide a secure and vulnerability-free environment for cardholders.

Standards, Guidelines, Tools and Techniques

ISACA Member and Certification Holder Compliance
An up-to-date listing of the current IT Audit and Assurance Standards, Guidelines, and Tools and Techniques

Translated Articles

Governança eficaz de TI por meio do modelo das Três Linhas de Defesa, com o Risk IT e COBIT

Ronke Oyemade, CISA, CRISC, PMP
Este artigo define governança de TI, trata de sua importância e descreve como aplicar as três linhas de defesa implementando uma combinação dos modelos Risk IT e COBIT para produzir uma estrutura mais eficiente de governança de TI, de modo a fortalecê-la.

Questões, desafios e soluções fundamentais na implementação de projetos de continuidade de negócios

Rama Lingeswara Satyanarayana Tammineedi, CISA, BCCE, CBCP, CISSP, PMP
O BCM é um processo do negócio, conduzido para o negócio, e uma boa prática de governança corporativa.


What is CISA	What is CISM	What is CGEIT	What is CRISC
Benefits of CISA	Benefits of CISM	Benefits of CGEIT	Benefits of CRISC
How to Become Certified	How to Become Certified	How to Become Certified	How to Become Certified
Register for the Exam	Register for the Exam	Register for the Exam	Register for the Exam
Prepare for the Exam	Prepare for the Exam	Prepare for the Exam	Prepare for the Exam
Taking the Exam	Taking the Exam	Taking the Exam	Taking the Exam
Apply for Certification	Apply for Certification	Apply for Certification	Apply for Certification
Maintain Your CISA	Maintain Your CISM	Maintain Your CGEIT	Maintain Your CRISC

World Congress: INSIGHTS	Training Week	Webinars
North America CACS	eLearning Campus	Virtual Conferences
EuroCACS / ISRM	On-Site Training
Governance, Risk and Control	Exam Review Courses	COBIT EDUCATION
North America ISRM
Latin America CACS / ISRM
Oceania CACS
Asia-Pacific CACS / ISRM


COBIT 5 Home
Product Family
Training & Accreditation
Licensing
Join the Conversation
News
Recognition
FAQs

ISACA: Serving IT Governance Professionals

Volume 1, 2012

Read the Digital Journal