ISACA Now Blog


 ‭(Hidden)‬ Admin Links

Knowledge Center > ISACA Now

Guiding Auditors in an SAP Environment

Ben Fitts Posted: 7/30/2015 3:00:00 PM | Category: Audit-Assurance | Permalink | Email this post

Enterprise resource planning (ERP) systems automate and integrate the majority of a company’s business processes, producing consistency. They do this by sharing common data and practices across an organization, leveraging one-time data entry, and providing access to information in real time. To help in this working environment, ISACA recently released a go-to reference book for auditors that they can dog-ear with sticky note flags sticking out of the top and return to year after year.

Since the 1990s, businesses have been managing their operations with ERPs, which have enabled centralized control over operations by implementing a common data model and integrated business processes. SAP has been a leader in ERP systems from the beginning and uses a process-driven approach to match business processes with application processes.


Security Talent Management: Leveraging the “Cool”

Ed Moyle Posted: 7/29/2015 3:17:00 PM | Category: Security | Permalink | Email this post

When governments routinely address cybersecurity as part of their policy, you know that the topic is of national interest. When vulnerabilities are found in—and researchers demonstrate attacks against—computer systems in medical devices, automobiles and airplanes, you know that the significance extends even farther.

While that kind of recognition is important for the profession as a whole and is certainly impactful, there’s another area in which cybersecurity is gaining interest that is arguably more impactful to most practitioners on a day-to-day basis: increase in cultural interest.


It’s Not About Fun Anymore; It’s About Your Financial Assets

Steve Hernandez Posted: 7/28/2015 3:31:00 PM | Category: Security | Permalink | Email this post

In my line of work, people often ask why anyone would want their information. The threat environment has shifted from, “Look what I can do! Isn’t this fun?” hacks, to deliberate, concerted, concentrated efforts on a particular target to get financial information. It is a phenomenal shift and it requires a different way of thinking. However, some managers still operate with an old mindset and are unprepared for the new threat. In the federal space, senior officials with clearance can be educated on the current threat. In private industry, corporate officers are limited in their ability to receive threat briefings.


To save your security, learn to move at the speed of the wild

Brian Barnier Posted: 7/23/2015 3:03:00 PM | Category: Security | Permalink | Email this post

Monkeys move with curiosity, agility and speed. When competing for a prize, they focus on their prize and use their knowledge to race to where the prize will be, not where it was. They quickly adjust their speed to match the speed of the situation. Creatures of the wild take advantage of their capabilities in their environment.

We can all stand to learn from these animals because a contributing factor to security failure root cause is frequently the organization’s inability to move at the speed of the wild.

After presenting at ISACA and IIA programs earlier this year, I heard a common statement from auditors: “it is all moving too fast.”


Businesses Need to Implement Strict Security Measures alongside Wearables

Larry Alton Posted: 7/21/2015 3:05:00 PM | Category: Security | Permalink | Email this post

The Apple Watch release in April was refreshing. As Google Glass and other “revolutionary” pieces of personal technology continue to come up short and experience developmental delays, it was nice to see Apple launch the first mass-market smart watch. However, along with innovative technology comes potential concerns. How will wearables in the workplace affect security?

Risks of Wearables in the Workplace
The biggest potential issue associated with wearables is that they are personal. They can go anywhere, with anyone, and contain large amounts of personal data. Many wearables continuously run and never stop gathering data and information—which makes them extremely valuable to the user, but also enticing to hackers and cybercriminals.

<< First   < Previous     Page: 1 of 101     Next >   Last >>

 About This Blog


This blog is intended to offer a way for ISACA leaders, constituents and staff to exchange information of interest pertinent to the association, the business environment and/or the profession.

The comments on this site are the author’s own and do not necessarily represent ISACA’s opinions or plans. ISACA does not endorse, monitor or control any links to external sites offered in this blog, and makes no warranty or statement regarding the content on those external sites.

Anyone posting comments on this site should ensure that the content remains on-topic and steers well clear of any statements that could be considered insensitive, offensive or threatening. Given ISACA’s global nature, the need to communicate in a way that is accessible and acceptable to many cultures should be taken into account. ISACA retains the right, at its sole discretion, to refuse content that is considered inappropriate.


To volunteer to write a blog or suggest a topic send an email here.