http://www.isaca.org/_layouts/feed.aspx?xsl=1&web=/Journal/JOnline&page=1f9083b8-c09b-4ec0-b6b8-2aa6afcea298&wp=2af0a82c-ffec-411c-bd62-e82338f94d5bJOnline Rss Feed60http://www.isaca.org/Journal/Past-Issues/2013/Volume-3/Pages/JOnline-Phishing-Should-Not-be-Treated-the-Same-as-Common-Spam.aspxIn the US alone, phishing attacks on customers have been reported to result in direct financial losses of several billion US dollars per year.Wed, 29 May 2013 19:22:09 GMThttp://www.isaca.org/Journal/Past-Issues/2013/Volume-3/Pages/JOnline-An-Introduction-to-Auditing-HP-NonStop-Servers-Review-of-User-Access.aspxThis article presents an overview of the key principles used to audit an HP NonStop system.Wed, 29 May 2013 19:21:43 GMThttp://www.isaca.org/Journal/Past-Issues/2013/Volume-3/Pages/JOnline-Dealing-With-Computer-Fraud.aspxAs all organisations have become increasingly automated, their IT has become critical. Wed, 29 May 2013 19:21:53 GMThttp://www.isaca.org/Journal/Past-Issues/2013/Volume-2/Pages/JOnline-The-Information-Systems-Auditor-Unmasked.aspxThis article guides the IT professional through the mind and methodology of the IS auditor with a specific focus on procedures performed by external auditors.Thu, 28 Mar 2013 21:37:03 GMThttp://www.isaca.org/Journal/Past-Issues/2013/Volume-2/Pages/JOnline-The-Extent-of-Corporate-Social-Responsibility.aspxWhy are organizations instituting corporate social responsibility (CSR) programs?Thu, 28 Mar 2013 21:36:31 GMThttp://www.isaca.org/Journal/Past-Issues/2013/Volume-2/Pages/JOnline-Improving-Governance-Models.aspxThis article discusses the benefits of using the framework of the five IT governance focus areas.Thu, 28 Mar 2013 21:36:44 GMThttp://www.isaca.org/Journal/Past-Issues/2013/Volume-1/Pages/Convenient-Quality-Control-for-IT-Governance-aware-Enterprises.aspxSince IT processes are at the heart of the business life, creating more effective and efficient processes results in achievement of business objectives.Thu, 31 Jan 2013 19:56:57 GMThttp://www.isaca.org/Journal/Past-Issues/2013/Volume-1/Pages/Using-Personal-Mobile-Devices-in-a-Business-Setting.aspxRisk exists with the implementation of personal mobile devices in business, but with risk comes reward.Thu, 31 Jan 2013 19:57:12 GMThttp://www.isaca.org/Journal/Past-Issues/2013/Volume-1/Pages/BYOD-in-the-Enterprise-A-Holistic-Approach.aspxThis article provides insights on BYOD, its implication to IT and how organizations need to approach and adopt it. Thu, 31 Jan 2013 19:56:43 GMThttp://www.isaca.org/Journal/Past-Issues/2012/Volume-6/Pages/JOnline-Security-Metrics-A-Beginners-Guide.aspxSecurity metrics are important not only for claiming the optimum share of IT budget, but also for creating security awareness across the company and improving the overall security posture of the organization.Thu, 29 Nov 2012 20:35:36 GMThttp://www.isaca.org/Journal/Past-Issues/2012/Volume-6/Pages/JOnline-A-Strategic-Framework-for-IT-Disaster-Recovery-Assessments.aspxThis article presents a practice-tested framework that structures and prioritizes the assessment of DR programs, testing the most business-critical aspects first.Thu, 29 Nov 2012 20:35:26 GMThttp://www.isaca.org/Journal/Past-Issues/2012/Volume-6/Pages/JOnline-Is-the-Business-Network-Connected-to-SCADA.aspxThe integration or connection of SCADA networks to business networks is more necessary than ever before.Thu, 29 Nov 2012 20:35:32 GMThttp://www.isaca.org/Journal/Past-Issues/2012/Volume-5/Pages/JOnline-An-Introduction-to-Crisis-Management.aspxRisk that is not identified, or at least not identified with the scale and intensity it presents, can produce a crisis.Thu, 27 Sep 2012 19:36:17 GMThttp://www.isaca.org/Journal/Past-Issues/2012/Volume-5/Pages/JOnline-Identity-Mining-and-Insider-Threat-Monitoring.aspxThis article reviews the definition of an insider threat and its impact, and provides an overview of the techniques to control and remediate these threats. Mon, 15 Oct 2012 19:30:38 GMThttp://www.isaca.org/Journal/Past-Issues/2012/Volume-5/Pages/JOnline-Social-Networks-and-Privacy-Threats-and-Protection-French.aspxCet article a un double objectif: partir des motivations des Internautes à fréquenter les réseaux sociaux en vue d’identifier le risque de violation de leur vie privée, et d’analyser et évaluer l’efficacité des moyens de contrôle de lutte mis en œuvre.Thu, 27 Sep 2012 19:37:08 GMThttp://www.isaca.org/Journal/Past-Issues/2012/Volume-4/Pages/JOnline-To-Click-or-Not-to-Click-That-Is-the-Question.aspxInformation security awareness training courses are delivered every day in many companies, yet the results are often not as good as expected. Wed, 01 Aug 2012 14:19:34 GMThttp://www.isaca.org/Journal/Past-Issues/2012/Volume-4/Pages/JOnline-El-Negocio-de-la-Seguridad-de-la-Informacion-Revelando-la-Potencialidad-de-un-Concepto.aspxTener claridad sobre el modelo de negocio que se desarrolla en una organización es encontrar la fuente de la sabiduría empresarial.Wed, 01 Aug 2012 14:16:01 GMThttp://www.isaca.org/Journal/Past-Issues/2012/Volume-4/Pages/JOnline-10-Key-Rules-for-Using-the-ITIL-Framework-Effectively.aspxThis article shares some of the practical challenges in IT service management (ITSM) and how the ITIL framework can be used to overcome those challenges.Wed, 01 Aug 2012 14:17:48 GMThttp://www.isaca.org/Journal/Past-Issues/2012/Volume-3/Pages/JOnline-Transitioning-From-SAS-70-to-SSAE-16.aspxThis article highlights the need for SSAE 16, the notable differences and similarities between SSAE 16 and SAS 70, and estimates the effort required to transition to the new standardFri, 08 Jun 2012 15:08:31 GMThttp://www.isaca.org/Journal/Past-Issues/2012/Volume-3/Pages/JOnline-Book-Review-The-Operational-Risk-Handbook-for-Financial-Companies.aspxIn the last years, it has become more and more evident that there is a growing gap between taking financial risk and the liability for taking risk.Fri, 08 Jun 2012 15:07:44 GMThttp://www.isaca.org/Journal/Past-Issues/2012/Volume-3/Pages/JOnline-Book-Review-Security-Audit-and-Control-Features-Oracle-PeopleSoft-3rd-Edition.aspxOracle PeopleSoft HCM is one of the most commonly used human capital management (HCM) system found in medium to large companies in the US.Fri, 08 Jun 2012 15:18:49 GMThttp://www.isaca.org/Journal/Past-Issues/2012/Volume-2/Pages/JOnline-Master-Data-Management-and-Data-Governance.aspxThis book is a reference guide that looks at the topics of MDM and data governance from multiple perspectives.Mon, 02 Apr 2012 13:22:41 GMThttp://www.isaca.org/Journal/Past-Issues/2012/Volume-2/Pages/JOnline-Testing-Your-Computer-Security-Incident-Response-Plan.aspxThis article discusses the genesis for CSIR testing, several testing methodologies and/or exercises with which an organization can assess the maturity of its CSIR plan/program.Wed, 11 Apr 2012 18:54:23 GMThttp://www.isaca.org/Journal/Past-Issues/2012/Volume-2/Pages/JOnline-Customer-Relationship-Information-Technology-Internal-Control-and-Security-Framework.aspxThis article first describes the benefits of CRM systems and identifies risk areas inherent in CRM systems that threaten the benefits an organization can receive from a CRM system.Mon, 02 Apr 2012 13:23:00 GMThttp://www.isaca.org/Journal/Past-Issues/2012/Volume-1/Pages/JOnline-Book-Review-Information-Security-and-Privacy.aspxIt is critical for businesses to understand legal implications and compliance and to have appropriate safeguards and risk management efforts in place to protect the information and private data of customers and the organization.Mon, 30 Jan 2012 19:07:20 GMThttp://www.isaca.org/Journal/Past-Issues/2012/Volume-1/Pages/JOnline-Book-Review-Cyber-Attacks-Protecting-National-Infrastructure.aspxThis book is particularly interesting to and useful for information security and IT governance professionals because of its strategic and tactical guidance that can help refine decisions on the protection of critical infrastructure.Mon, 30 Jan 2012 19:08:28 GMThttp://www.isaca.org/Journal/Past-Issues/2012/Volume-1/Pages/JOnline-Log-Management-A-Pragmatic-Approach-to-PCI-DSS.aspxLog management can play a pivotal role in addressing PCI DSS requirements, be a success factor and enabler for safeguarding cardholder transaction data, and provide a secure and vulnerability-free environment for cardholders.Wed, 01 Feb 2012 14:57:10 GMThttp://www.isaca.org/Journal/Past-Issues/2011/Volume-6/Pages/JOnline-Identity-and-Access-Management-Its-Role-in-Sarbanes-Oxley-Compliance.aspxAs today’s business climate demands greater efficiency, security and regulatory compliance, the need for an effective IAM process has never been more pressing.Thu, 01 Dec 2011 15:55:51 GMThttp://www.isaca.org/Journal/Past-Issues/2011/Volume-6/Pages/JOnline-Clearing-the-Cloud-Over-PCI-DSS-v2-0.aspxThis article is intended to showcase the changes made to PCI DSS v2.0 over v1.2 to further assist with detailed understanding of the control requirements to facilitate the PCI compliance process.Thu, 01 Dec 2011 15:57:29 GMThttp://www.isaca.org/Journal/Past-Issues/2011/Volume-6/Pages/JOnline-An-Introduction-to-Information-Security-Incident-Management-Based-on-ISO-IEC-TR-18044-2004.aspxThe main objective of this article is to provide an overview of information security incident management based on ISO/IEC TR 18044:2004.Thu, 01 Dec 2011 15:59:15 GMThttp://www.isaca.org/Journal/Past-Issues/2011/Volume-5/Pages/JOnline-An-Introduction-to-Information-Security-Management-in-Health-Care-Organizations.aspxThe main objective of this article is to provide an introduction to the key elements of information security management in health care using ISO 27799:2008.Mon, 14 Nov 2011 21:30:55 GMThttp://www.isaca.org/Journal/Past-Issues/2011/Volume-5/Pages/JOnline-La-Gerencia-de-la-Seguridad-de-la-Informacion-Evolucion-y-Retos-Emergentes.aspxAsegurar una efectiva estrategia de seguridad de la información, no es sólo cuestión de instalar y mantener artefactos tecnológicos especializados.Mon, 03 Oct 2011 14:45:45 GMThttp://www.isaca.org/Journal/Past-Issues/2011/Volume-5/Pages/JOnline-Certification-The-Answer-to-Cybersecurity-Woes.aspxOrganizations need fully articulated security policies and procedures based on industry best practices to solidify their information system defenses and meet legal, contractual and regulatory requirements.Mon, 03 Oct 2011 14:45:23 GMThttp://www.isaca.org/Journal/Past-Issues/2011/Volume-4/Pages/JOnline-The-Influence-of-Irrelevant-Information-on-IS-Auditor-Key-Risk-Factor-Predictions.aspxThe results of this study reveal that IS auditors’ KRF assessments are significantly lower when irrelevant information is present vs. when irrelevant information is not present.Fri, 29 Jul 2011 17:34:07 GMThttp://www.isaca.org/Journal/Past-Issues/2011/Volume-4/Pages/JOnline-Impact-of-Security-Awareness-Training-Components-on-Perceived-Security-Effectiveness.aspxSecurity awareness training is a vital nontechnical component to information security. Fri, 29 Jul 2011 17:33:15 GMThttp://www.isaca.org/Journal/Past-Issues/2011/Volume-4/Pages/JOnline-BMIS-An-Introduction-to-the-System-Environment.aspxBMIS takes a business-oriented approach to managing information security.Fri, 29 Jul 2011 17:32:09 GMThttp://www.isaca.org/Journal/Past-Issues/2011/Volume-3/Pages/Fraud-Auditing-and-Forensic-Accounting-4th-Edition.aspxThe mission of this book is to provide a comprehensive textbook filled with knowledge, experience and methodologies for the financial auditor, fraud auditor and forensic accountant.Tue, 07 Feb 2012 16:49:11 GMThttp://www.isaca.org/Journal/Past-Issues/2011/Volume-3/Pages/An-Introduction-to-Incident-Preparedness-and-Operational-Continuity-Management-Based-on-ISO-PAS-22399-2007.aspxThe main objective of this article is to provide an introduction to the key elements of IPOCM, based on ISO/PAS 22399:2007.Tue, 07 Feb 2012 16:48:28 GMThttp://www.isaca.org/Journal/Past-Issues/2011/Volume-3/Pages/Top-IT-Governance-Issues-of-2011.aspxThis article seeks to identify a tentative list of the most prominent issues that are impacting stakeholders in the governance space in 2011.Tue, 07 Feb 2012 16:49:51 GMThttp://www.isaca.org/Journal/Past-Issues/2011/Volume-2/Pages/El-Debido-Cuidado-en-Seguridad-de-la-Informacion.aspxLas consecuencias de las fallas frente a la protección de la información en las organizaciones frecuentemente terminan en pérdidas de disponibilidad y en efectos, algunas veces catastróficos.Fri, 10 Feb 2012 18:38:41 GMThttp://www.isaca.org/Journal/Past-Issues/2011/Volume-2/Pages/The-Prevalence-of-Information-Security-Controls-Perspectives-From-IT-Auditors.aspxAmong the various organizational, technological and operational controls outlined in ISO 27002, what security controls are the most commonly implemented?Tue, 07 Feb 2012 17:17:58 GMThttp://www.isaca.org/Journal/Past-Issues/2011/Volume-2/Pages/Mapping-PCI-DSS-v20-With-COBIT41.aspxThis article contains the results of a mapping of Payment Card Industry Data Security Standard (PCI DSS) v2.0 controls with COBIT 4.1.Tue, 07 Feb 2012 17:17:23 GMThttp://www.isaca.org/Journal/Past-Issues/2011/Volume-1/Pages/The-Relevance-of-IT-in-Criminal-Investigations.aspxThe main objective of this article is to point out some of the specifics and problems of expert testimony in the field of IT.Tue, 07 Feb 2012 17:36:03 GMThttp://www.isaca.org/Journal/Past-Issues/2011/Volume-1/Pages/Risk-Management-When-Implementing-ERP-Systems.aspxThis article focuses on the types of risk advisory services that are common during an ERP implementation.Tue, 07 Feb 2012 17:35:24 GMThttp://www.isaca.org/Journal/Past-Issues/2011/Volume-1/Pages/Auditing-Biometrics-based-Authentication-Systems.aspxThis article aims to describe nuances of biometric authentication methods that will help the audit community.Tue, 07 Feb 2012 17:34:48 GMThttp://www.isaca.org/Journal/Past-Issues/2010/Volume-6/Pages/Computer-Security-Privacy-and-Politics.aspxThis book connects privacy and politics, offering a point-in-time review of recent developments in computer security.Tue, 19 Mar 2013 19:15:34 GMThttp://www.isaca.org/Journal/Past-Issues/2010/Volume-6/Pages/Information-Security-Automation-The-Second-Wave.aspxThis article presents a simplified approach to IT security management that allows IT auditors and information security professionals to discharge their responsibilities more efficiently.Tue, 07 Feb 2012 17:50:50 GMThttp://www.isaca.org/Journal/Past-Issues/2010/Volume-6/Pages/Emergency-Access-Controls-in-SAP-Environments.aspxThis article provides an overview of the tools and solutions to consider when establishing acceptable IT practices to address the challenge that emergency access to SAP environments poses.Tue, 07 Feb 2012 17:49:31 GMThttp://www.isaca.org/Journal/Past-Issues/2010/Volume-5/Pages/Privacy-and-Security-Considerations-for-EHR-Incentives-and-Meaningful-Use.aspxThis article focuses on the privacy and security aspects of the HITECH Act portion of the US American Recovery and Reinvestment Act, EHR certification criteria, and standards included in meaningful use.Tue, 07 Feb 2012 18:09:02 GMThttp://www.isaca.org/Journal/Past-Issues/2010/Volume-5/Pages/Evolution-of-Federal-Cybersecurity-From-Individual-Controls-to-Systems-of-Control.aspxThis article discusses what is needed to address the recent NIST SP 800-53 requirement changes and to build greater value delivery and extract more cost-effective management controls.Tue, 07 Feb 2012 18:06:53 GMThttp://www.isaca.org/Journal/Past-Issues/2010/Volume-5/Pages/Health-Care-Reform-Legislation-Survival-Guide-Part2.aspxThis article discusses the US Department of Health and Human Services Health Breach Notification Rule: Final Rule.Tue, 07 Feb 2012 18:08:15 GMThttp://www.isaca.org/Journal/Past-Issues/2010/Volume-5/Pages/Fundamentals-of-IT-Governance-Based-on-ISOIEC-38500.aspxThis article provides an introduction to the key elements of IT governance, to key industry frameworks used by organizations, and to guiding principles for directors of organizations on the use of IT based on ISO/IEC 38500:2008.Tue, 07 Feb 2012 18:07:35 GMThttp://www.isaca.org/Journal/Past-Issues/2010/Volume-4/Pages/JOnline-Auditing-Electronic-Auction-Systems.aspxThe purpose of this article is to highlight the nature of the various risks inherent in electronic auctions and to outline some controls to prevent and/or mitigate these risks.Tue, 07 Feb 2012 18:20:06 GMThttp://www.isaca.org/Journal/Past-Issues/2010/Volume-4/Pages/JOnline-Using-Microsoft-Office-in-Analyzing-SAP-SoD-and-Beyond.aspxProperly assessing SoD has increasingly become a challenge in today’s businesses, due to increasing reliance on complicated information systems and deficient knowledge of the new forms of risks posed by computerized business processes.Tue, 07 Feb 2012 18:21:37 GMThttp://www.isaca.org/Journal/Past-Issues/2010/Volume-4/Pages/JOnline-Security-of-Industrial-Control-Systems.aspxThe purpose of this article is to summarize the major cybersecurity issues of ICS to help improve awareness among owners, (security) professionals, auditors and policy makers and to help organizations recognize threats and vulnerabilities.Tue, 07 Feb 2012 18:20:52 GMThttp://www.isaca.org/Journal/Past-Issues/2010/Volume-4/Pages/JOnline-An-Introduction-to-the-Privacy-Impact-Assessment-Based-on-ISO22307.aspxThis article focuses and comments on the ISO privacy standard and PIA in general.Tue, 07 Feb 2012 18:19:20 GMThttp://www.isaca.org/Journal/Past-Issues/2010/Volume-3/Pages/JOnline-Making-Sure-You-Really-Are-Walking-on-Cloud-Nine.aspxThis article explores common-sense strategies to ensure an organization’s cloud computing endeavors are successful and unproblematic.Tue, 07 Feb 2012 18:38:34 GMThttp://www.isaca.org/Journal/Past-Issues/2010/Volume-3/Pages/JOnline-IT-Outsourcing-Part1-Contracting-the-Partner.aspxThis book is a how-to guide and practical key reference of best practices for the creation of a request for proposal (RFP) for the outsourcing of IT services as a strategic business alternative. Tue, 19 Mar 2013 20:20:43 GMThttp://www.isaca.org/Journal/Past-Issues/2010/Volume-3/Pages/JOnline-Tackling-Cybercrime-Divide-and-Conquere.aspxThis article will analyze the malware situation and outline an economic model. Based on this model, the consequences of software diversification are described, with some recommendations to implement this security measure.Tue, 07 Feb 2012 18:39:12 GMThttp://www.isaca.org/Journal/Past-Issues/2010/Volume-2/Pages/JOnline-Realizing-Benefits-of-IT-Investments.aspxTue, 07 Feb 2012 18:57:21 GMThttp://www.isaca.org/Journal/Past-Issues/2010/Volume-2/Pages/JOnline-The-Failure-of-Risk-Management.aspxTue, 07 Feb 2012 18:58:40 GMThttp://www.isaca.org/Journal/Past-Issues/2010/Volume-2/Pages/JOnline-Application-Security-Using-the-Role-based-Access-Control-Model.aspxTue, 07 Feb 2012 18:56:39 GMThttp://www.isaca.org/Journal/Past-Issues/2010/Volume-2/Pages/JOnline-Realizing-Trustworthy-Business-Services-Through-a-New-GRC-Approach.aspxTue, 07 Feb 2012 18:58:00 GMThttp://www.isaca.org/Journal/Past-Issues/2010/Volume-1/Pages/Gobierno-de-las-TIC-ISO-IEC-385001.aspxTue, 07 Feb 2012 19:13:09 GMThttp://www.isaca.org/Journal/Past-Issues/2010/Volume-1/Pages/Service-Integration-in-a-Multivendor-Outsourced-IT-Environment1.aspxTue, 07 Feb 2012 19:14:24 GMThttp://www.isaca.org/Journal/Past-Issues/2010/Volume-1/Pages/Soft-IT-Governance.aspxTue, 07 Feb 2012 19:15:03 GMThttp://www.isaca.org/Journal/Past-Issues/2010/Volume-1/Pages/Information-Technology-Compliance-Past-Present-and-Future1.aspxTue, 07 Feb 2012 19:13:46 GMThttp://www.isaca.org/Journal/Past-Issues/2010/Volume-1/Pages/JOnline-Using-COBIT-4-1-to-Achieve-Business-IT-Alignment-A-Practical-Approach1.aspxTue, 07 Feb 2012 19:15:41 GMThttp://www.isaca.org/Journal/Past-Issues/2010/Volume-1/Pages/Continuous-Auditing-Reexamined1.aspxTue, 07 Feb 2012 19:12:36 GMThttp://www.isaca.org/Journal/Past-Issues/2009/Volume-6/Pages/JOnline-Installing-and-Using-Snort-to-Monitor-and-Control-A-Network.aspxSun, 08 May 2011 22:20:37 GMThttp://www.isaca.org/Journal/Past-Issues/2009/Volume-6/Pages/JOnline-Is-This-the-Year-to-Automate-Sarbanes-Oxley.aspxSun, 08 May 2011 22:22:49 GMThttp://www.isaca.org/Journal/Past-Issues/2009/Volume-6/Pages/JOnline-Book-Review-Healthcare-Fraud-Auditing-and-Detection-Guide.aspxSun, 08 May 2011 22:17:15 GMThttp://www.isaca.org/Journal/Past-Issues/2009/Volume-6/Pages/JOnline-Seguridad-Logica-y-Seguridad-Fisica-Dos-Mundos-Convergentes.aspxSun, 08 May 2011 22:29:45 GMThttp://www.isaca.org/Journal/Past-Issues/2009/Volume-6/Pages/Application-Security-Controls-An-Audit-Perspective-JOnline-1.aspxSun, 08 May 2011 22:14:55 GMThttp://www.isaca.org/Journal/Past-Issues/2009/Volume-6/Pages/JOnline-Managing-Sarbanes-Oxley-Section-404-Compliance-in-ERP-Systems-Using-Information-Security-Control-Rep1.aspxSun, 08 May 2011 22:27:48 GMThttp://www.isaca.org/Journal/Past-Issues/2009/Volume-5/Pages/JOnline-Book-Review-Beyond-Compliance-10-Practical-Actions-on-Regulation-Risk-and-IT-Management.aspxWed, 02 May 2012 20:39:23 GMThttp://www.isaca.org/Journal/Past-Issues/2009/Volume-5/Pages/JOnline-Compliance-Management-andnbsp-andnbsp-A-Holistic-Approach.aspxWed, 02 May 2012 20:40:06 GMThttp://www.isaca.org/Journal/Past-Issues/2009/Volume-5/Pages/JOnline-Governance-Best-Practices-for-Fun-and-Profit.aspxWed, 02 May 2012 20:40:46 GMThttp://www.isaca.org/Journal/Past-Issues/2009/Volume-5/Pages/JOnline-Using-Information-Technologies-to-Restore-Investor-Trust.aspxWed, 02 May 2012 20:42:10 GMThttp://www.isaca.org/Journal/Past-Issues/2009/Volume-5/Pages/JOnline-Information-Security-Program-Establishing-It-the-Right-Way-for-Continued-Success.aspxWed, 02 May 2012 20:41:33 GMThttp://www.isaca.org/Journal/Past-Issues/2009/Volume-4/Pages/JOnline-Fraud-or-Error.aspxMon, 09 May 2011 20:42:44 GMThttp://www.isaca.org/Journal/Past-Issues/2009/Volume-4/Pages/JOnline-Mitigating-IT-Vulnerabilities-Provides-Continual-Fraud-Prevention.aspxMon, 09 May 2011 20:44:52 GMThttp://www.isaca.org/Journal/Past-Issues/2009/Volume-4/Pages/JOnline-Small-Business-IT-Governance-Implementation.aspxMon, 09 May 2011 20:47:02 GMThttp://www.isaca.org/Journal/Past-Issues/2009/Volume-3/Pages/JOnline-An-Approach-to-Risk-Assessment-and-Management.aspxMon, 09 May 2011 22:28:47 GMThttp://www.isaca.org/Journal/Past-Issues/2009/Volume-3/Pages/JOnline-Enterprise-Architecture-Metrics-in-the-Balanced-Scorecard-for-IT.aspxMon, 09 May 2011 22:30:53 GMThttp://www.isaca.org/Journal/Past-Issues/2009/Volume-3/Pages/JOnline-How-to-Achieve-27001-Certification.aspxThu, 09 Jun 2011 22:08:55 GMThttp://www.isaca.org/Journal/Past-Issues/2009/Volume-3/Pages/JOnline-IT-Governance-Implementation-Using-the-3P-Model-A-Staged-Approach.aspxMon, 09 May 2011 22:35:43 GMThttp://www.isaca.org/Journal/Past-Issues/2009/Volume-2/Pages/Auditing-Enterprise-Resource-Planning-Systems-JOnline-.aspxMon, 09 May 2011 23:17:19 GMThttp://www.isaca.org/Journal/Past-Issues/2009/Volume-2/Pages/A-Study-on-Canadian-IT-Security-Practices-JOnline.aspxMon, 09 May 2011 23:15:27 GMThttp://www.isaca.org/Journal/Past-Issues/2009/Volume-2/Pages/Information-Technology-Legislative-Update-JOnline.aspxSun, 15 May 2011 21:14:44 GMThttp://www.isaca.org/Journal/Past-Issues/2009/Volume-2/Pages/Book-Review-Insider-Computer-Fraud-An-In-depth-Framework-for-Detecting-and-Defending-Against-Insider.aspxSun, 15 May 2011 21:16:23 GMThttp://www.isaca.org/Journal/Past-Issues/2009/Volume-1/Pages/JOnline-Overcharges-in-the-Hydrocarbon-Industry.aspxTue, 11 May 2010 13:51:03 GMThttp://www.isaca.org/Journal/Past-Issues/2009/Volume-1/Pages/JOnline-How-to-Write-a-Security-Policy.aspxTue, 11 May 2010 13:50:26 GMThttp://www.isaca.org/Journal/Past-Issues/2009/Volume-1/Pages/JOnline-Evaluating-and-Selecting-Sarbanes-Oxley-Software.aspxTue, 11 May 2010 13:48:36 GMThttp://www.isaca.org/Journal/Past-Issues/2008/Volume-6/Pages/JOnline-Computer-Ethics-A-Potent-Weapon-for-Information-Security-Management.aspxSun, 15 May 2011 22:07:14 GMThttp://www.isaca.org/Journal/Past-Issues/2008/Volume-6/Pages/JOnline-Board-Portals-Are-They-Secure.aspxSun, 15 May 2011 22:03:09 GMThttp://www.isaca.org/Journal/Past-Issues/2008/Volume-6/Pages/JOnline-Cibercrimen-y-Ciberterrorismo-Dos-Amenazas-Emergentes.aspxSun, 15 May 2011 22:05:17 GMThttp://www.isaca.org/Journal/Past-Issues/2008/Volume-5/Pages/JOnline-Operational-Risks-Measurement1.aspxSun, 15 May 2011 22:37:41 GMThttp://www.isaca.org/Journal/Past-Issues/2008/Volume-5/Pages/JOnline-Special-Considerations-for-Data-Warehouse-Control.aspxSun, 15 May 2011 22:41:30 GMThttp://www.isaca.org/Journal/Past-Issues/2008/Volume-5/Pages/JOnline-Selecting-Projects-for-a-SAS-70-Type-II-Assessment.aspxSun, 15 May 2011 22:39:41 GMThttp://www.isaca.org/Journal/Past-Issues/2008/Volume-4/Pages/JOnline-Evaluating-Privacy-Controls1.aspxWed, 18 May 2011 18:29:08 GMThttp://www.isaca.org/Journal/Past-Issues/2008/Volume-4/Pages/JOnline-Information-Systems-Audit-Legislation-Passed-in-Korea1.aspxWed, 18 May 2011 18:31:23 GMThttp://www.isaca.org/Journal/Past-Issues/2008/Volume-4/Pages/JOnline-What-E-commerce-Audit-Planners-Should-Remember-The-Top-10-Global-CSFs-for-B2B-Audit1.aspxWed, 18 May 2011 18:35:48 GMThttp://www.isaca.org/Journal/Past-Issues/2008/Volume-3/Pages/JOnline-The-Art-of-Database-Monitoring1.aspxWed, 18 May 2011 20:06:30 GMThttp://www.isaca.org/Journal/Past-Issues/2008/Volume-3/Pages/JOnline-Billing-Audit-on-a-Mobile-Operator-Call-Detail-Record1.aspxWed, 18 May 2011 20:02:33 GMThttp://www.isaca.org/Journal/Past-Issues/2008/Volume-3/Pages/JOnline-Role-Engineering-The-Cornerstone-of-RBAC1.aspxWed, 18 May 2011 20:04:26 GMThttp://www.isaca.org/Journal/Past-Issues/2008/Volume-2/Pages/JOnline-E-business-Trust-Inhibitors.aspxWed, 18 May 2011 22:23:03 GMThttp://www.isaca.org/Journal/Past-Issues/2008/Volume-2/Pages/JOnline-Lessons-From-a-Fraud-Case-in-Turkey1.aspxWed, 18 May 2011 22:24:58 GMThttp://www.isaca.org/Journal/Past-Issues/2008/Volume-2/Pages/JOnline-SAS-70-Reports-What-Do-They-Really-Tell-You1.aspxWed, 18 May 2011 22:26:59 GMThttp://www.isaca.org/Journal/Past-Issues/2008/Volume-1/Pages/JOnline-IS-Auditing-Standards-in-Malaysia.aspxWed, 02 May 2012 21:44:39 GMThttp://www.isaca.org/Journal/Past-Issues/2008/Volume-1/Pages/JOnline-Data-Warehouse-Audits-Promote-and-Sustain-Reporting-System-Value.aspxWed, 18 May 2011 23:11:35 GMThttp://www.isaca.org/Journal/Past-Issues/2008/Volume-1/Pages/JOnline-Auditing_IBM_AS_400_and_System_i.aspxTue, 17 Apr 2012 21:44:00 GMThttp://www.isaca.org/Journal/Past-Issues/2007/Volume-6/Pages/JOnline-Executive-and-Board-Roles-in-Information-Security.aspxWed, 02 May 2012 21:46:39 GMThttp://www.isaca.org/Journal/Past-Issues/2007/Volume-6/Pages/JOnline-Privacy-PKI-Improved-Security-System-for-Public-Administration.aspxWed, 02 May 2012 21:49:09 GMThttp://www.isaca.org/Journal/Past-Issues/2007/Volume-6/Pages/Monitoring-Processes-and-Internal-Control-Adequacy-Continuous-Monitoring-Within-a-Microsoft-Access-D1.aspxWed, 02 May 2012 21:48:30 GMThttp://www.isaca.org/Journal/Past-Issues/2007/Volume-5/Pages/JOnline-Who-Audits-the-IT-Auditor-Monitoring-IT-Audit-Tasks.aspxWed, 02 May 2012 21:52:34 GMThttp://www.isaca.org/Journal/Past-Issues/2007/Volume-5/Pages/JOnline-Turning-a-Security-Compliance-Program-Into-a-Competitive-Business-Advantage.aspxWed, 02 May 2012 21:51:51 GMThttp://www.isaca.org/Journal/Past-Issues/2007/Volume-5/Pages/JOnline-One-of-Todays-Most-Overlooked-Security-Threats-Six-Ways-Auditors-Can-Fight-It.aspxWed, 02 May 2012 21:51:09 GMThttp://www.isaca.org/Journal/Past-Issues/2007/Volume-4/Pages/JOnline-Security-and-Privacy-vs-Computer-Forensics-Capabilities.aspxWed, 02 May 2012 21:56:46 GMThttp://www.isaca.org/Journal/Past-Issues/2007/Volume-4/Pages/JOnline-Federation-of-E-government-A-Model-and-Framework.aspxWed, 02 May 2012 21:56:10 GMThttp://www.isaca.org/Journal/Past-Issues/2007/Volume-4/Pages/JOnline-Common-Ground-on-Segregation-of-Duties-in-Application-Management.aspxWed, 02 May 2012 21:55:23 GMThttp://www.isaca.org/Journal/Past-Issues/2007/Volume-3/Pages/JOnline-Certification-and-Accreditation-A-Dilemma.aspxWed, 02 May 2012 21:59:37 GMThttp://www.isaca.org/Journal/Past-Issues/2007/Volume-3/Pages/JOnline-Auditing-CMMI-Maturity-and-Sarbanes-Oxley-Compliance.aspxWed, 02 May 2012 21:58:55 GMThttp://www.isaca.org/Journal/Past-Issues/2007/Volume-3/Pages/JOnline-The-Need-for-Legislation-Like-Sarbanes-Oxley-for-IT-Governance-An-Australian-Perspective1.aspxWed, 02 May 2012 22:00:19 GMThttp://www.isaca.org/Journal/Past-Issues/2007/Volume-2/Pages/JOnline-The-Information-Security-Assessment-and-Evaluation-Methodologies-A-DoD-Framework-for-Control-Self-as1.aspxWed, 02 May 2012 22:03:15 GMThttp://www.isaca.org/Journal/Past-Issues/2007/Volume-2/Pages/JOnline-Less-Than-Zero-vs-Zero-Day-An-Approach-to-Vulnerabilities-Exploits-Patches-and-Security.aspxWed, 02 May 2012 22:02:37 GMThttp://www.isaca.org/Journal/Past-Issues/2007/Volume-2/Pages/JOnline-Using-Systems-Engineering-to-Aid-in-HIPAA-Compliancy.aspxWed, 02 May 2012 22:03:58 GMThttp://www.isaca.org/Journal/Past-Issues/2007/Volume-1/Pages/JOnline-Change-Management-in-Process-Change.aspxWed, 02 May 2012 22:23:12 GMThttp://www.isaca.org/Journal/Past-Issues/2007/Volume-1/Pages/JOnline-Clause-49-An-Opportunity-for-Indian-listed-Corporations-to-Achieve-IT-Governance.aspxWed, 02 May 2012 22:24:00 GMThttp://www.isaca.org/Journal/Past-Issues/2007/Volume-1/Pages/JOnline-Controlling-Spreadsheets.aspxWed, 02 May 2012 22:24:45 GMThttp://www.isaca.org/Journal/Past-Issues/2006/Volume-6/Pages/JOnline-Telephone-Line-Scanning-Still-Matters1.aspxWed, 02 May 2012 22:28:18 GMThttp://www.isaca.org/Journal/Past-Issues/2006/Volume-6/Pages/JOnline-A-Framework-for-Conducting-IT-Due-Diligence-in-Mergers-and-Acquisitions1.aspxWed, 02 May 2012 22:26:59 GMThttp://www.isaca.org/Journal/Past-Issues/2006/Volume-6/Pages/JOnline-Framework-for-Measuring-and-Reporting-Performance-of-Information-Security-Programs-in-Offshore-Outso1.aspxWed, 02 May 2012 22:27:41 GMThttp://www.isaca.org/Journal/Past-Issues/2006/Volume-5/Pages/JOnline-Implementing-COBIT-in-Higher-Education-Practices-That-Work-Best1.aspxWed, 02 May 2012 22:30:36 GMThttp://www.isaca.org/Journal/Past-Issues/2006/Volume-5/Pages/JOnline-Understanding-Data-Classification-Based-on-Business-and-Security-Requirements1.aspxWed, 02 May 2012 22:31:57 GMThttp://www.isaca.org/Journal/Past-Issues/2006/Volume-5/Pages/JOnline-Sarbanes-Oxley-Act-Compliance-Strategies-for-Implementing-an-Audit-Committee-Complaints-Procedure1.aspxWed, 02 May 2012 22:31:14 GMThttp://www.isaca.org/Journal/Past-Issues/2006/Volume-4/Pages/JOnline-Beyond-Checklists-A-Socratic-Approach-to-Building-a-Sustainable-Change-Auditing-Practice1.aspxMon, 07 May 2012 19:19:43 GMThttp://www.isaca.org/Journal/Past-Issues/2006/Volume-4/Pages/JOnline-The-Need-for-and-Implementation-of-Audit-Trails1.aspxMon, 07 May 2012 19:21:52 GMThttp://www.isaca.org/Journal/Past-Issues/2006/Volume-4/Pages/JOnline-Technology-Platform-or-Application-Which-Will-Best-Fulfill-Compliance-Needs1.aspxMon, 07 May 2012 19:20:48 GMThttp://www.isaca.org/Journal/Past-Issues/2006/Volume-3/Pages/JOnline-Virtualization-Usage-Risks-and-Audit-Tools1.aspxMon, 07 May 2012 19:26:32 GMThttp://www.isaca.org/Journal/Past-Issues/2006/Volume-3/Pages/JOnline-Information-Assurance-Online-Lottery-Systems1.aspxMon, 07 May 2012 19:25:35 GMThttp://www.isaca.org/Journal/Past-Issues/2006/Volume-3/Pages/JOnline-Concept-Mapping-A-Learning-Tool-for-the-Information-Systems-Audit-Profession1.aspxMon, 07 May 2012 19:24:31 GMThttp://www.isaca.org/Journal/Past-Issues/2006/Volume-2/Pages/JOnline-Delegating-Root-Authority-and-Auditing1.aspxMon, 07 May 2012 19:32:52 GMThttp://www.isaca.org/Journal/Past-Issues/2006/Volume-2/Pages/JOnline-Road-Map-for-Information-Security-What-to-Do-After-BS-7799-Certification1.aspxMon, 07 May 2012 19:34:14 GMThttp://www.isaca.org/Journal/Past-Issues/2006/Volume-2/Pages/JOnline-Strengthening-Access-Control-Using-Smart-Cards1.aspxMon, 07 May 2012 19:36:08 GMThttp://www.isaca.org/Journal/Past-Issues/2006/Volume-1/Pages/JOnline-Network-Intrusion-Detection-Know-What-You-Do-Not-Need.aspxMon, 07 May 2012 19:40:00 GMThttp://www.isaca.org/Journal/Past-Issues/2006/Volume-1/Pages/JOnline-ID-Theft-Fraudster-Techniques-for-Personal-Data-Collection-the-Related-Digital-Evidence-and-Investi1.aspxMon, 07 May 2012 19:38:41 GMThttp://www.isaca.org/Journal/Past-Issues/2006/Volume-1/Pages/JOnline-The-SAP-Landscape-That-Warrants-Audit.aspxMon, 07 May 2012 19:40:49 GMThttp://www.isaca.org/Journal/Past-Issues/2005/Volume-6/Pages/JOnline-On-a-Mission-to-Merge1.aspxMon, 07 May 2012 20:01:05 GMThttp://www.isaca.org/Journal/Past-Issues/2005/Volume-6/Pages/JOnline-Trazabilidad-de-las-Operaciones-Electronicas-Un-Reto-para-la-Gerencia-de-Tecnologias-de-Informacion1.aspxMon, 07 May 2012 20:02:33 GMThttp://www.isaca.org/Journal/Past-Issues/2005/Volume-6/Pages/JOnline-Creating-and-Enforcing-an-Effective-Information-Security-Policy1.aspxMon, 07 May 2012 20:00:05 GMThttp://www.isaca.org/Journal/Past-Issues/2005/Volume-5/Pages/JOnline-An-Approach-to-Vulnerability-Management1.aspxMon, 07 May 2012 20:20:37 GMThttp://www.isaca.org/Journal/Past-Issues/2005/Volume-5/Pages/JOnline-Security-Information-Management-Not-Just-the-Next-Big-Thing1.aspxMon, 07 May 2012 20:21:35 GMThttp://www.isaca.org/Journal/Past-Issues/2005/Volume-4/Pages/JOnline-ERP-Postimplementation-Problems.aspxMon, 07 May 2012 21:33:43 GMThttp://www.isaca.org/Journal/Past-Issues/2005/Volume-4/Pages/JOnline-How-Does-Information-Security-Fit-Into-a-Governance-Framework.aspxMon, 07 May 2012 21:34:22 GMThttp://www.isaca.org/Journal/Past-Issues/2005/Volume-4/Pages/JOnline-How-the-New-Standards-and-Regulations-Affect-an-Auditors-Assessment-of-Compliance-With-Internal-Cont1.aspxMon, 07 May 2012 21:35:17 GMThttp://www.isaca.org/Journal/Past-Issues/2005/Volume-3/Pages/JOnline-The-10-Most-Important-Things-an-IT-Person-Must-Understand-About-Security-Across-the-Enterprise1.aspxMon, 07 May 2012 21:51:04 GMThttp://www.isaca.org/Journal/Past-Issues/2005/Volume-3/Pages/JOnline-Information-Security-and-the-Human-Factor1.aspxMon, 07 May 2012 21:49:41 GMThttp://www.isaca.org/Journal/Past-Issues/2005/Volume-3/Pages/JOnline-The-Development-of-a-Shared-CIO-Executive-Management-Understanding-and-Its-Impact-on-Information-Sys1.aspxMon, 07 May 2012 21:51:38 GMThttp://www.isaca.org/Journal/Past-Issues/2005/Volume-3/Pages/JOnline-IT-Governance-Practical-Case-Using-COBIT1.aspxMon, 07 May 2012 21:50:25 GMThttp://www.isaca.org/Journal/Past-Issues/2005/Volume-2/Pages/JOnline-Generic-Exploit-Blocking-Prevention-Not-Cure.aspxMon, 07 May 2012 22:03:24 GMThttp://www.isaca.org/Journal/Past-Issues/2005/Volume-2/Pages/JOnline-IT-Governance-Pass-or-Fail.aspxMon, 07 May 2012 22:04:04 GMThttp://www.isaca.org/Journal/Past-Issues/2005/Volume-2/Pages/JOnline-Potential-Control-Processes-for-Sarbanes-Oxley-Compliance.aspxMon, 07 May 2012 22:04:44 GMThttp://www.isaca.org/Journal/Past-Issues/2005/Volume-1/Pages/JOnline-Enterprise-Instant-Messaging-Taking-Control.aspxMon, 07 May 2012 22:16:28 GMThttp://www.isaca.org/Journal/Past-Issues/2005/Volume-1/Pages/JOnline-Fingerprint-Identification-An-Aid-to-the-Authentication-Process.aspxMon, 07 May 2012 22:17:09 GMThttp://www.isaca.org/Journal/Past-Issues/2005/Volume-1/Pages/JOnline-A-Network-Is-Threatened-by-Its-Own-Endpoints.aspxMon, 07 May 2012 22:15:45 GMThttp://www.isaca.org/Journal/Past-Issues/2005/Volume-1/Pages/JOnline-Strategies-and-Influence-for-Information-Security.aspxMon, 07 May 2012 22:17:54 GMT