Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.


NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Subscribe to all discussions

Recent Discussions

Who should be accountable for data breaches

In the aftermath of a data breach, many boards are compelled to assign blame. Read more on who they...

M.Lambert @ 6/1/2015 10:13 AM | Comments (1)

What does GEIT mean to you?

GEIT / MEIT (Governance and Management of Enterprise IT). Probably new jargon by ISACA enthusiasts ...

Paras_Shah1 @ 5/4/2015 7:17 PM | Comments (15)

Interviewing the Senior Management Team

I am conducting our organisations first IT Governance auditand have plenty of controls to look at. ...

Alex058 @ 5/1/2015 7:30 AM | Comments (6)

Disclosure issue: City of London Police say that Banks hide cyber crime losses

Another example of improper disclosure. Question what will it take to get all industries in all cou...

M.Lambert @ 4/15/2015 3:01 PM | Comments (0)

Last year Gartner forecasts expected global IT security spending will reach $76.9 billion in 2015

Article discusses evolution of security investments Read more:

M.Lambert @ 4/13/2015 6:52 PM | Comments (0)

CEO of American International Group Inc. says there’s insufficient coverage with cyber insurance.

Speaking at an event at New York University , he also pointed out that “When you compare it to the ...

M.Lambert @ 4/8/2015 7:48 AM | Comments (1)

Who should be accountable for failure to show due diligence with information security?

74% of Global 2000 Companies still vulnerable to Heartbleed one year after its public disclosure Ar...

M.Lambert @ 4/8/2015 7:19 AM | Comments (0)

New technology deployment opens cyber-threat vectors and makes security operations more complex

Companies having problems to cope with the speed of technological change would be more vulnerable t...

M.Lambert @ 4/5/2015 10:31 AM | Comments (0)

Privacy risk: article offers some explanation on why cyberattacks don’t hurt stock prices

An article based on a HBR report points out 3 major reasons why cyberattacks don’t hurt stock price...

M.Lambert @ 4/5/2015 10:01 AM | Comments (0)

Privacy and Humanity Elements for the IoT / IoE

NEW!! Last piece of my IoT Security series: Privacy and Humanity Elements for the IoT / IoE: #InfoS...

Michael S. Oberlaender @ 2/18/2015 4:15 PM | Comments (3)

Mandatory Security Design Considerations for the IoT / IoE

NEW!! Here's the next one of my IoT / IoE Security series (continued from last one):

Michael S. Oberlaender @ 2/4/2015 9:57 PM | Comments (0)

IoT / IoE: If It Has an IP Address, It Can Be Hacked

Please find my latest article here:

Michael S. Oberlaender @ 1/27/2015 12:22 PM | Comments (3)

Artificial intelligence and IT Governance

The Future of Life Institute (FLI) released an open letter, along with a research priorities docume...

M.Lambert @ 1/19/2015 8:53 AM | Comments (2)

SDLC Best Practices

Does anyone have any great resources for SDLC (System Development Life Cycle) for implementing a ne...

Michael071 @ 1/17/2015 12:17 PM | Comments (5)

Conference - InfoSec World 2015 - Opinions

Hi, new to the forum so apologies if this is not the correct place. Fairly simple question, as ther...

MartincFreeman @ 1/7/2015 2:58 AM | Comments (0)

RE: Open Source GRC Tools

I too would be interested in knowing more about Eramba. We have Archer, but the implementation is g...

James128 @ 10/26/2017 7:55 AM

RE: Open Source GRC Tools

We are using KEYLIGHT  from LockpahIt has many modules e.g RM, SM, GM,VM,....etcWe use for ISMS mai...

Ala'a ElBeheri @ 10/26/2017 6:25 AM

RE: Implementing governance

In addition to all the good points above I would like to add two additional points: 1. the ability ...

Peter873 @ 9/28/2017 10:05 AM

RE: Implementing governance

HiI have developed and implemented an ICT Governance Framework using COBIT 5. I found that it cover...

Thansen Singh @ 8/21/2017 12:43 PM

RE: Data Governance

The interest in Big Data is not new. The manage of data is evolving at a less speed than technology...

TOMAS CESPEDES @ 5/30/2017 9:37 AM

RE: Supplier Governance

Check this out:

DingDing @ 4/6/2017 12:42 PM

RE: Supplier Governance

Hey Chris...ISACA's library has a host of info on these frameworks. I'd recommend looking at those ...

DingDing @ 4/6/2017 11:38 AM

RE: Supplier Governance

Hello Chris, Have you looked into Gartner? They have done lots of work in this space and they do ha...

Lyne Bouchard @ 3/29/2017 5:08 PM

RE: Implementing governance

I like COBIT 5 because it has a huge community support from ISACA members. I have worked for many o...

david ho @ 2/22/2017 9:43 AM

RE: Implementing governance

One thing: COBIT 5 covers the enterprise end-to-end; From Governance to Management to IT Investment...


RE: Implementing governance

Thank you for your feedback. I will refer to your comments if I get into a debate on which framewor...

david ho @ 2/21/2017 1:58 PM

RE: Implementing governance

It helps to find the right alignment between Business Goals and IT Goals, so it can be used to crea...

Stefania72 @ 2/17/2017 5:04 AM

RE: Implementing governance

For me COBIT covers Enterprise IT end to end with the other frameworks i.e. ITIL, ISO, TOGAF etc. e...

Katherine824 @ 2/17/2017 1:50 AM


I believe IT Governance drives and play a vital role towards Enterprise Governance. There's an idea...


RE: T1.2

We need to identify the nature of the means to understand the mission, the vision...

Stefania72 @ 2/15/2017 2:45 PM

Auditing IT Governance

We have "IT Governance" on our audit plan for next year. We plan to oursource this first ...

Campbell @ 9/22/2014 11:27 AM | Comments (58)

Week 1 ISACA Cloud Governance Project

Welcome to the first week of our Cloud Computing Governance Project.A lot has been written about cl...

Ron Hale Ph.D. CISM @ 5/13/2011 9:16 AM | Comments (17)

Week 3 Cloud Governance and Risk

Over the last two weeks we have come to a better idea about cloud computing and what it is.  Last w...

Ron Hale Ph.D. CISM @ 5/29/2011 2:51 PM | Comments (17)

What does GEIT mean to you?

GEIT / MEIT (Governance and Management of Enterprise IT). Probably new jargon by ISACA enthusiasts ...

Paras_Shah1 @ 5/4/2015 7:17 PM | Comments (15)

Week 2 Cloud Governance and Strategy

This week we want to get a more refined look at governance and cloud computing by examining organiz...

Ron Hale Ph.D. CISM @ 5/24/2011 11:55 AM | Comments (14)

IT Strategic Plan vs Corporate Plan

Hello fellow IT governance Professionals,It is common practice that an organisation's Corporate str...

Bevan @ 11/20/2014 1:32 AM | Comments (12)

IS Governance questionnaire

I am currently assessing the quality of information systems governance in my organization. Does any...

Rich.Ludwig @ 9/15/2015 10:12 AM | Comments (10)

Week 5 Governance Questions

This week we bring together our comments from the prior weeks and begin developing the governance q...

Ron Hale Ph.D. CISM @ 6/12/2011 10:22 PM | Comments (8)

Week 4 Cloud Governance and Resources

The following definitions were drawn from Taking Governance Forward (www.takinggovernanceforward.or...

Ron Hale Ph.D. CISM @ 6/3/2011 1:08 PM | Comments (7)

Implementing governance

I'm in the process of helping an organization select an IT governance framework. What would you say...

david ho @ 2/16/2017 3:03 PM | Comments (7)

IT Governance and the management of IT

Having been in IT management (Director or CIO) for over 25 years, I am just now becoming educated o...

Richard845 @ 10/1/2015 12:54 PM | Comments (7)

ISACA Cloud Computing Projects - Looking for Volunteers

ISACA recognizes the significant interest in Cloud Computing and the needs of ISACA members to supp...

Ron Hale Ph.D. CISM @ 4/10/2011 4:13 PM | Comments (6)

Interviewing the Senior Management Team

I am conducting our organisations first IT Governance auditand have plenty of controls to look at. ...

Alex058 @ 5/1/2015 7:30 AM | Comments (6)

The Future of IT Governance – The ISACA Board Wants to Know

The ISACA Board of Directors will be examining the future of our professions and the role of IT Gov...

Ron Hale Ph.D. CISM @ 6/18/2015 8:49 AM | Comments (6)

Top Governance Issues for 2011

What are the top IT governance issues for 2011 that we have to be aware of or deal with?First we mi...

markspnj1 @ 12/29/2010 1:21 PM | Comments (5)