journal header

Volume 3, 2019

This Week's Online-Exclusive Feature

Bulletproof Risk Management to Thrive in the Digital Economy

Bulletproof Risk Management to Thrive in the Digital Economy
19 June 2019
Sudhakar Sathiyamurthy, CISA, CRISC, CGEIT, CIPP, ITIL Expert

Digital technologies have profoundly changed lives, blurring the lines between the digital and physical worlds. From humble beginnings, the current constellation of devices and technologies that empower organizations has grown smarter and more deeply and intimately interconnected and Internet-connected than ever before.

The convergence of rapidly emerging technologies and smart things such as the Internet of Things (IoT), artificial intelligence (AI)-infused computing, robotics, sensors, beacons and analytics are redefining the digital environment by making organizations more intelligent and offering a hyper-local business experience to users. Read More >>

Indicates Online-Exclusive Content



This Week's Featured Blog

Patch Management Practice
17 June 2019
Spiros Alexiou, Ph.D., CISA, CSX-F, CIA

Unpatched systems represent a very serious IT security threat with potentially extremely important consequences, as documented in a large number of high-profile breaches that exploited known unpatched vulnerabilities. Since these vulnerabilities are known, not just to attackers, but also to system administrators, and since patches exist, it is on first look surprising that unpatched systems even exist. The reality, however, is that patching is not that simple: Because of interdependencies, it must be verified that the patch is compatible with everything else in the system, e.g., an operating system patch must be compatible with the applications and databases running on top of the operating system. Sometimes, they are not, as manifested, for instance, in the recent Spectre and Meltdown vulnerability, where some application providers explicitly warned against patching. Verifications mean testing by other vendors, and this may not be a high priority for the application vendor, with an answer or full solution sometimes coming with the next release. Read More >>

Indicates Online-Exclusive Content



What's New for Nonmembers

IS Audit Basics Articles

Developing the IT Audit Plan Using COBIT 2019

Auditing Cybersecurity

Assurance Considerations for Ongoing GDPR Conformance

Affect What Is Next Now

Auditing the IoT

Add Value to What Is Valued


Full Journal Issues

Volume 3, 2018 The Smart Transformation

Volume 2, 2018 Innovation Governance

Volume 1, 2018 The Future of Data Protection

Volume 6, 2017 Transforming Data

Volume 5, 2017 Enabling the Speed of Business

Volume 4, 2017 Mobile Workforce

Sponsored Feature Articles

Why Security Product Investments Are Not Working

Why Attackers Are Turning Their Attention Toward ERP Applications

Innovating Internal Audit to Unlock Value

Centralized, Model-Driven Visibility Key to IT-OT Security Management

The AICPA’s New Cybersecurity Attestation Reporting Framework Will Benefit a Variety of Key Stakeholders

Indicators of Exposure and Attack Surface Visualization