journal header

Volume 3, 2019

This Week's Online-Exclusive Feature

A Model and Best Practices for Risk Transformation

A Model and Best Practices for Risk Transformation
22 May 2019
David Vohradsky, CRISC, CISM, CGEIT, QSA

Increasing globalization and the associated business transformation mean that enterprises are now complex networks dependent on both the nodes within other organizations and the nodes within the same organization. This business transformation includes outsourcing, offshoring, restructuring, mergers and acquisitions, and value chain optimization. It also creates new technology risk such as increasing third-party providers, complex service interconnections and challenges of emerging markets; other problems such as intellectual property, liability and data sovereignty issues also occur.

Board members and executives believe that risk frameworks, processes and structures are no longer giving them the level of assurance they need. They see an increase in the speed and effect of risk events and a reduction in their ability to identify and tackle new risk. Read More >>

Indicates Online-Exclusive Content



This Week's Featured Blog

Rajul Kambli

The Role of Incident Management in Identifying Gaps During Stabilization Period
20 May 2019
Rajul Kambli, CISA, CMA

Deploying an enterprise resource planning (ERP) system is challenging, and identifying gaps that could lead to risk is one of the most important aspects of stabilization. In my recent ISACA Journal article, I discuss how we can optimize incident management and use it to identify such gaps and risk factors at an early stage to take corrective action.

Here are some key points that any enterprise should consider during the stabilization period... Read More >>

Indicates Online-Exclusive Content



What's New for Nonmembers

IS Audit Basics Articles

Developing the IT Audit Plan Using COBIT 2019

Auditing Cybersecurity

Assurance Considerations for Ongoing GDPR Conformance

Affect What Is Next Now

Auditing the IoT

Add Value to What Is Valued


Full Journal Issues

Volume 3, 2018 The Smart Transformation

Volume 2, 2018 Innovation Governance

Volume 1, 2018 The Future of Data Protection

Volume 6, 2017 Transforming Data

Volume 5, 2017 Enabling the Speed of Business

Volume 4, 2017 Mobile Workforce

Sponsored Feature Articles

Why Security Product Investments Are Not Working

Why Attackers Are Turning Their Attention Toward ERP Applications

Innovating Internal Audit to Unlock Value

Centralized, Model-Driven Visibility Key to IT-OT Security Management

The AICPA’s New Cybersecurity Attestation Reporting Framework Will Benefit a Variety of Key Stakeholders

Indicators of Exposure and Attack Surface Visualization