journal header

Volume 3, 2017

This Week's Online-Exclusive Feature

Controls and Assurance in the Cloud: Using COBIT 5

Book Review: Controls and Assurance in the Cloud: Using COBIT 5
28 June 2017
Reviewed by Diana M. Hamono, CISA, CGEIT, COBIT 5 Foundation

Controls and Assurance in the Cloud: Using COBIT 5 provides comprehensive process practices and a governance framework to use when conducting an assessment of cloud computing, including its associated security risk. This book is a useful resource for those involved in establishing a secure cloud computing environment in their organization. The book is also a necessary resource for IS auditors who are assessing controls and governance arrangements in an organization that is embarking on a cloud computing solution. Read More >>

Indicates Online-Exclusive Content



Podcast  New!
ISACA Journal Volume 1 Podcast

The Automation Conundrum

This Week's Featured Blog

Strengthening Risk Management in the Wake of Petya Ransomware Outbreak
28 June 2017
Ed Moyle

If you work in technology and have a working Internet connection, chances are good that you heard of (best case) or experienced firsthand (worst case) the ransomware variant making the rounds yesterday that most are referring to as a new Petya variant. It is fast, it is sophisticated and it has left a trail of global chaos in its wake as it impacted everything from national electrical grids to banks to shipping and logistics.

While this attack would be noteworthy on its own, it is particularly so coming as it does on the heels of the WannaCry attack just a few weeks ago. Read More >>

Indicates Online-Exclusive Content



What's New for Nonmembers

IS Audit Basics Articles

The Soft Skills Challenge, Part 7

Data Management Body of Knowledge—A Summary for Auditors

Risk-based Audit Planning for Beginners

The Auditors, IS/IT Policies and Compliance

Preparing for Auditing New Risk, Part 2

Preparing for Auditing New Risk, Part 1


Full Journal Issues

Volume 3, 2016 Data Privacy

Volume 2, 2016 Project Management: Methodologies and Associated Risk

Volume 1, 2016 Transforming the Auditor

Volume 6, 2015 The Internet of Things

Volume 5, 2015 Cybersecurity

Volume 4, 2015 Regulations & Compliance