journal header

Volume 3, 2017

This Week's Online-Exclusive Feature

Book Review: Security Considerations for Cloud Computing
17 May 2017
Reviewed by Diana Hamono

Security Considerations for Cloud Computing provides a brief overview of cloud computing, its associated security risk and information for decision makers in an organization. The book is a useful resource for managers in all parts of an organization that is considering transitioning some, or all, of its current IT services onto cloud-based services and who want to understand the security implications of doing so.

This book describes the three different cloud service models (Infrastructure as a Service [IaaS], Platform as a Service [PaaS] and Software as a Service [SaaS]) and different deployment models (public, community, private and hybrid cloud). Read More >>

Indicates Online-Exclusive Content



Podcast  New!
ISACA Journal Volume 1 Podcast

The Automation Conundrum

This Week's Featured Blog

Securing Connected Devices
15 May 2017
Hemant Patel, CISM, ITIL, PMP, TOGAF

Some Internet of Things (IoT) security issues and incidents can be attributed to poor knowledge, failure of the security manager to properly educate stakeholders or lack of stakeholder interest in investing in security measures. Some of this hesitance to invest in security comes from the desire to defer upfront or preventive security costs to operational or reactive costs. The cost deferment can be due to the lack of a proper risk model and failing to account for risk costs. In some situations, time pressures may also aid in deferring upfront security measures.

About 5 years ago, I started managing automobile sensors’ data integration architecture, and the term “IoT” was not even used at that time. Read More >>

Indicates Online-Exclusive Content



What's New for Nonmembers

IS Audit Basics Articles

Data Management Body of Knowledge—A Summary for Auditors

Risk-based Audit Planning for Beginners

The Auditors, IS/IT Policies and Compliance

Preparing for Auditing New Risk, Part 2

Preparing for Auditing New Risk, Part 1

The Soft Skills Challenge, Part 6


Full Journal Issues

Volume 3, 2016 Data Privacy

Volume 2, 2016 Project Management: Methodologies and Associated Risk

Volume 1, 2016 Transforming the Auditor

Volume 6, 2015 The Internet of Things

Volume 5, 2015 Cybersecurity

Volume 4, 2015 Regulations & Compliance