journal header

Volume 4, 2017

This Week's Online-Exclusive Feature

Proposal for the Next Version of the ISO/IEC 27001 Standard

Proposal for the Next Version of the ISO/IEC 27001 Standard
19 July 2017
Tolga Mataracioglu, CISA, CISM, COBIT Foundation, BS 25999 LA, CCNA, CEH, ISO 27001 LA, MCP, MCTS, VCP

In this article, the International Organization for Standardization (ISO)/International Electrotechnical Commission (IEC) ISO/IEC 27001:2013 standard is introduced briefly and compared to ISO/IEC 27001:2005. The pros and cons of ISO/IEC 27001:2013 are identified by measuring against predetermined parameters. The parameters help reveal the deficiencies of ISO/IEC 27001:2013, and this article introduces a proposal for the next version of the standard. Read More >>

Indicates Online-Exclusive Content

 

 


Podcast  New!
ISACA Journal Volume 1 Podcast

The Automation Conundrum

This Week's Featured Blog

The Absence of IT Governance Codes
17 July 2017
Steven De Haes, Ph.D., Anant Joshi, Ph.D., Tim Huygh and Salvi Jansen

In recent years, board-level supervision in information technology matters has become a key IT governance topic. It is often assumed that national corporate governance codes can guide board members to design and potentially improve their IT governance practices. At the Antwerp Management School (AMS), we conducted a study to understand what IT governance-related guidelines are included in national corporate governance codes.

We selected 15 national corporate governance codes to study. These codes were selected based on income level and geographic dispersion across different continents. Read More >>

Indicates Online-Exclusive Content

 

 


What's New for Nonmembers

IS Audit Basics Articles

Audit Programs

The Soft Skills Challenge, Part 7

Data Management Body of Knowledge—A Summary for Auditors

Risk-based Audit Planning for Beginners

The Auditors, IS/IT Policies and Compliance

Preparing for Auditing New Risk, Part 2

 

Full Journal Issues

Volume 4, 2016 Mobile Apps

Volume 3, 2016 Data Privacy

Volume 2, 2016 Project Management: Methodologies and Associated Risk

Volume 1, 2016 Transforming the Auditor

Volume 6, 2015 The Internet of Things

Volume 5, 2015 Cybersecurity