journal header

Volume 2, 2017

This Week's Online-Exclusive Feature

Audit Transparency in Action
22 March 2017

Professional trainers have many opportunities to speak to companies and organizations about leading practices in the internal/IT audit industries. Trainers have the luxury of opining on internal matters while remaining outsiders, which enables them to stay removed from intercompany politics and corporate culture. Many trainers believe, within any environment, certain foundational aspects of internal/IT audit are necessary for success. One of these key pillars is the general concept of audit transparency. The general perception is that, whenever possible (and it should be possible in all audits except for fraud investigations), internal/IT audit should pride itself on 100 percent transparency. This is foreign to many auditors and is not ingrained in the thought process of departments. Read More >>

Indicates Online-Exclusive Content



Podcast  New!
ISACA Journal Volume 1 Podcast

The Automation Conundrum

This Week's Featured Blog

The Value of Risk Comparison
27 March 2017
Mukul Pareek, CISA, ACA, ACMA, PRM

When I used to run vulnerability management for a previous employer, my colleagues and internal clients would stop me in the corridors and ask, “Hey Mukul, how vulnerable are we today?” Of course, this question was largely unanswerable or, at best, deserving of a rhetorical answer. Yet not wanting to appear clueless about my area of responsibility, over time I found myself responding as to whether we were better or worse off than the last week or the last month. This response would normally satisfy most, but a few curious folks would ask how I knew that. I did not know how I knew, but doing the job day in and day out gave me a gut feeling...or so I thought. Read More >>

Indicates Online-Exclusive Content



What's New for Nonmembers

IS Audit Basics Articles

Navigating the US Federal Government Agency ATO Process for IT Security Professionals

The Auditors, IS/IT Policies and Compliance

Preparing for Auditing New Risk, Part 2

Preparing for Auditing New Risk, Part 1

The Soft Skills Challenge, Part 6

The Soft Skills Challenge, Part 5


Full Journal Issues

Volume 2, 2016 Project Management: Methodologies and Associated Risk

Volume 1, 2016 Transforming the Auditor

Volume 6, 2015 The Internet of Things

Volume 5, 2015 Cybersecurity

Volume 4, 2015 Regulations & Compliance

Volume 3, 2015 Governance and Management of Enterprise IT (GEIT)