journal header

Volume 3, 2017

This Week's Online-Exclusive Feature

Breach Your Castle for Better Security

Breach Your Castle for Better Security
21 June 2017
Danelle Au

Asymmetric warfare is “the application of dissimilar strategies, tactics, capabilities and approaches used to circumvent or negate an opponent’s strengths while exploiting his weaknesses.” Similar to guerrilla or unconventional warfare, the term implies a conflict between opponents of widely disparate resources and capabilities. Asymmetric warfare is often characterized by a small, resourceful and determined force fighting a much larger, technologically advanced and organized army. The objective of asymmetric warfare is not to overwhelm the enemy, but to harass and weary the enemy until the cost of victory becomes untenable.

Security has become a kind of disproportional war, in which defenders are engaged in a constant fight and face difficult odds. Read More >>

Indicates Online-Exclusive Content



Podcast  New!
ISACA Journal Volume 1 Podcast

The Automation Conundrum

This Week's Featured Blog

Kamal KhanEmotional Labor
22 June 2017

Employees perform emotional labor (EL) when they conform their emotions to organizational expectations while interacting with customers. They can only express appropriate emotions that are specified by certain corporate rules and conventions. While not always recognized, this is one of the many factors that increases stress for IS auditors during audit engagements.

An IS audit engagement can be stressful as EL is required at different stages in the audit... Read More >>

Indicates Online-Exclusive Content



What's New for Nonmembers

IS Audit Basics Articles

The Soft Skills Challenge, Part 7

Data Management Body of Knowledge—A Summary for Auditors

Risk-based Audit Planning for Beginners

The Auditors, IS/IT Policies and Compliance

Preparing for Auditing New Risk, Part 2

Preparing for Auditing New Risk, Part 1


Full Journal Issues

Volume 3, 2016 Data Privacy

Volume 2, 2016 Project Management: Methodologies and Associated Risk

Volume 1, 2016 Transforming the Auditor

Volume 6, 2015 The Internet of Things

Volume 5, 2015 Cybersecurity

Volume 4, 2015 Regulations & Compliance