ISACA JournalIndicates Online-Exclusive Content

Volume 4, 2017 

Some time ago in this space, I used an obscure statement by a nearly forgotten British Prime Minister to make some points about cyber security. Read More

An audit/assurance program is defined by ISACA as a step-by-step set of audit procedures and instructions that should be performed to complete an audit. Read More

Get to know your network. Read More

Attachments are popular in several accounting contexts. Many of the same file types that can be attached to emails can also be attached to the records in databases. Read More

Blockchain is a distributed database that maintains a continuously growing list of records called blocks that are secured from any kind of tampering and revision efforts. Read More

In 2016, the Anti Phishing Working Group noted that there were 1,220,523 total phishing attacks—65 percent increase over the previous year. Read More

A key issue often cited by information systems (IS) executives in the last three decades is aligning IT with business, which assists in realizing value from IT investments. Read More

The Emirates National Oil Company embarked on an initiative to realize value out of IT assets through Information Technology Infrastructure Library (ITIL) process implementation. Read More

Industrial control systems (ICSs) are changing by relying more on off-the-shelf information technology (IT), thereby exposing these systems to more IT risk. Read More

Traditionally, security architecture consists of some preventive, detective and corrective controls that are implemented to protect the enterprise infrastructure and applications. Read More

IT governance, also referred to as governance of enterprise IT (GEIT) or corporate governance of IT, is a subset of corporate governance that is concerned with enterprise IT assets. Read More

The root causes of privacy incidents include the outsourcing of data, malicious insiders, system glitches, cyberattacks, and the failure to shred or dispose of privacy data properly. Read More

Remote working has a lot of advantages, both for the company and the employees. In the past years, it has become increasingly used by companies as a perk. Read More

In this article, the International Organization for Standardization (ISO)/International Electrotechnical Commission (IEC) ISO/IEC 27001:2013 standard is introduced briefly and compared to ISO/IEC 27001:2005. Read More

The trustworthiness of various risk assessment methods in pursuit of risk-based decisions is largely questioned in the marketplace. Read More

Social media is a powerful tool that gives organizations the ability to expand their brand value; it can also tarnish a brand overnight. Read More

Transforming Cybersecurity is a useful handbook for any cyber security practitioner, information security manager (ISM) or IT auditor. Read More

Our organization has employees who work mostly in the field. Previously, they had been provided laptops and mobile phones by the organization. Read More

Read More

An up-to-date listing of the current IT Audit and Assurance Standards, Guidelines, and Tools and Techniques Read More

From email to calendaring to business applications, employees are, quite literally, doing business from any device, any time of the day or night, from anywhere and everywhere on the planet. Read More