ISACA JournalIndicates Online-Exclusive Content
Volume 4, 2017 

Indicates Online-Exclusive Content
View RSS feed
Columns
1
Information Security Matters: André Maginot’s Line
Steven J. Ross, CISA, CISSP, MBCP
Some time ago in this space, I used an obscure statement by a nearly forgotten British Prime Minister to make some points about cyber security. Read More
1
IS Audit Basics: Audit Programs
Ian Cooke, CISA, CRISC, CGEIT, COBIT Assessor and Implementer, CFE, CPTE, DipFM, ITIL Foundation, Six Sigma Green Belt
An audit/assurance program is defined by ISACA as a step-by-step set of audit procedures and instructions that should be performed to complete an audit. Read More
1
The Network
Theresa Grafenstine, CISA, CRISC, CGEIT, CGAP, CGMA, CIA, CISSP, CPA
Get to know your network. Read More
View RSS feed
Features
1
A Guide to Auditing Attachment Fields in Access Databases
Joshua J. Filzen, Ph.D., CPA and Mark G. Simkin, Ph.D.
Attachments are popular in several accounting contexts. Many of the same file types that can be attached to emails can also be attached to the records in databases. Read More
1
A View of Blockchain Technology From the Information Security Radar
Vimal Mani, CISA, CISM, Six Sigma Black Belt
Blockchain is a distributed database that maintains a continuously growing list of records called blocks that are secured from any kind of tampering and revision efforts. Read More
1
Building a Security Culture: Why Security Awareness Does Not Work and What to Do Instead
Joseph Opacki
In 2016, the Anti Phishing Working Group noted that there were 1,220,523 total phishing attacks—65 percent increase over the previous year. Read More
1
Challenges and Lessons Learned Implementing ITIL, Part 1: Realizing Value Through Business IT Alignment
Mathew Nicho, Ph.D., CEH, CIS, ITIL Foundation, RWSP, SAP, Shafaq Khan, Ph.D., CIS, PMBOK, PMP, SAP, and Ram Mohan, CRISC, CISM, CGEIT, ISO 27001, ITIL Foundation
A key issue often cited by information systems (IS) executives in the last three decades is aligning IT with business, which assists in realizing value from IT investments. Read More
1
Challenges and Lessons Learned Implementing ITIL, Part 2
Mathew Nicho, Ph.D., CEH, CIS, ITIL Foundation, RWSP, SAP, Shafaq Khan, Ph.D., CIS, PMBOK, PMP, SAP and Ram Mohan, CRISC, CISM, CGEIT, ISO 27001
The Emirates National Oil Company embarked on an initiative to realize value out of IT assets through Information Technology Infrastructure Library (ITIL) process implementation. Read More
1
Demystifying Cyber Security in Industrial Control Systems
Sri Mallur
Industrial control systems (ICSs) are changing by relying more on off-the-shelf information technology (IT), thereby exposing these systems to more IT risk. Read More
1
Enterprise Security Architecture—A Top-down Approach
Rassoul Ghaznavi-Zadeh, CISM, COBIT Foundation, SABSA, TOGAF
Traditionally, security architecture consists of some preventive, detective and corrective controls that are implemented to protect the enterprise infrastructure and applications. Read More
1
Exploring How Corporate Governance Codes Address IT Governance
Steven De Haes, Ph.D., Anant Joshi, Ph.D., Tim Huygh and Salvi Jansen
IT governance, also referred to as governance of enterprise IT (GEIT) or corporate governance of IT, is a subset of corporate governance that is concerned with enterprise IT assets. Read More
1
Key Ingredients to Information Privacy Planning
Larry G. Wlosinski, CISA, CRISC, CISM, CAP, CBCP, CCSP, CDP, CIPM, CISSP, ITIL v3, PMP
The root causes of privacy incidents include the outsourcing of data, malicious insiders, system glitches, cyberattacks, and the failure to shred or dispose of privacy data properly. Read More
1
Mobile Workforce Security Considerations and Privacy
Guy Ngambeket, CISA, CISM, CGEIT, ITIL v3 , PMP
Remote working has a lot of advantages, both for the company and the employees. In the past years, it has become increasingly used by companies as a perk. Read More
1
Proposal for the Next Version of the ISO/IEC 27001 Standard
Tolga Mataracioglu, CISA, CISM, COBIT Foundation, BS 25999 LA, CCNA, CEH, ISO 27001 LA, MCP, MCTS, VCP
In this article, the International Organization for Standardization (ISO)/International Electrotechnical Commission (IEC) ISO/IEC 27001:2013 standard is introduced briefly and compared to ISO/IEC 27001:2005. Read More
1
Rethinking Cybervalue at Risk: A Practical Case for Risk Quantification
Sudhakar Sathiyamurthy, CISA, CRISC, CGEIT, CIPP, ITIL Expert
The trustworthiness of various risk assessment methods in pursuit of risk-based decisions is largely questioned in the marketplace. Read More
1
Social Media Rewards and Risk
Mohammed J. Khan, CISA, CRISC, CIPM
Social media is a powerful tool that gives organizations the ability to expand their brand value; it can also tarnish a brand overnight. Read More
View RSS feed
Book Reviews
1
Transforming Cybersecurity
ISACA | Reviewed by Ravi Ayappa, Ph.D., CISA, CRISC, CISM
Transforming Cybersecurity is a useful handbook for any cyber security practitioner, information security manager (ISM) or IT auditor. Read More
View RSS feed
More
1
Help Source Q&A
Sunil Bakshi, CISA, CRISC, CISM, CGEIT, ABCI, AMIIB, BS 25999 LI, CEH, CISSP, ISO 27001 LA, MCA, PMP
Our organization has employees who work mostly in the field. Previously, they had been provided laptops and mobile phones by the organization. Read More
1
Quiz 173 
Based on Volume 2, 2017
Read More
1
Standards, Guidelines, Tools and Techniques
ISACA Member and Certification Holder Compliance
An up-to-date listing of the current IT Audit and Assurance Standards, Guidelines, and Tools and Techniques Read More
1
Tools: Mobile Security Tools on a Budget
Ed Moyle
From email to calendaring to business applications, employees are, quite literally, doing business from any device, any time of the day or night, from anywhere and everywhere on the planet. Read More