Expand your knowledge on all things audit.
Information Security Matters: Un-Privacy by Design
At the end of my last column, I allowed myself a bit of a sneer at the notion of “privacy by design.”
Innovation Governance: Innovate Yourself
A couple of years ago, I made the statement during a presentation that the amount of information collected in auditing systems and controls is orders of magnitude greater than what we collected 10 years ago.
IS Audit Basics: Auditing Software Licenses
Those of you who have read my bio are aware that in addition to writing for the ISACA Journal, I am also a topic leader for the Audit and Assurance community on ISACA’s Engage Online forum.
The Network: Walt Blackwood
What is the biggest security challenge that will be faced in 2020?
Auditing the Crown Jewels From a Cyberrisk Perspective
Auditing standards require auditors to produce a documented risk-based audit plan, taking into account input from senior management and the board.
Data Auditing: Building Trust in Artificial Intelligence
While IT risk management driven by standards/frameworks such as the International Organization for Standardization (ISO)/International Electrotechnical Commission (IEC) ISO/IEC 27001:2005 Information technology—Security techniques—Information security management systems—Requirements, British Standard (BS) 7799-3 (2006) and ISACA’s Risk IT (2009) have been around for more than a decade, in reality, IT risk management can trace its roots back to the very reason for the establishment of ISACA 50 years ago.
Inherent Risk in Adopting RPA and Opportunities for Internal Audit Departments
Many organizations are rapidly moving to implement robotic process automation (RPA) because it helps leverage multiple fronts, including cost advantage, workforce optimization, quality improvements, flexible and dynamic execution, speed, and agility.
Preparing for the Next Generation of Auditing
Whether one is auditing a rapidly transforming organization, executing audits of emerging technologies, mentoring new auditors or guiding experienced auditors, an element shaping the 21st century business environment is an increased emphasis on data analytics.
The Intelligent Audit
Artificial intelligence (AI) is a key contributor to recent technological innovations, including autopiloted cars.
Trends Challenges and Strategies for Effective Audit in a Rapidly Changing Landscape
Traditional audit is a typically retroactive activity that identifies risk in running operations and proposes solutions.
Accountability for Information Security Roles and Responsibilities Part 2
Part 1 of this article proposed a method using ArchiMate to integrate COBIT 5 for Information Security with enterprise architecture (EA) principles, methods and models to properly implement the chief information security officer’s (CISO’s) role.
Information security programs are not easy or totally successful on a global scale.
What the Board Needs to Know About the Organization’s Cybersecurity Status
Cybersecurity breaches have come to the attention of boards of directors (BoDs) because of their impact.
Auditors Have a Role in Cyberresilience
Cyberthreats are an issue for any organization or individual anywhere in the world due to the increasing dependence on computer systems, infrastructure, the Internet, social media and technological innovation.
Building Security Into IoT Devices
There will be more than 64 billion Internet of Things (IoT) devices by 2025.
Security Governance or an Elephant Fight?
There is an African proverb that says, “When elephants fight, it is the grass that suffers.”
SOC Reports for Cloud Security and Privacy
Cloud adoption has increased by leaps and bounds, adding to the already increasing types of cyberrisk.