ISACA Journal Blog

AI Practitioners: Our Future Is in Your Hands

Guy Pearce, CGEIT Posted: 12/9/2019 1:02:00 PM | Category: Security | Permalink | Email this post

Imagine it is sometime in the 22nd century and that the future you is preparing for a complex surgical procedure at the local robot-run hospital, where it has become commonplace for robots to perform sophisticated, repeatable tasks, such as heart surgery, on human patients. This is the first time a robot is tackling a septal myotomy on a human, on you no less. It is still one of the most complicated medical procedures in the world almost 160 years after it was first performed, and it still takes up to 6 grueling hours for a human doctor to do, all the while nothing but a machine keeps you alive.

In the days leading up to the procedure, the chief robot doctor of the facility, Dr. Ava—named after a character in a cult classic film made more than a century before—and all but indistinguishable from a human except for the odd irregular whirring sound occurring whenever she looked up toward the sky, sat you down to share the nature of some of the quite considerable risk factors involved in the procedure. At one point, your eyes wandered to see a few framed diplomas hanging on the wall, including one from the renowned C-3P0 institute, from where Dr. Ava must have learned her diplomacy and her disarmingly reassuring doctor’s bedside manner.

 
Read More >>
    

AI or GDPR?

Andrea Tang, ISO 27001 LA Posted: 11/4/2019 4:12:00 PM | Category: Government-Regulatory | Permalink | Email this post

Consider an organization adopting artificial intelligence (AI) as being represented by a self-driving car. Data serve as gasoline, which provides the driving force to the car; machine learning (ML) is the engine, which determines the performance of the car; and AI operates as the role of the sensor in the car, contributing to the process of automatic decision-making. A self-driving car with good performance requires more data input to obtain continuous driving force to become more competitive and make more accurate analysis and predictions. However, especially for an Internet finance organization, multiple relational datasets can easily result in “isolated islands of information,” which make it difficult to connect the datasets where they can talk to each other.

 
Read More >>
    

The Role of Data Strategy in Optimizing Organizational Processes

Rajul Kambli, CISA, CMA Posted: 10/31/2019 3:29:00 PM | Category: Risk Management | Permalink | Email this post

Rajul KambliThe relevance of data cannot be over emphasized in today’s world, where change is the only constant. Decisions that managers and executives tend to make emanate from the availability of data analysis. While the turnaround time to collect the data, analyze, interpret and act has shrunk significantly, those who are able to do this in not only shortest possible time but also effectively and efficiently enjoy the first-mover advantages.

Strong data strategies must account for the following:

  • Prerequisites of data—Integrity of data is must, because actions of organizations are based on representative data collected and analyzed. Insight of data with the key elements of reliability, consistency and timeliness make these data a fit foundation for long-term sustainability and appropriate actions.
  • The concept of master and transactional data—Any attribute of data is broadly classified into master or transactional data. This basic classification drives further strategies of data, on which pivotal decisions of data centralization and data sharing are heavily dependent.
  • Integration of business intelligence and market intelligence—A representative yardstick of corporate objectives are based on business intelligence. A correlation of these metrics to industry data through market intelligence is vital to be in sync with industry outlook. This integration reflects not only how realistic the corporate objectives are, but it also asks if corporate objectives align with industry outlook, and more importantly to what extent they are practical and achievable.
  • Data use—How do different business use data to understanding buyer behavior and preferences?

Timely and correct data analysis is a universal requirement. Consider the medical profession, in which a prescription of a medicine by a doctor depends on the report of a patient. The sooner the diagnosis, the sooner the remedy can be administered. But in addition to time, the accuracy of reports is vital. Similarly in sports, data related to the top players' strengths are used to determine the game plan.

 
Read More >>
    

Cybersustainability: Ensuring Digital Strategies That Protect Data

Karen Walsh, JD, and Joe Raschke, CRISC, CIPP, CISSP Posted: 10/8/2019 8:52:00 AM | Category: Security | Permalink | Email this post

Increasingly, security professionals use language that makes a distinct comparison between our physical environment and our digital infrastructures. We use terms such as “digital ecosystem,” “digital footprint,” “IT environment,” “data leakage” and “data pollution.” As data breaches continue to increase in number and severity, we need to begin thinking about how we protect today’s data for tomorrow’s future digital strategies.

What Is Cybersustainability?
Fundamentally, cybersustainability looks at data as a finite resource, similar to a coral reef or fossil fuels. Similarly, we can look at data from both the “prevent from being polluted” perspective and the “preserve the resource” perspective.

 
Read More >>
    

I Know What I Know (If You Know What I Mean)

Ian Cooke, CISA, CRISC, CGEIT, COBIT Assessor and Implementer, CFE, CIPP/E, CIPM, CIPT, FIP, CPTE, DipFM, ITIL Foundation, Six Sigma Green Belt
Posted: 9/23/2019 4:56:00 PM | Category: Audit-Assurance | Permalink | Email this post

Ian CookeEdie Brickell (incidentally the wife of singer/songwriter Paul Simon) had a modest 1988 hit titled “What I Am.” The opening lines of the song contain the lyrics “I'm not aware of too many things. I know what I know if you know what I mean.”

Besides being a nice play on words, the lyrics are quite prophetic; in reality, we all are somewhat restricted by what we know and understand. We, as ISACA members and IT specialists, all know a lot about IT risk and its 3 main categories. Specifically:

 
Read More >>
    
        Page: 1 of 92     Next >   Last >>