Recent Graduate Membership
Local Chapter Information
What is CISA
What is CISM
What is CGEIT
What is CRISC
How to Earn CPE
Maintain Your Certification
Write an Exam Question
US DoD Information
North America CACS
CSX North America
Exam Review Courses
Enterprise Training (On-Site)
Virtual Training (VILT)
Latin America CACS
Governance, Risk and Control
CERTIFICATION TRAINING & EDUCATION
Asia Pacific CACS
Call for Speakers
Browse All Events
COBIT 5 Home
COBIT Conference North America
Training & Accreditation
Join the Conversation
COBIT 20th Anniversary
Knowledge & Insights
knowledge & insights Home
Submit an Article
ISACA Tech Discovery Series: Blockchain
Getting Started With GEIT: A Primer for Implementing Governance of Enterprise IT
Data Privacy Audit Program
CISA Review Manual, 26th Edition
CISA Review Questions, Answers & Explanations Database - 12 Month Subscription
CSX Fundamentals Study Guide, 2nd Edition
CISM Review Questions, Answers & Explanations, 9th Edition
Bylaws and Articles of Incorporation
What We Offer & Whom We Serve
Licensing and Promotion
Careers at ISACA
Trust In, and Value From, Information Systems
Advance Your Career
Industrial Control Systems: A Primer for the Rest of Us
Cybersecurity Nexus (CSX)
IS Audit & Assurance
The Nexus Articles
Practically Speaking Blog
Submit an Article
Read More on COBIT
Webinar Quiz Certificate
Indicates Online-Exclusive Content
Volume 5, 2017
Information Security Matters: Information Security in the Multi-Modal Era
Steven J. Ross, CISA, CISSP, MBCP
This is the dawn of the multi-modal era; data center staff must adjust or be left behind. And so must security professionals.
IS Audit Basics: Doing More With Less
Ian Cooke, CISA, CRISC, CGEIT, COBIT Assessor and Implementer, CFE, CPTE, DipFM, ITIL Foundation, Six Sigma Green Belt
The Institute of Internal Auditors (IIA) defines internal auditing as an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations.
Get to know your network.
The Practicle Aspect: Blind Spots on the Cloud Platform
Vasant Raval, DBA, CISA, ACMA, and Don Lux, MSITM
Cloud services have grown dramatically in the recent past and continue to increase in popularity. Between 2015 and 2020, cloud computing is predicted to achieve an annual growth rate of 19 percent.
Addressing Shared Risk in Products Application Vulnerability Assessments
Michael Werneburg, CIA, PMP
Service organizations with a bespoke application in a regulated industry have special challenges in addressing application vulnerabilities.
Anatomy of an IoT DDoS Attack and Potential Policy Responses
Hari Mukundhan, CISA, CISSP
This is an age in which machine-to-machine communication is expanding significantly, creating new types of cyberrisk or exacerbating existing risk, thus impacting not only privacy and wealth, but also human safety.
Barriers and Enablers to Auditors Accepting Generalized Audit Software
Marianne Bradford, Ph.D., and Dave Henderson, Ph.D.
Although generalized audit software (GAS) has been shown to significantly improve the efficiency and effectiveness of audits, many auditors do not use this technology.
Blockchain: Identifying Risk on the Road to Distributed Ledgers
Filip Caron, Ph.D.
Blockchain technology, commonly expected to drive the next wave of digital infrastructure and process innovation, is rapidly developing into maturity.
Compliant, Yet Breached: Compliance vs. Security
Tony Chandola, CISA, CISM, CISSP, PCI QSA, PCIP, PMP
Ransomware-like breaches occur despite paper certifications confirming the existence of adequate security controls.
Design With the End in Mind
Sudhakar Sathiyamurthy, CISA, CRISC, CGEIT, CIPP, ITIL Expert
Transforming business frontiers have created an expanding digital universe and explosive data growth, making organizations reservoirs and refineries of data.
Factors to Consider to Minimize Identity Theft in Mobile Banking
Adeniyi Akanni, Ph. D., CISA, CRISC, ISO 27001 LA, ITIL
Using mobile devices to complete commercial transactions is a newer scientific advancement in the information and communication technology (ICT) sphere.
Instilling a Culture of Security Starts With Information Governance
T. Sean Kelly
Certain steps can be taken to build a strong respect for and practice of security into the cultural fabric of any organization, across all departments and areas of the business.
Key Competencies of the Effective Governance Professional
Noman Sultan, Ph.D., CISM, CGEIT, CITP
It is extremely important that organizations invest in their leadership capabilities because leaders play an integral role in motivating, inspiring and influencing talent management.
Based on Volume 3, 2017
Standards, Guidelines, Tools and Techniques
ISACA Member and Certification Holder Compliance
An up-to-date listing of the current IT Audit and Assurance Standards, Guidelines, and Tools and Techniques
Tools: Can Penetration Testing Tools Help an Audit?
Sometimes, it can feel as though auditors get the short end of the stick when it comes to the tools available to assist in the work that they do.
download our app
Download Full Issue
THIS WEBSITE USES INFORMATION GATHERING TOOLS INCLUDING COOKIES, AND OTHER SIMILAR TECHNOLOGY.