Recent Graduate Membership
Partner Content Featuring MIT’s Center for Information Systems Research
Local Chapter Information
What is CISA
What is CISM
What is CGEIT
What is CRISC
How to Earn CPE
Maintain Your Certification
Write an Exam Question
US DoD Information
North America CACS
Interactive Training Tool
CSX North America
Exam Review Courses
Enterprise Training (On-Site)
Governance, Risk and Control
CERTIFICATION TRAINING & EDUCATION
CYBERSECURITY AUDIT CERTIFICATE TRAINING
Asia Pacific CACS
Capability Counts Conference
Call for Speakers
Browse All Events
COBIT 2019 Home
COBIT 2019 Publications & Resources
COBIT 2019 Training & Learning
COBIT 2019 FAQs
COBIT 5 Home
Join the Conversation
Knowledge & Insights
knowledge & insights Home
Submit an Article
COBIT 2019 Design and Toolkit
Implementing The General Data Protection Regulation
COBIT 2019 Implementation Guide
CISA Review Questions, Answers & Explanations Database - 12 Month Subscription
CSX Cybersecurity Fundamentals Study Guide, 2nd Edition
CRISC Review Questions, Answers & Explanations Database – 12 Month Subscription
Bylaws and Articles of Incorporation
What We Offer & Whom We Serve
Our Purpose and Promise
Licensing and Promotion
Careers at ISACA
Trust In, and Value From, Information Systems
Advance Your Career
Implementing the General Data Protection Regulation
Cybersecurity Nexus (CSX)
GDPR & Privacy
IS Audit & Assurance
NEW! Partner Content Featuring MIT’s Center for Information Systems Research
The Nexus Articles
Practically Speaking Blog
Submit an Article
Read More on COBIT
Journal Print Opt-In Steps
Indicates Online-Exclusive Content
Volume 1, 2019
Information Security Matters: Fifty Years of Information Security—A Recollection
Steven J. Ross, CISA, AFBCI, CISSP, MBCP
The entire history of information security seems to be one of continual shortcoming. We have always been trying to catch up to the latest threat.
IS Audit Basics: Assurance Considerations for Ongoing GDPR Conformance
Ian Cooke, CISA, CRISC, CGEIT, COBIT Assessor and Implementer, CFE, CIPM, CIPT, CPTE, DipFM, ITIL Foundation, Six Sigma Green Belt
How can we ensure that the newly developed GDPR processes and procedures transition into day-to-day practices and become business as usual?
Tyler Hardison, CISSP, PCI Qualified Security Assessor
Honoring Our Past. Innovating Our Future
Blockchain Explained and Implications for Accountancy
Pascal A. Bizarro, Ph.D., CISA, Andy Garcia, Ph.D., CPA and Zachary Moore
Broadly speaking, financial systems—especially accounting systems—are being pushed from the physical world to the digital world. Blockchain technology will likely play a role in that transition.
Vinay Parisa, IBM Certified IT Architect, Biswajit Mohapatra, IBM Certified Executive Consultant and Srividya Vinod, IBM Certified Consultant
While cloud adoption initially began with a desire to reduce the cost of computing and storage, organizations now see the cloud as a catalyst for innovation and as a platform that enables new customer experiences.
Data Privacy, Data Protection and the Importance of Integration for GDPR Compliance
GDPR forces organizations to evaluate, test and update how data are collected, moved and processed, for the goal of protection and, ultimately, privacy.
NIST’s New Password Rule Book: Updated Guidelines Offer Benefits and Risk
Bachman Fulmer, Ph.D., CISA, Melissa Walters, Ph.D., and Bill Arnold, CISSP
The updated NIST guidelines offer adopters a number of advantages in usability and security while introducing new risk and implementation challenges.
Reporting on GDPR Compliance to the Board
Guy Pearce, CGEIT
In preparing for compliance with the EU’s General Data Protection Regulation (GDPR), a multinational organization with exposure to the European Union sought a simpler way to affect the complexity of the compliance matters facing the organization.
Security Issues in IoT: Challenges and Countermeasures
Gokhan Polat, CISA, CRISC, CCSA, CGAP, CIA CISSP, CRMA and Fadi Sodah, CISA, CISSP, CFR, eJPT, ICATE
Many feel that IoT manufacturers are not prioritizing security and privacy. But, despite the security challenges, the spread of IoT is not stopping.
Sponsored Feature: Why Attackers Are Turning Their Attention Toward ERP Applications
Juan Pablo Perez-Etchegoyen
Business-critical SAP and Oracle applications (also known as enterprise resource planning [ERP] applications) run the economy by managing the critical data and processes of large global organizations.
The Four Questions for Successful DLP Implementation
Christopher Nanchengwa, CISA, CRISC, ITIL v3, PRINCE2
Individuals or organizations with a better understanding of their information and an information management plan have been known to excel over those with a limited grasp of their information resources.
The Optimal Risk Management Framework: Identifying the Requirements and Selecting the Framework
Larry Marks, CISA, CRISC, CGEIT, CFE, CISSP, CSTE, ITIL, PMP
Some organizations have their own risk management frameworks that are modeled after COBIT. Others have their own proprietary frameworks or use a hybrid of frameworks.
The Road to GDPR Compliance: Overcoming the Compliance Hurdles
Corlane Barclay, Ph.D., PMP
The increased obligations placed on organizations that are controllers or processors, irrespective of the size of these enterprises, suggest that a structured and systematic approach to compliance must be undertaken.
Sunil Bakshi, CISA, CRISC, CISM, CGEIT, ABCI, AMIIB, BS 25999 LI, CEH, CISSP, ISO 27001 LA, MCA, PMP
As a regulated entity, we also need to disclose some information to regulators that might result in noncompliance with privacy-related regulations. What should we do to address this issue?
Based on Volume 5, 2018
Standards, Guidelines, Tools and Techniques
ISACA Member and Certification Holder Compliance
An up-to-date listing of the current IT Audit and Assurance Standards, Guidelines, and Tools and Techniques
download our app
Download Full Issue