Recent Graduate Membership
Partner Content Featuring MIT’s Center for Information Systems Research
Local Chapter Information
What is CISA
What is CISM
What is CGEIT
What is CRISC
CISA Exam Registration
CISM Exam Registration
CGEIT Exam Registration
CRISC Exam Registration
How to Earn CPE
Maintain Your Certification
Write an Exam Question
US DoD Information
North America CACS
Interactive Training Tool
Exam Review Courses
Corporate Training Programs
Governance, Risk and Control
Capability Counts Conference
CERTIFICATION TRAINING & EDUCATION
CYBERSECURITY AUDIT CERTIFICATE TRAINING
ISACA CHAPTER EVENTS
Call for Speakers
View All Events
COBIT 2019 Home
COBIT 2019 Publications & Resources
COBIT 2019 Training & Learning
COBIT 2019 FAQs
COBIT 5 Home
Join the Conversation
Knowledge & Insights
knowledge & insights Home
Submit an Article
Cloud Access Security Broker (CASB) Audit Program
CISA Online Review Course
CSX Cybersecurity Fundamentals Study Guide, 2nd Edition
CISA Review Questions, Answers & Explanations Database - 12 Month Subscription
CISA Review Manual, 27th Edition
CISM Review Questions, Answers & Explanations Database – 12 Month Subscription
Bylaws and Articles of Incorporation
What We Offer & Whom We Serve
Our Purpose and Promise
Licensing and Promotion
Careers at ISACA
Trust In, and Value From, Information Systems
Advance Your Career
Transforming IT Audit
Knowledge | Tools | Solutions
Cybersecurity Nexus (CSX)
GDPR & Privacy
IS Audit & Assurance
NEW! Partner Content Featuring MIT’s Center for Information Systems Research
The Nexus Articles
Transforming IT Audit
Practically Speaking Blog
Submit an Article
Read More on COBIT
Journal Print Opt-In Steps
Indicates Online-Exclusive Content
Volume 3, 2015
Cloud Computing: Software-defined WAN Changes Retail Security Paradigm
The adoption of cloud-based retail applications, as well as increasing demands for agility, for example, with pop-up retail, is changing the requirements for network access.
Information Ethics: The Limits of Rules
Vasant Raval, DBA, CISA, ACMA
Any organized form of a community needs rules. Even when we trust each other to do the right thing, rules may help induce and guide proper behavior.
Information Security Matters: Frameworkers of the World Unite 2
Steven J. Ross, CISA, CISSP, MBCP
Every now and again, I like to take a poke at standards, just to see what makes them work. Under consideration here is the cybersecurity framework published by the US National Institute of Standards and Technology early in 2014.
IS Audit Basics: The Soft Skills Challenge
Ed Gelbstein, Ph.D.
Here, we explore those soft skills that do not appear in the Certified Information Systems Auditor (CISA) examination, but are important components of an auditor’s life and work.
IS Audit Basics: The Soft Skills Challenge, Part 2
Ed Gelbstein, Ph.D.
The previous column explored a set of soft skills that could not possibly harm anyone.
Opeyemi Onifade, CISA, CISM, CGEIT, COBIT 5 Certified Assessor, COBIT 5 Certified Implementer, CISSP, CompTIA Cloud Essentials, ISO 20000 Prac, ISO 27001 LA, ITIL-F, SCJP, ITBMC, PRINCE2 PMP
Get to know your network.
Evaluating Cloud Automation as a Service
Cloud services deliver many kinds of automation to companies every day. The use of process automation as a cloud-based service is an important next step for IT innovation
How to Evaluate Knowledge and Knowledge Management in the Organization Using COBIT 5
Bostjan Delak, Ph.D., CISA, CIS
Knowledge is recognized as the most important strategic asset of any and every organization. It is very important to identify, capture/acquire, share, reuse and unlearn knowledge.
Navigating I/O Flows/Networks to Enhance the Governance Management Cycle
Makoto Miyazaki, CISA, CPA
What constitutes true adoption of COBIT 5? Is it a minimum condition that at least one principle of COBIT 5 is adopted for true adoption of COBIT 5?
Security Mysteries in the Cloud
Sivarama Subramanian, CISM and Devaraj Munuswamy, CEH
In the current world of IT, “cloud” is a buzzword heard everywhere. Many organizations are moving to cloud computing because of its scalability, on-demand service offerings over the Internet, virtualization and cost efficiency.
The Time for Sustainable Business Is Now: Leveraging COBIT 5 in Sustainable Businesses
Graciela Braga, CGEIT, COBIT 5 Foundation, CPA
Stakeholders expect that businesses create value, but at what cost? In the end, stakeholders and businesses are looking for the same thing: to protect their future.
The Underestimated Social Engineering Threat in IT Security Governance and Management
Roberto Puricelli, CISM
In recent years, numerous cases of advanced persistent threats (APTs) and data breaches have been seen, with those involving the largest, most high-profile enterprises garnering the most media attention.
Toward a Secure Data Center Model
Brett van Niekerk, Ph.D., and Pierre Jacobs
According to a survey by Infonetics Research, companies operating their own data centers spent an average of US $17 million on security products in 2013.
Gray Hat Hacking
Allen Harper, Shon Harris, Jonathan Ness, Chris Eagle, Gideon Lenkey, Terron Williams | Reviewed by Ibe Etea, CISA, CRISC, CA, CFE, CIA, CRMA
The rise of hacking exploits and their potential to cause havoc to enterprises, nations, industries and individuals has led to a need for more information on hacking.
Information Governance: Concepts, Strategies and Best Practices
Robert F. Smallwood | Reviewed by Upesh Parekh, CISA
By 2016, one in five chief information officers in regulation industries will be fired from their job for a failed information governance (IG) initiative.
IT Security Governance Innovations—Theory and Research
Daniel Mellado, Luis Enrique Sanchez, Eduardo Fernandez-Medina and Mario Piattini | Reviewed by A. Krista Kivisild, CISA, CA, CPA
With new technology supporting all areas of life, management increasingly needs to evaluate the areas of risk and concern that they need to be aware of and address within the business.
Based on Volume 1, 2015
Standards, Guidelines, Tools and Techniques
ISACA Member and Certification Holder Compliance
An up-to-date listing of the current IT Audit and Assurance Standards, Guidelines, and Tools and Techniques
download our app
Download Full Issue