Recent Graduate Membership
Partner Content Featuring MIT’s Center for Information Systems Research
Local Chapter Information
What is CISA
What is CISM
What is CGEIT
What is CRISC
How to Earn CPE
Maintain Your Certification
Write an Exam Question
US DoD Information
North America CACS
Interactive Training Tool
CSX North America
Exam Review Courses
Enterprise Training (On-Site)
Governance, Risk and Control
CERTIFICATION TRAINING & EDUCATION
CYBERSECURITY AUDIT CERTIFICATE TRAINING
Asia Pacific CACS
Capability Counts Conference
Call for Speakers
Browse All Events
COBIT 2019 Home
COBIT 2019 Publications & Resources
COBIT 2019 Training & Learning
COBIT 2019 FAQs
COBIT 5 Home
Join the Conversation
Knowledge & Insights
knowledge & insights Home
Submit an Article
COBIT 2019 Design and Toolkit
Implementing The General Data Protection Regulation
COBIT 2019 Implementation Guide
CISA Review Questions, Answers & Explanations Database - 12 Month Subscription
CSX Cybersecurity Fundamentals Study Guide, 2nd Edition
CRISC Review Questions, Answers & Explanations Database – 12 Month Subscription
Bylaws and Articles of Incorporation
What We Offer & Whom We Serve
Our Purpose and Promise
Licensing and Promotion
Careers at ISACA
Trust In, and Value From, Information Systems
Advance Your Career
Implementing the General Data Protection Regulation
Cybersecurity Nexus (CSX)
GDPR & Privacy
IS Audit & Assurance
NEW! Partner Content Featuring MIT’s Center for Information Systems Research
The Nexus Articles
Practically Speaking Blog
Submit an Article
Read More on COBIT
Journal Print Opt-In Steps
Indicates Online-Exclusive Content
Volume 6, 2018
Information Security Matters: How We Can Succeed
Steven J. Ross, CISA, CISSP, AFBCI, MBCP
In my last article, I excoriated the information security community, of which I am a card-carrying member, about the state of security today.
IS Audit Basics: Affect What Is Next Now
Ian Cooke, CISA, CRISC, CGEIT, COBIT Assessor and Implementer, CFE, CPTE, DipFM, ITIL Foundation, Six Sigma Green Belt, and Martin Cullen, CISA, CGEIT, CRISC, COBIT Foundation, COBIT Assessor and Implementer, ISO 27001 LA
At the end of the day, if there is one guiding principle that encapsulates all these principles, it is, “Judge your worth not by what you own, but by what you create.
Glory Ninsiima, CISA, CompTIA Security+, ISO 27005, ISO 31000, ITIL Foundation, PRINCE2 Foundation
Building Tomorrow’s Leaders, Today
The Practical Aspect: Why Worry About IoT?
Vasant Raval, DBA, CISA, ACMA, and Ranjit D. Thaker, CISA, MCSM
The Internet of Things (IoT) refers to physical objects that have embedded network and computing elements and communicate with other objects over a network.
A Heightened Sense of Awareness: What the Internal Auditor Should Know About Information Security Awareness Training
Wade Cassels, CISA, CFE, CIA, CRMA, Kevin Alvero, CFE, and Randy Pierson, CISA
One of the most important tools an organization has (or should have) to reach that state of readiness is an information security awareness training program.
Adding Increased Value—The IT Auditor’s Role in a SOX Audit
Jeffrey T. Hare, CISA, CIA, CPA
When a substantive audit is being performed where application controls are not being relied upon, could there be risk that needs to be tested, or at least identified, by an IT auditor even if application controls are not playing a role?
Advancing Information, Advancing Technology, Advancing COBIT
Graciela Braga, CGEIT
Conditions are changing faster. Governance roles must react quickly when they evaluate more conflicting issues and stakeholders must select appropriate options and solutions.
Agile GEIT—Building Trust and Maximizing Value Delivery
Michael Bergman, CRISC, CISSP
Today’s ever-increasing legal and regulatory requirements place more onus on organizations to exercise due care in protecting and controlling the Agile development process.
Automation, Governance and Security in a Software-Defined World
Julio Pontes, CISM, BS7799 LA, CCSK, CISSP
For more than 15 years, virtualization platforms have revolutionized computing by completely decoupling processing power from hardware resources.
Defining the Chief Digital Officer Using COBIT 5
João Catarino, Isabel Rosa, Ph.D., and Miguel Mira da Silva, Ph.D.
The responsibilities of the CDO role in the enterprise context can be identified and correlated with the CIO’s responsibilities using the Responsible, Accountable, Consulted and Informed (RACI) matrix from COBIT 5.
Demand Management’s Evolution and Maturity Assessment
Gianluca Giorgini, COBIT 5 Foundation, Stefano Aiello, CISA, CISM, CGEIT, COBIT 5 Foundation, AgilePM, CBCP, CISSP, ISO 27001 LA, ITIL v3 Expert, ISO 20000 LA, ITIL v3 Expert, PMP, TOGAF Level 1-2, Alberto Buffon and Mariano Corso
As the Industrial Revolution is associated with the onset of the Industrial Age, the digital revolution marks the establishment of the Information Age.
Effective Strategies for Creating and Maintaining a Diverse and Inclusive IT Audit Team
Julie Balderas, Asim Fareeduddin, CISA, CISM, CIPP, CPA, Femi Richards, CCEP, CIPP, Ruwel Sarmad and Jack Wall
Empirical research reveals that diversity yields myriad advantages, including increased productivity, enhanced problem-solving and heightened levels of employee engagement, among other benefits.
Future-Proofing a Career in Cybersecurity: The Skills Gap
Mike Saurbaugh, CRISC, CISM, CISSP, MSIA
Security professionals are in high demand, but the challenge is that there are not enough qualified employees to fill open enterprise requisitions.
Growing a Cybersecurity Career: Five Questions for the Next Job Interview
Cybersecurity or IT professionals should seek out career opportunities that offer the right sorts of stimuli to enable their own growth.
Identifying Challenges and Mitigating Risk During Deployment
Rajul Kambli, CISA, CMA
Most people have come across the frequently used term “transformation” over last couple of years.
Is Artificial Intelligence a Career Path for You?
Larry G. Wlosinski, CISA, CRISC, CISM, CAP, CBCP, CCSP, CDP, CIPM, CISSP, ITIL V3, PMP
The number and types of data-gathering devices, sensors and mechanisms are growing to feed the need to obtain, process and manage the data. So how can an individual help?
Launching a Value-Based Analytics and RPA Program
Chris Sanders, CISA, COBIT 5 Foundation
The potential for analytics and RPA technologies within IT audit organizations is widely agreed upon, but implementation and adoption efforts have languished in many organizations.
The Age of PowerShell
Ignacio Marambio Catán, CISA, CRISC, CEH, CISSP, Security+
In today’s rapid deployments, system administrators are required to handle tens of hundreds of servers that are spun up or destroyed, as demand dictates.
Based on Volume 4, 2018
Standards, Guidelines, Tools and Techniques
ISACA Member and Certification Holder Compliance
An up-to-date listing of the current IT Audit and Assurance Standards, Guidelines, and Tools and Techniques
Tools: Skill Acquisition in a Rapidly Evolving Workplace
Robin Lyons, CISA, CIA
As organizations adopt new technologies, a gap is created between the new skills required of security personnel and IT audit staff and the skills these practitioners hold.
download our app