ISACA Now Blog

Knowledge & Insights > ISACA Now

GDPR Progress Paves Way for Deeper Look at Role of Data in 2019

Andrew Neal, C|CISO, CISM, CRISC, CCFP, CIFI, LPI, President, Information Security & Compliance Services, TransPerfect Legal Solutions, and ISACA conference speaker
Posted: 12/17/2018 3:00:00 PM | Category: Privacy | Permalink | Email this post

Andrew NealThe European Union’s General Data Protection Regulation (GDPR) commanded the attention of the business community throughout 2018. Thought leadership gatherings such as ISACA conferences and webinars attempted to answer questions like, “What does it take to comply?” and “What will enforcement look like?”

Answers were largely speculative, and the actual enforcement processes associated with the regulation are only now taking shape. We can, however, look back at 2018 and make some observations about what has been accomplished, the drivers of compliance activities, and the work left to be done.

Advocating for a Strong Cybersecurity Workforce, IT Audit Standards and NIST Reauthorization Act on Capitol Hill

Posted: 12/14/2018 3:02:00 PM | Category: ISACA | Permalink | Email this post

Members of ISACA’s US Public Policy Working Group recently gathered on Capitol Hill in Washington, D.C., to listen to inspiring speakers and to advocate for issues important to ISACA constituents, drawing from their personal experiences and professional backgrounds.

Over the course of a productive day, these ISACA volunteers met with Congressional members and staff leaders from seven districts from California, Illinois, New York, Texas and Virginia—states from where ISACA’s participants hailed. Key topics discussed included the National Institute of Standards and Technology (NIST) Reauthorization Bill (H.R. 6229), the value of authoring and introducing legislation focused on the future of IT audit, and the importance of certifications in preparing the workforce for cybersecurity jobs and closing the skills gap.

Tightening Cybersecurity Assurance in Supply Chains: Three Essentials

Phil Zongo and Rohini Kuttysankaran Nair
Posted: 12/13/2018 3:05:00 PM | Category: Audit-Assurance | Permalink | Email this post

Phil Zongo and Rohini Kuttysankaran NairIn October 2018, Bloomberg Businessweek sent shivers through the business and intelligence community when it published an astonishing report that claimed that Chinese spies had exploited vulnerabilities in the US technology supply chain, infiltrating computer networks of almost 30 prominent US companies, including Apple, Inc., a major bank, and government contractors.

What is Driving Growth for AR/VR?

Kris Kolo, Global Executive Director, VR/AR Association
Posted: 12/12/2018 3:09:00 PM | Category: Risk Management | Permalink | Email this post

Kris KoloGartner’s recent list of top tech trends for 2019 included immersive experiences, which they described as follows:

“Conversational platforms are changing the way in which people interact with the digital world. Virtual reality (VR), augmented reality (AR) and mixed reality (MR) are changing the way in which people perceive the digital world. This combined shift in perception and interaction models leads to the future immersive user experience."

COBIT 2019 is Our Framework and a Framework for Us

Graciela Braga, CGEIT, Auditor and Advisor, Argentina
Posted: 12/11/2018 9:58:00 AM | Category: COBIT-Governance of Enterprise IT | Permalink | Email this post

Graciela BragaI love COBIT. Why? To begin with, COBIT is useful and usable. Secondly, the newly updated framework combines community knowledge and flexibility.

The What Is COBIT and What Is It Not section from COBIT 2019 Framework: Introduction and Methodology is very clear, and demonstrates how useful and usable the updated version of COBIT will be.

COBIT users know that COBIT in its last two versions utilized the components (formerly enablers) to plan, build and maintain a governance system. They were and are principles, policies and procedures, processes, organizational structures, information flows, culture and behaviors, skills, and infrastructure.

About This Blog


This blog is intended to offer a way for ISACA leaders, constituents and staff to exchange information of interest pertinent to the association, the business environment and/or the profession.

The comments on this site are the author’s own and do not necessarily represent ISACA’s opinions or plans. ISACA does not endorse, monitor or control any links to external sites offered in this blog, and makes no warranty or statement regarding the content on those external sites.

Anyone posting comments on this site should ensure that the content remains on-topic and steers well clear of any statements that could be considered insensitive, offensive or threatening. Given ISACA’s global nature, the need to communicate in a way that is accessible and acceptable to many cultures should be taken into account. ISACA retains the right, at its sole discretion, to refuse content that is considered inappropriate.

To volunteer to write a blog or suggest a topic send an email here.