Find resources and connect with members on topics that interest you. Browse more than 100 topics or view the featured ones.

Browse Over 100 Topics
Sort by Category
Sort Alphabetically
COBIT 4.1 Controls Collaboration

Cloud Computing/Virtualization



Privacy/Data Protection

Access ControlApplication ControlsApplication SecurityAudit GuidelinesAudit StandardsAudit Tools and TechniquesBaselBig Data Business Analytics/IntelligenceBusiness Continuity-Disaster Recovery PlanningBusiness Process ManagementCareer ManagementCasinos and GamblingCGEIT Exam Study CommunityChange Management CISA Exam Study Community CISM Exam Study Community Cloud ComputingCOBIT - Implementation COBIT - Use It EffectivelyCOBIT (4.1 and earlier) - Use it EffectivelyCOBIT (4.1 and earlier) Implementation COBIT 5 - Assessment ComplianceComputer CrimeContinuous Monitoring/AuditingControls MonitoringCRISC Exam Study CommunityCyberSecurityEnterprise ArchitectureEnterprise Data ManagementFinancial Reporting ComplianceForensicsFrameworksFraud Governance of Enterprise IT Green ITHealthcareHIPAAHP Non-Stop (Tandem)Identity ManagementIFRSIncident ManagementIndiaInformation Security ManagementInformation Security Policies/ProceduresIntrusion Prevention/DetectionISAE 3402ISO/IEC 20000 ISO/IEC 27000 Series ISO/IEC 38500ITILJ-SOXMobile ComputingNetwork SecurityOracleOracle DatabaseOracle E-Business SuiteOS/400PCI DSSPeopleSoftPerformance MeasurementPhysical Security Poland Privacy/Data ProtectionProject/Program/Portfolio Management (P3M)Quality StandardsRisk AssessmentRisk ManagementSAPSarbanes-Oxley (SOX)Security ToolsSecurity TrendsService ManagementSharePointSolvency IISQL ServerStrategic Planning/AlignmentStudentsUnix-likeValue DeliveryVirtualizationWindowsWirelessXBRLYoung Professionalsz/OS-OS/390

AI - Acquire and Implement

AI1.1 - Definition and Maintenance of Business Functional and Technical RequirementsAI1.2 - Risk Analysis ReportAI1.3 - Feasibility Study and Formulation of Alternative Courses of ActionAI1.4 - Requirements and Feasibility Decision and ApprovalAI2.1 - High-level DesignAI2.10 - Application Software MaintenanceAI2.2 - Detailed DesignAI2.3 - Application Control and AuditabilityAI2.4 - Application Security and AvailabilityAI2.5 - Configuration and Implementation of Acquired Application SoftwareAI2.6 - Major Upgrades to Existing SystemsAI2.7 - Development of Application SoftwareAI2.8 - Software Quality AssuranceAI2.9 - Applications Requirements ManagementAI3.1 - Technological Infrastructure Acquisition PlanAI3.2 - Infrastructure Resource Protection and AvailabilityAI3.3 - Infrastructure MaintenanceAI3.4 - Feasibility Test EnvironmentAI4.1 - Planning for Operational SolutionsAI4.2 - Knowledge Transfer to Business ManagementAI4.3 - Knowledge Transfer to End UsersAI4.4 - Knowledge Transfer to Operations and Support StaffAI5.1 Procurement ControlAI5.2 - Supplier Contract ManagementAI5.3 - Supplier SelectionAI5.4 - IT Resources AcquisitionAI6.1 - Change Standards and ProceduresAI6.2 - Impact Assessment, Prioritisation and AuthorisationAI6.3 - Emergency ChangesAI6.4 - Change Status Tracking and ReportingAI6.5 - Change Closure and DocumentationAI7.1 - TrainingAI7.2 - Test PlanAI7.3 - Implementation PlanAI7.4 - Test EnvironmentAI7.5 - System and Data ConversionAI7.6 - Testing of ChangesAI7.7 - Final Acceptance TestAI7.8 - Promotion to ProductionAI7.9 - Post-implementation Review

PO - Plan and Organize

PO1.1 - IT Value ManagementPO1.2 - Business-IT AlignmentPO1.3 - Assessment of Current Capability and PerformancePO1.4 - IT Strategic PlanPO1.5 - IT Tactical PlansPO1.6 - IT Portfolio ManagementPO10.1 - Programme Management FrameworkPO10.10 - Project Quality PlanPO10.11 - Project Change ControlPO10.12 - Project Planning of Assurance MethodsPO10.13 - Project Performance Measurement, Reporting and MonitoringPO10.14 - Project ClosurePO10.2 - Project Management FrameworkPO10.3 - Project Management ApproachPO10.4 - Stakeholder CommitmentPO10.5 - Project Scope StatementPO10.6 - Project Phase InitiationPO10.7 - Integrated Project PlanPO10.8 - Project ResourcesPO10.9 - Project Risk ManagementPO2.1 - Enterprise Information Architecture ModelPO2.2 - Enterprise Data Dictionary and Data Syntax RulesPO2.3 - Data Classification SchemePO2.4 - Integrity ManagementPO3.1 - Technological Direction PlanningPO3.2 - Technology Infrastructure PlanPO3.3 - Monitor Future Trends and RegulationsPO3.4 - Technology StandardsPO3.5 - IT Architecture BoardPO4.1 - IT Process FrameworkPO4.10 - SupervisionPO4.11 - Segregation of DutiesPO4.12 - IT StaffingPO4.13 - Key IT PersonnelPO4.14 - Contracted Staff Policies and ProceduresPO4.15 - RelationshipsPO4.2 - IT Strategy CommitteePO4.3 - IT Steering CommitteePO4.4 - Organisational Placement of the IT FunctionPO4.5 - IT Organisational StructurePO4.6 - Establishment of Roles and ResponsibilitiesPO4.7 - Responsibility for IT Quality AssurancePO4.8 - Responsibility for Risk, Security and CompliancePO4.9 - Data and System OwnershipPO5.1 - Financial Management FrameworkPO5.2 - Prioritisation Within IT BudgetPO5.3 - IT BudgetingPO5.4 - Cost ManagementPO5.5 - Benefit ManagementPO6.1 - IT Policy and Control EnvironmentPO6.2 - Enterprise IT Risk and Control FrameworkPO6.3 - IT Policies ManagementPO6.4 - Policy, Standard and Procedures RolloutPO6.5 - Communication of IT Objectives and DirectionPO7.1 - Personnel Recruitment and RetentionPO7.2 - Personnel CompetenciesPO7.3 - Staffing of RolesPO7.4 - Personnel TrainingPO7.5 - Dependence Upon IndividualsPO7.6 - Personnel Clearance ProceduresPO7.7 - Employee Job Performance EvaluationPO7.8 - Job Change and TerminationPO8.1 - Quality Management SystemPO8.2 - IT Standards and Quality PracticesPO8.3 - Development and Acquisition StandardsPO8.4 - Customer FocusPO8.5 - Continuous ImprovementPO8.6 - Quality Measurement, Monitoring and ReviewPO9.1 - IT Risk Management FrameworkPO9.2 - Establishment of Risk ContextPO9.3 - Event IdentificationPO9.4 - Risk AssessmentPO9.5 - Risk ResponsePO9.6 - Maintenance and Monitoring of a Risk Action Plan

DS - Deliver and Support

DS1.1 - Service Level Management FrameworkDS1.2 - Definition of ServicesDS1.3 - Service Level AgreementsDS1.4 - Operating Level AgreementsDS1.5 - Monitoring and Reporting of Service Level AchievementsDS1.6 - Review of Service Level Agreements and ContractsDS10.1 - Identification and Classification of ProblemsDS10.2 - Problem Tracking and ResolutionDS10.3 - Problem ClosureDS10.4 - Integration of Configuration, Incident and Problem ManagementDS11.1 - Business Requirements for Data ManagementDS11.2 - Storage and Retention ArrangementsDS11.3 - Media Library Management SystemDS11.4 - DisposalDS11.5 - Backup and RestorationDS11.6 - Security Requirements for Data ManagementDS12.1 - Site Selection and LayoutDS12.2 - Physical Security MeasuresDS12.3 - Physical AccessDS12.4 - Protection Against Environmental FactorsDS12.5 - Physical Facilities ManagementDS13.1 - Operations Procedures and InstructionsDS13.2 - Job SchedulingDS13.3 - IT Infrastructure MonitoringDS13.4 - Sensitive Documents and Output DevicesDS13.5 - Preventive Maintenance for HardwareDS2.1 - Identification of All Supplier RelationshipsDS2.2 - Supplier Relationship ManagementDS2.3 - Supplier Risk ManagementDS2.4 - Supplier Performance MonitoringDS3.1 - Performance and Capacity PlanningDS3.2 - Current Performance and CapacityDS3.3 - Future Performance and CapacityDS3.4 - IT Resources AvailabilityDS3.5 - Monitoring and ReportingDS4.1 - IT Continuity FrameworkDS4.10 - Post-resumption ReviewDS4.2 - IT Continuity PlansDS4.3 - Critical IT ResourcesDS4.4 - Maintenance of the IT Continuity PlanDS4.5 - Testing of the IT Continuity PlanDS4.6 - IT Continuity Plan TrainingDS4.7 - Distribution of the IT Continuity PlanDS4.8 - IT Services Recovery and ResumptionDS4.9 - Offsite Backup StorageDS5.1 - Management of IT SecurityDS5.10 - Network SecurityDS5.11 - Exchange of Sensitive DataDS5.2 - IT Security PlanDS5.3 - Identity ManagementDS5.4 - User Account ManagementDS5.5 - Security Testing, Surveillance and MonitoringDS5.6 - Security Incident DefinitionDS5.7 - Protection of Security TechnologyDS5.8 - Cryptographic Key ManagementDS5.9 - Malicious Software Prevention, Detection and CorrectionDS6.1 - Definition of ServicesDS6.2 - IT AccountingDS6.3 - Cost Modelling and ChargingDS6.4 - Cost Model MaintenanceDS7.1 - Identification of Education and Training NeedsDS7.2 - Delivery of Training and EducationDS7.3 - Evaluation of Training ReceivedDS8.1 - Service DeskDS8.2 - Registration of Customer QueriesDS8.3 - Incident EscalationDS8.4 - Incident ClosureDS8.5 - Reporting and Trend AnalysisDS9.1 - Configuration Repository and BaselineDS9.2 - Identification and Maintenance of Configuration ItemsDS9.3 - Configuration Integrity Review

ME - Monitor and Evaluate

ME1.1 - Monitoring ApproachME1.2 - Definition and Collection of Monitoring DataME1.3 - Monitoring MethodME1.4 - Performance AssessmentME1.5 - Board and Executive ReportingME1.6 - Remedial ActionsME2.1 - Monitoring of Internal Control FrameworkME2.2 - Supervisory ReviewME2.3 - Control ExceptionsME2.4 - Control Self-assessmentME2.5 - Assurance of Internal ControlME2.6 - Internal Control at Third PartiesME2.7 - Remedial ActionsME3.1 - Identification of External Legal, Regulatory and Contractual Compliance RequirementsME3.2 - Optimisation of Response to External RequirementsME3.3 - Evaluation of Compliance With External RequirementsME3.4 - Positive Assurance of ComplianceME3.5 - Integrated ReportingME4.1 - Establishment of an IT Governance FrameworkME4.2 - Strategic AlignmentME4.3 - Value DeliveryME4.4 - Resource ManagementME4.5 - Risk ManagementME4.6 - Performance MeasurementME4.7 - Independent Assurance

Application Controls

AC1 - Source Data Preparation and AuthorisationAC2 - Source Data Collection and EntryAC3 - Accuracy, Completeness and Authenticity ChecksAC4 - Processing Integrity and ValidityAC5 - Output Review, Reconciliation and Error HandlingAC6 - Transaction Authentication and Integrity

Process Controls

PC1 - Process Goals and ObjectivesPC2 - Process OwnershipPC3 - Process RepeatabilityPC4 - Roles and ResponsibilitiesPC5 - Policy, Plans and ProceduresPC6 - Process Performance Improvement
Search Topics
My Topics

Please sign in to see your topics.

What's New


2018 IT Audit Leaders Forum Recap


Posted by ISACA 4 days ago | 0 comments

Journal Article

The Power of IT Investment Risk Quantification and Visualization: IT Portfolio Management

The IT Portfolio Management Model was based on the principles of financial portfolio management, specifically, the relationship between investment risk and investment return as per the so-called risk-return tradeoff.


Guy Pearce, CGEIT 6 days ago | 0 comments

Journal Article

The Price of a Data Breach

Although technological advancements have improved efficiency, they have unintentionally increased the risk of confidential and other sensitive information becoming compromised.


Van Ha Le and Bianca Zamora 6 days ago | 0 comments


Student Membership Application


Posted by ISACA 11 days ago | 0 comments

Journal Article

The Network

Building Tomorrow’s Leaders, Today


Rob Clyde, CISM 13 days ago | 0 comments

My Topic Updates

You must log in to view Knowledge Center Topic updates.



Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center.
Learn More.