No items have been added to your cart yet
Read the ISACA Journal to gain practical insights on technical topics from your peers.
Microsoft Excel’s pivot table options provide powerful tools for aggregating and analyzing accounting data, but so does alternate software such as ACL. So why use pivot tables?
The following approach to auditing MS SQL Server databases using computer-assisted audit techniques (CAATs) in conjunction with information taken directly from the MS SQL Server database offers a solution to the issues identified.
Over the past few decades, cybersecurity has gained pivotal importance in the way businesses operate and survive in their value systems.
The threats to government computer systems and networks continue to evolve and grow due to steady advances in the sophistication of attack technology, the ease of obtaining such technology, and the increasing use of these techniques by state and nonstate actors to gain intelligence and/or disrupt operations.
Combining an organization-applicable risk framework with an all-encompassing control set and an information security continuous monitoring (ISCM) methodology provides for a holistic approach to compliance and risk management by providing controls across a wide array of areas with a high level of detail and guidance on tailoring.
In the early 1990s, the baggage claim system at Denver International Airport (Colorado, USA) was designed to automate baggage handling by using software to direct baggage contained in unmanned carts running on a track.
On the one hand, user-based attacks—whether from hackers using stolen credentials, careless third-party vendors, or negligent or even malicious insiders—represent the largest IT security threat to organizations.
Privacy is one area that has never been audited in my enterprise. Please provide your point of view on how privacy compliance can be assessed?
Enterprise architects have to build computing environments that support the general-use case of multiple, disparate business applications, also known as cloud computing.
Using a computer to automate and implement continuous monitoring (CM) in IT has been around for decades. It was adopted early by IT auditors and IT security specialists, and later used to monitor transactions by operations and financial managers.
Let me tell you about my microwave. When I bought it, it was called a microwave oven and I was going to roast turkeys in it in half an hour. I am sure it was white then, but it has turned a pale, sickly yellow.
It was a bit of a surprise and a huge compliment to be invited to contribute to this column after many years reading the words of Tommie Singleton in this space. I shall do my best not to disappoint.
Timo Heikkinen is a senior audit manager for Nordea Bank in Helsinki, Finland.
Cybersecurity and Cyberwar: What Everyone Needs to Know is one of the few books that is completely up-to-date and analyzes the importance of cybersecurity beyond the realm of the Internet.
In June 2010 a computer worm known as Stuxnet, designed to attack industrial programmable logic controllers (PLCs) in target areas, such as nuclear power plants in Iran,1 was discovered.
Hackers and negative social media hypes have proven able to bring proud organizations to their knees, yet many information and communications technology (ICT) security managers lack a strategy to anticipate and overcome such unpredictable challenges.
Managers frequently request a return on security investment (ROSI) calculation. While this is a usual business practice for significant investments, the practice is not free from controversy when applied to information security.
There is always a new information security issue to focus on, another area of key concern relating to IT security, data security or business continuity planning that security professionals need to be aware of to keep on top of the relevant risk.
The Fifth Domain: Wake Up Neo, written by two chief information officers (CIOs), is an innovative experiment with the cybertechnology novel and is worth the attention of information security professionals.
