No items have been added to your cart yet
Read the ISACA Journal to gain practical insights on technical topics from your peers.
Time constraints are an integral part of every auditor's work.
Blockchain—a distributed ledger technology that underpins bitcoin and is also being tested by a variety of companies to track ownership of assets without a central authority—is everywhere.
Applying data analytics (DA) techniques to the information systems (IS) internal audit process has moved from a desired activity to a required one.
Many companies are just beginning to apply analytics techniques to internal audit challenges.
With breaches and hacks in the news every day, information security is now firmly on the board’s agenda.
DRaaS offers a number of advantages over the use of commercial hot sites or internal recovery data centers.
Every organization tries to formalize aspects of its culture through policies. These policies define what is expected of members of the workforce and describe how noncompliance is dealt with.
How have you seen ISACA change over the years of your service to the organization?
How do you think the role of the information security professional is changing or has changed?
The business model of the early 20th century depicted a large, integrated company that owned, managed and directly controlled its resources.
To understand how the business side of any organization intersects with technology, ask an internal auditor.
Professional trainers have many opportunities to speak to companies and organizations about leading practices in the internal/IT audit industries.
Auditing Social Media. Social media risks include reputational damage, information leakage, regulatory noncompliance & loss of intellectual property.
The number of fixed and mobile broadband subscribers, Internet users and cellular service consumers is on the rise globally.
Today’s enterprises have solutions in place to help with the detection and management of their information systems vulnerabilities, especially as it relates to system software and firmware.
Owners of critical business data need to ensure that all application and database user entitlements and privileges are recertified on a periodic basis to make sure that only authorized individuals have access to the enterprise’s data.
A young Certified Information Systems Auditor (CISA) asked for suggestions about where and how to start to plan an IS audit.
IT security professionals such as risk managers and information security managers maintain a US federal government agency’s information system using the Federal Information Security Management Act (FISMA) in a manner that is unique to the US federal government.
Penetration (pen) tests are critical to operating and maintaining an effective information security program.
