Columns
4
Information Security Matters:
Frameworkers of the World, Unite 2
Steven J. Ross, CISA, CISSP, MBCP
7
IS Audit Basics: The Soft Skills Challenge
Ed Gelbstein, Ph.D.
10
The Network
Opeyemi Onifade, CISA, CISM, CGEIT, COBIT 5
Certified Assessor, COBIT 5
Certified Implementer, CISSP, Comp TIA Cloud
Essentials, ISO 20000 Prac, ISO 27001 LA,
ITIL-F, SCJP, ITBMC, PRINCE2 PMP
12
Cloud Computing: Software-defined WAN
Changes Retail Security Paradigm
Steve Woo
14
Information Ethics: The Limits of Rules
Vasant Raval, DBA, CISA, ACMA
The ISACA ® Journal
seeks to enhance
the proficiency and
competitive advantage
of its international
readership by providing
managerial and
technical guidance from
experienced global
authors. The Journal’s
noncommercial,
peer-reviewed articles
focus on topics critical to
professionals involved
in IT audit, governance,
security and assurance.
3701 Algonquin Road, Suite 1010
Rolling Meadows, Illinois 60008 USA
Telephone + 1.847.253.1545
Fax + 1.847.253.1443
www.isaca.org
VOLUME 3, 2015
Do not miss out on the Journal’s online-exclusive content. With new content weekly through feature articles and blogs, the Journal is more than a
static print publication. Use your unique member login credentials to access these articles at www.isaca.org/journal.
Online Features
The following is a sample of the upcoming features planned for May and June.
Security Mysteries in the Cloud
Sivarama Subramanian, CISM, and Devaraj
Munuswamy, CEH
Simultaneous Implementation of an
Integrated ISMS and a BCMS
Nurudeen Odeshina, CISA, CISM, CRISC,
ISO 27001 LI, ITSM
IS Audit Basics: The Soft Skills Challenge,
Part 2
Ed Gelbstein, Ph.D.
Online-exclusive Features
Journal
Features
17
Book Review: IT Security Governance
Innovations—Theory and Research
Reviewed by A. Krista Kivisild, CISA, CA, CPA
18
Book Review: Gray Hat Hacking: The
Ethical Hacker’s Handbook
Reviewed by Ibe Etea, CISA, CRISC, CA, CFE,
CIA, CRMA
19
How to Evaluate Knowledge and
Knowledge Management in the
Organization Using COBIT 5
Bostjan Delak, Ph.D., CISA, CIS
24
The Underestimated Social Engineering
Threat in IT Security Governance and
Management
(Também disponível em português)
Roberto Puricelli, CISM
29
The Time for Sustainable Business Is Now
(Também disponível em português)
Graciela Braga, CGEIT, COBIT 5
Foundation, CPA
33
Evaluating Cloud Automation as a Service
Andrew Evers
37
Navigating I/O Flows/Networks to Enhance
the Governance Management Cycle
Makoto Miyazaki, CISA, CPA
46
Toward a Secure Data Center Model
Brett van Niekerk, Ph.D., and Pierre Jacobs
Plus
56
Crossword Puzzle
Myles Mellor
57
CPE Quiz #160
Based on Volume 1, 2015—Analytics and
Risk Intelligence
Prepared by Kamal Khan, CISA, CISSP,
CITP, MBCS
59
Standards, Guidelines, Tools
and Techniques
S1-S4
ISACA Bookstore Supplement
Journal authors are
now blogging at
www.isaca.org/journal/blog.
Visit the ISACA Journal
Author Blog to gain more
insight from colleagues and
to participate in the growing
ISACA community.
Read more from these
Journa l authors…
Follow ISACA on Twitter: http://twitter.com/isacanews; Hashtag: #ISACA
Discuss topics in the ISACA Knowledge Center: www.isaca.org/knowledgecenter
Join ISACA LinkedIn: ISACA (Official), http://linkd.in/ISACAOfficial
Like ISACA on Facebook: www.facebook.com/ISACAHQ
