isaca research update robert foster research director, isaca northern england chapter
TRANSCRIPT
ISACA Research Update
Robert FosterResearch Director, ISACA Northern England Chapter
RECENTLY RELEASED RESEARCH
• 6 Deliver, Service and Support Audit/Assurance Programmes (Dec 2014)
• Information Systems Auditing: Tools and Techniques (Feb 2015)
• DevOps Overview White Paper (Jan 2015)
• A Global Look at IT Audit Best Practices (Nov 2014)
• Internet of Things: Risk & Value Considerations White Paper (Jan 2015)
http://www.isaca.org/Knowledge-Center/Research/Pages/Research.aspx
A GLOBAL LOOK AT IT AUDIT BESTPRACTICES
• Key Findings:• Cybersecurity and privacy are primary concerns
• Companies face significant IT audit staffing and resource challenges
• Audit committees, as well as organisations in general, are becoming more engaged in IT audit
• IT audit risk assessments are not being conducted, or updated, frequently enough
• Room for growth in IT audit reports and reporting structures
INTERNET OF THINGS: RISK AND VALUE CONSIDERATIONS
• What is the Internet of Things or IoT• Maturity of adoption• Value proposition• Risk and risk mitigation
• Business, Operational and Technical Risk
• Questions to ask• What personal information is collected, stored or processed by the IoT
device?• With whom will the data be shared/disclosed?• How will the device be used from a business perspective?• What is the threat environment for the device?
CURRENT RESEARCH PROJECTS
• Security, Audit and Control Features SAP ERP 4th Ed (Mar 2015)
• A Practical Guide to PCI DSS (Apr 2015)
• DevOps White Paper Series (Looking for SMEs 1st and 2nd quarter 2015)
• Operational Risk Management/BASEL III Using COBIT 5 (Looking for SMEs - 2nd quarter 2015)
• Audit/Assurance Programmes
http://www.isaca.org/Knowledge-Centre/Research/Pages/Current-Projects.aspx
FUTURE RESEARCH PROJECTS
• Privacy Framework – ISACA Privacy Principles (Looking for SMEs - 2nd quarter 2015)
• Privacy Survey Results White Paper (Looking for SMEs 1st quarter 2015)
• Internet of Things White Paper Series
• Security, Audit and Control Features Oracle Database, 4th Edition (Looking for SMEs - 2nd quarter 2015)
http://www.isaca.org/Chapter-Leader-Portal/Building-Better-Leaders/Pages/Research_SME_Needs.aspx
CURRENT CSX PROJECTS
• Industrial Control Systems (ICS) (SME)• Forensics (SME)• Cyber Standard for Small to Medium Business (April 2015)• Global Cybersecurity Study• 2015 APT Study
http://www.isaca.org/cyber/Pages/default.aspx
WHAT NEXT?
Thank you for listening
Please use the feedback formFeedback to board members