877.791.9571 |

About the Author:

J Kenneth (Ken) Magee is president and owner of Data Security Consultation and Training, LLC, which specializes in data security auditing and information security training. He has over 30 years of IT experience in both private industry and the public sector with the last 18 devoted to IT security and Risk Management. Ken holds degrees from Robert Morris University and Fairleigh Dickinson University. He holds 22 certifications including: CISSP-ISSMP, CAP, CISA, CISM, ISO 27001 PA, GIAC-GWAPT/GSEC/GSNA, CIA-CGAP, Security+, and CDP. He is a Senior Instructor with the InfoSec Institute. Ken is also involved with the U.S. Cyber Challenge program.
physical-security-03082013

What’s new in Physical (Environmental) Security?

ISC2 published the 3rd edition of their CISSP CBK in late 2012. I ordered my copy in December 2012 and said, “So what’s new in Physical?”

All quoted material in […]

legal-regulations-investigations-and-compliance-03072013

What’s new in Legal, Regulations, Investigations and Compliance?

ISC2 published the 3rd edition of their CISSP CBK in late 2012. I ordered my copy in December 2012 and said, “So what’s new in Legal?”

All quoted material in […]

BC-DRP-KenMagee-03052013

What’s new in Business Continuity & Disaster Recovery Planning

ISC2 published the 3rd edition of their CISSP CBK in late 2012. I ordered my copy in December 2012 and said, “So what’s new in BCP/DRP?”

First, let me say […]

security-operations-03052013

What’s new in Security Operations

ISC2 published the 3rd edition of their CISSP CBK in late 2012. I ordered my copy in December 2012 and said, “So what’s new in Operations?”

First, let me say […]

security-architecture-and-design-02252013

CISSP – Security Architecture & Design – What’s New in 3rd Edition of CISSP CBK

What’s new in Security Architecture & Design
ISC2 published the 3rd edition of their CISSP CBK in late 2012.  I ordered my copy in December 2012 and said, “So what’s […]

security-architecture-and-design-02222013

CISSP – Software Development Security – What’s New in 3rd Edition of CBK

What’s new in Software Development Security
ISC2 published the 3rd edition of their CISSP CBK in late 2012.  I ordered my copy in December 2012 and said, “So what’s new […]

cryptography-02222013

CISSP – Cryptography – What’s New in 3rd Edition of CBK

What’s new in Cryptography
ISC2 published the 3rd edition of their CISSP CBK in late 2012.  I ordered my copy in December 2012 and said, “So what’s new in Crypto?”

First, […]

Info-Sec-Governance-Risk-Manag-02212013

CISSP – Information Security Governance & Risk Management – What’s New in 3rd Ed of CBK

What’s new in Information Security Governance & Risk Management

ISC2 published the 3rd edition of their CISSP CBK in late 2012.  I ordered my copy in December 2012 and said, […]

ccissp-cbk-02202013

CISSP – Telecommunications and Network Security – What’s New in 3rd Edition of CISSP CBK

What’s new in Telecommunications and Network Security

ISC2 published the 3rd edition of their CISSP CBK in late 2012. I ordered my copy in December 2012 and said, “So what’s […]

access-control-02202013

CISSP – Access Control – What’s New in 3rd Edition of CISSP CBK

What’s new in Access Control
ISC2 published the 3rd edition of their CISSP CBK in late 2012.  I ordered my copy in December 2012 and said, “So what’s new?”

First, let […]

2012cism

ISACA Changes CISM Exam for 2012

,

According to ISACA, the CISM certification is changing to reflect the new CISM job practice analysis. (Source: ISACA’s CISM Review Manual 2012 p. iii)

ISACA has reformatted the CISM changing […]

(ISC)2 CISSP requirements and exam changes on January 1, 2012

, ,

(ISC)2 is making several changes to the CISSP exam effective January 1st, 2012.

This language was found on the ISC2 website;

(ISC)² CBK Domain Name Changes Coming Soon.
We are making some […]

IT Auditing and Controls – Database Technology and Controls

, ,

PORTIONS OF THIS ARTICLE INCLUDING MANY OF THE DEFINITIONS AND TERMINOLOGY HAVE BEEN SOURCED AND SUMMARIZED FROM ISACA.ORG and COURSE MANUALS PUBLISHED BY ISACA.

A simple definition for what a […]

IT Auditing and Controls – Infrastructure General Controls

, ,

PORTIONS OF THIS ARTICLE INCLUDING MANY OF THE DEFINITIONS AND TERMINOLOGY HAVE BEEN SOURCED AND SUMMARIZED FROM ISACA.ORG and COURSE MANUALS PUBLISHED BY ISACA.

Infrastructure General Controls

For this last article […]

How to deal with and alleviate CISSP exam anxiety!

,

As exam time approaches, everyone feels anxious about whether they’re ready to take the exam and to pass and thus to receive the CISSP certification.  For a lot of […]

ISO27002 Security Framework – Audit Program Template

Several people have asked for an IT Audit Program Template for an audit based on the ISO/IEC 27002:2005(E) security standard.  This template (which can be found here and at the […]

IT Auditing and Controls – A look at Application Controls

,

PORTIONS OF THIS ARTICLE INCLUDING MANY OF THE DEFINITIONS AND TERMINOLOGY HAVE BEEN SOURCED AND SUMMARIZED FROM ISACA.ORG and COURSE MANUALS PUBLISHED BY ISACA.

Application controls refers to the transactions […]

IT Auditing and Controls – Shared General and Application Controls

,

PORTIONS OF THIS ARTICLE INCLUDING MANY OF THE DEFINITIONS AND TERMINOLOGY HAVE BEEN SOURCED AND SUMMARIZED FROM ISACA.ORG and COURSE MANUALS PUBLISHED BY ISACA.

Shared General Controls
Later on in this […]

IT Auditing and Controls – Internet and Web Technology

,

PORTIONS OF THIS ARTICLE INCLUDING MANY OF THE DEFINITIONS AND TERMINOLOGY HAVE BEEN SOURCED AND SUMMARIZED FROM ISACA.ORG and COURSE MANUALS PUBLISHED BY ISACA.

Internet and Web Technology

This article is […]

IT Auditing and Controls – Information Technology Basics

Information Technology Basics

In its most basic form, information technology (IT), can be reduced down to IPO.  No that’s not an Initial Public Offering, but rather Input-Processing-Output.  Think of it […]