Jump to content

Information Systems Audit and Control Association

From ICANNWiki


Type: Non-Profit
Industry: Inernet
Founded: 1969
Headquarters: 3701 Algonquin Road, Suite 1010

Rolling Meadows, IL 60008

Country: USA
Website: www.isaca.org
Facebook: ISACA
LinkedIn: ISACA
Twitter: @ISACANews
Key People
Emil D’Angelo,CISA, CISM, International President ISACA 2010-2011

ISACA also known as Information Systems Audit and Control Association is a non profit, independent membership association providing advocacy, certifications, information and knowledge about information systems assurance, control and security, Information Technology (IT) enterprise governance and other IT-related risk and compliance.The association has 190 chapters within 175 countries and 95,000 members around the world.[1]

History

The beginnings of ISACA can be traced back in 1967 when a group of professionals working in the field of auditing controls in computer systems realized the importance of having an organization which serves as the primary source of information for the industry. Subsequently in 1969, a group of auditors from Southern California incorporated the Electronic Data Processing Auditors Association (EDPAA). Stuart Tyrnauer was the association's founding chapter president.[2] [3]

In 1973, the association held its first conference and released its first regular publication, the EDP Auditor. EDPAA Foundation was established in 1976. By 1977, the a compilation of guidelines, procedures, best practices, and standards for conducting EDP audits entitled "Control Objectives" was published by the foundation.It was was updated four times between 1980-1992. Major revisions was made to the document from 1992 to 1996 and the title became CobiT (Control Objectives for Information and Related Technology). Today, Cobit serves as an internationally accepted standard for the daily use of business managers, users of IT and IS auditors for IT control objectives and it is available on CD-ROM or online. In 1978 EDPAA established the Certified Information Systems Auditor (CISA), a certification program intended for internal and external auditors who are interested in acquiring a separate certification in Information Technology. The first CISA exam was conducted in 1981.[4]

Over the years, EDPAA's membership increased not just in the United States but also in different countries worldwide. The CISA exam and its other documents were translate different languages including Dutch, French, German, Italian, Japanese, Spanish,Chinese and Korean. In 1991, Deepak Sarup, became the first international president of EDPAA who lives outside North America. The name of the association was formally changed to Information Systems Audit and Control Association (ISACA) in 1994.[5]

At present, the Association decided to officially use its acronym to represent its broad range of services. ISACA's certification programs are well-known around the world. Currently over 88,000 professionals have been certified under CISA; 17,000 professionals gained their certification on information security management under the Certified Information Security Manager (CISM) certification program; 4,500 professionals have been certified under CGEIT (Cerified in the Governance of Enterprise IT) and 14,000 professionals gained their certificate after learning how to identify and manage risks through the development, implementation and maintenance of information systems controls under the Certified in Risk and Information Systems Control (CRISC) program. ISACA is currently publishing the ISACA Journal, a technical journal in information and control industry.[6]

IT Governance Institute

In 1998, ISACA founded the IT Governance Institute (ITGI) due to the heightened significance of information technology as one of the key factors towards the success of entities or companies. The institute's main objective is to help business owners enhance their governance on information technology and develop IT in accordance with international standards. ITGI also aims to support businesses in able maximizing IT in achieving their business goals, enhance their business investments as well as appropriately and effectively manage the risks and opportunities associated with information technology. The main activity of the institute is conducting original research on IT governance. Its' recent publications include:[7]

  • An Executive View on IT Governance
  • Global Status Report on the Governance of Enterprise IT (GEIT) series
  • Board Briefing on IT Governance, 2nd Edition

References