Information Systems Audit and Control Association
ISACA also known as Information Systems Audit and Control Association is a non profit, independent membership association providing advocacy, certifications, information and knowledge about information systems assurance, control and security, Information Technology (IT) enterprise governance and other IT-related risk and compliance.The association has 190 chapters within 175 countries and 95,000 members around the world.[1]
Type: | Non-Profit |
Industry: | Inernet |
Founded: | 1969 |
Headquarters: | 3701 Algonquin Road, Suite 1010 Rolling Meadows, IL 60008 |
Country: | USA |
Website: | www.isaca.org |
Facebook: | ISACA |
LinkedIn: | ISACA |
Twitter: | @ISACANews |
Key People | |
Emil D’Angelo,CISA, CISM, International President ISACA 2010-2011 |
History
The beginnings of ISACA can be traced back in 1967 when a group of professionals working in the field of auditing controls in computer systems realized the importance of having an organization which serves as the primary source of information for the industry. Subsequently in 1969, a group of auditors from Southern California incorporated the Electronic Data Processing Auditors Association (EDPAA). Stuart Tyrnauer was the association's founding chapter president.[2] [3]
In 1973, the association held its first conference and released its first regular publication, the EDP Auditor. EDPAA Foundation was established in 1976. By 1977, the a compilation of guidelines, procedures, best practices, and standards for conducting EDP audits entitled "Control Objectives" was published by the foundation.It was was updated four times between 1980-1992. Major revisions was made to the document from 1992 to 1996 and the title became CobiT (Control Objectives for Information and Related Technology). Today, Cobit serves as an internationally accepted standard for the daily use of business managers, users of IT and IS auditors for IT control objectives and it is available on CD-ROM or online. In 1978 EDPAA established the Certified Information Systems Auditor (CISA), a certification program intended for internal and external auditors who are interested in acquiring a separate certification in Information Technology. The first CISA exam was conducted in 1981.[4]
Over the years, EDPAA's membership increased not just in the United States but also in different countries worldwide. The CISA exam and its other documents were translate different languages including Dutch, French, German, Italian, Japanese, Spanish,Chinese and Korean. In 1991, Deepak Sarup, became the first international president of EDPAA who lives outside North America. The name of the association was formally changed to Information Systems Audit and Control Association (ISACA) in 1994.[5] At present, the Association decided to officially use its acronym to represent its broad range of services.
Certification Programs
ISACA's certification programs are well-known around the world. The programs include:[6]
- Certified Information Security Manager (CISM)-Currently over 85,000 professionals have been certified on assessment, auditing, control or security and monitoring information technology and business systems.
- Certified Information Systems Manager- There were 16,000 professionals engaged in information security management have been certified by the program since its establishment in 2003.
- Certified in the Governance of Enterprise IT (CGEIT)- The program was launched in 2007 for professionals whose responsibilities are focused on IT governance. Around 4,500 professionals were certified under this program.
- Certified in Risk and Information Systems Control (CRISC)- This program was introduced in 2010 and it was specifically designed for IT professionals who are interested in acquiring knowledge about IT risks identification, management,development, implementation and maintenance of information systems controls. Since its establishment, over 14,000 professionals have already been certified by the program.
IT Governance Institute
In 1998, ISACA founded the IT Governance Institute (ITGI) due to the heightened significance of information technology as one of the key factors towards the success of entities or companies. The institute's main objective is to help business owners enhance their governance on information technology and develop IT in accordance with international standards. ITGI also aims to support businesses in able maximizing IT in achieving their business goals, enhance their business investments as well as appropriately and effectively manage the risks and opportunities associated with information technology. The main activity of the institute is conducting original research on IT governance. Its' recent publications include:[7]
- An Executive View on IT Governance
- Global Status Report on the Governance of Enterprise IT (GEIT) series
- Board Briefing on IT Governance, 2nd Edition
Publication
ISACA is currently publishing the ISACA Journal, a technical journal in information and control industry.[8]
Board of Directors
- Kenneth L. Vander Wal,International President, CISA, CPA
- Christos K. Dimitriadis,International Vice President, CISA, CISM
- Gregory Grocholski,International Vice President, CISA
- Tony Hayes,International Vice President, CGEIT, AFCHSE, CHE, FACS, FCPA, FIIA
- Niraj Kapasi,International Vice President, CISA, FCA
- Jeff M. Spivey, International Vice President, CRISC, CPP, PSP
- Jo Stewart-Rattray,International Vice President, CISA, CISM, CGEIT, CSEPS
- Allan Boardman, Director, CISA, CISM, CGEIT, CRISC, CA (SA), CISSP
- Marc Vael, Director, CISA, CISM, CGEIT, CISSP
- Emil D’Angelo, Past International President CISA, CISM
- Lynn Lawton, Past International President CISA, FBCS CITP, FCA, FIIA
- Susan M. Caldwell, Chief Executive Officer & Corp. Sec. of ISACA & ITGI
ISACA and ICANN
IN 2009, Peter Wood, member of ISACA’s Conference Committee and founder of First Base Technologies warned that ICANN's plan to support non-Latin characters, including Mandarin, Arabic, Hindu and Cyrillic in implementing the Internationalized Domain Names (IDNs will increase consumer fraud and cyber security attacks such as phising. In his comments Wood explained, "Glyphs representing certain characters from different scripts might appear similar or even identical. For example, in many fonts, Cyrillic lowercase A ("a") is indistinguishable from Latin lowercase A ("a"). An unscrupulous host site can use this visual ambiguity to pretend to be another site and take advantage of site visitors.”