Fact-checked by Grok 2 weeks ago

ISACA

ISACA (Information Systems Audit and Control Association) is a global and standards body founded in 1969 as the Electronic Data Processing Auditors Association (EDPAA), dedicated to empowering professionals with knowledge, skills, credentials, and a global community to advance trust in technology. With over 185,000 members (as of 2025) across more than 190 countries and more than 230 local chapters worldwide, ISACA empowers professionals through industry-leading certifications such as CISA (Certified Information Systems Auditor), CISM (Certified Information Security Manager), CRISC (Certified in Risk and Information Systems Control), CGEIT (Certified in the Governance of Enterprise IT), and CDPSE (Certified Data Privacy Solutions Engineer), as well as , research, frameworks like , advocacy, and networking opportunities to foster digital trust and career development. The organization plays a pivotal role in shaping global standards and policies for IT professionals, supporting enterprises in addressing challenges in cybersecurity, , , and innovation through resources, tools, and .

History

Founding and Early Development

ISACA traces its origins to 1969, when seven professionals in the area, including Stuart Tyrnauer of the , incorporated the Electronic Data Processing Auditors Association (EDPAA) on October 23 to address the growing need for specialized auditing in computerized business environments. This formation occurred amid the rapid adoption of mainframe computers in the late 1960s, where traditional auditing methods struggled to evaluate electronic (EDP) systems for accuracy, , and . Tyrnauer served as the founding chairman for the first three years, guiding the association's initial efforts to develop standards and practices for IT auditing during this transformative era. The association's first formal activities centered on its incorporation in the United States as a dedicated to advancing auditing. Early operations were modest, beginning with the seven founders and expanding through local networking among IT auditors facing challenges in verifying automated financial and operational processes. By the early 1970s, membership had grown to a few hundred professionals, reflecting increasing recognition of the need for dedicated expertise in auditing emerging computer technologies. In 1970, EDPAA launched its first newsletter to facilitate knowledge sharing among members on auditing techniques and control issues in mainframe systems. This publication evolved, leading to the inaugural issue of The EDP Auditor in 1973, which became a key resource for disseminating best practices and case studies in information systems auditing. These early communications helped solidify the association's role in professionalizing IT audit amid the shift from manual to automated data processing.

Key Milestones

In 1978, ISACA introduced the Certified Information Systems Auditor (CISA) certification, establishing the first globally recognized credential for professionals in IT auditing, control, and assurance, which has since been earned by over 219,000 individuals worldwide as of 2025. This milestone solidified ISACA's role in standardizing expertise amid the rapid growth of information systems during the late 1970s. To better encompass its evolving focus on controls and broader information systems management, the association changed its name in 1994 from the Electronic Data Processing Auditors Association (EDPAA) to the Information Systems Audit and Control Association (ISACA). This rebranding, coinciding with the organization's 25th anniversary, reflected a shift from a narrow emphasis on auditing to comprehensive IT and risk practices. In 2008, the organization further rebranded to use only the acronym ISACA, dropping the full name while maintaining its mission. A pivotal advancement came in 1996 with the release of the first framework, which provided a foundational model for aligning IT processes with goals and became a for global IT standards. Building on this, ISACA addressed emerging security challenges by launching the certification in 2002, enabling professionals to demonstrate leadership in and strategy. Further expansion into risk management occurred in 2010 with the introduction of the certification, which has certified over 45,000 experts in identifying and mitigating IT-related risks as of 2025. In , ISACA marked its 50th anniversary—stemming from its 1969 founding—with a year-long series of global events, publications, and reflections that highlighted the organization's transformation from IT audit origins to a leader in digital trust and technology assurance. These celebrations included special journal issues, video retrospectives on evolution, and strategic discussions on future initiatives in cybersecurity and . In 2024, ISACA celebrated its 55th anniversary with reflections on its evolution, highlighting key achievements such as the growth of its certifications, frameworks like COBIT, and global impact in advancing digital trust.

Organizational Structure

Governance and Leadership

ISACA operates under a volunteer-led governance model, with its Board of Directors serving as the primary decision-making body. The board consists of 13 members, including elected directors and the CEO, who collectively define organizational strategy, provide oversight, ensure fiscal responsibility, and align activities with member needs. Key roles include the Chair, who leads board meetings and represents ISACA externally; the Vice Chair, who supports the Chair and assumes duties in their absence; and other directors who contribute to committees focused on audit, finance, and global engagement. Board members are nominated through an open process that begins after the Annual General Meeting (AGM), with candidates submitting applications for review by a nominations committee; elections occur via member vote, and new directors are installed at the following AGM to serve two-year terms. For the 2025-2026 term, the board is chaired by John De Santis, CISA, with Jamie Norton, CISA, serving as Vice Chair; other directors include Tracey Dedrick, Stephen Gilfus, Niel Harper, Gabriela Hernández-Cardoso, Jason Lau, Asaf Weisberg, Dr. Tim Sattler, and CEO Erik Prusch, among others, bringing diverse expertise in cybersecurity, IT governance, and global business. ISACA's global headquarters is located at 1700 E. Golf Road, Suite 400, in , USA, facilitating central operations and coordination. To support its international reach, the organization maintains regional offices in (via ISACA Europe Limited) and (including ), enabling localized engagement and resource delivery. As of 2025, Erik Prusch serves as , leading the executive team in executing board directives; Prusch, who joined in 2023, oversees operations with a focus on innovation and growth. Key executives include Ajay Barot as , Djenne Clayton as , and Chris Dimitriadis as Chief Global Strategy and Innovation Officer, who manage areas such as certification programs, educational resources, and advocacy efforts. ISACA upholds ethical standards through its Code of Professional Ethics, which requires members and certified professionals to act with objectivity, , and integrity while avoiding conflicts of interest. The organization prioritizes diversity and in , as evidenced by the board's composition representing varied geographic, professional, and cultural backgrounds to foster innovative decision-making. is guided by a multi-year framework emphasizing digital trust, with 2025 updates to the and reinforcing commitments to cybersecurity, , and global collaboration.

Membership and Global Presence

ISACA offers several membership categories tailored to different stages of . Student membership is available to full-time students enrolled in programs, providing access to educational resources and networking opportunities at a reduced rate. Professional membership serves as the core category for working individuals in information systems , , , and fields, with tiered recognition based on tenure: Bronze for 3-4 years of continuous membership, Silver for 5-9 years, for 10-14 years, and for 15 or more years, each unlocking escalating perks such as exclusive offers and priority access to events. Retired membership accommodates former professionals who have retired from active practice, maintaining their connection to the community with voting rights in chapters and continued resource access at no or minimal cost. As of late 2025, ISACA boasts over 185,000 members across more than 190 countries, fostering a vast global network for knowledge sharing and career advancement. Members enjoy key benefits including unlimited access to an extensive library of research reports, templates, and tools; discounts of up to 25% on exam registrations; and more than 70 free continuing (CPE) credits annually through webinars, on-demand videos, and self-study options. These advantages support ongoing professional growth while emphasizing digital trust in technology professions. ISACA maintains nearly 230 chapters worldwide, enabling localized engagement and support for members in diverse regions. These chapters organize networking meetups, educational seminars, and sessions to address region-specific challenges in IT governance and cybersecurity. In , the organization expanded its footprint with new chapters in Jackson, Mississippi (USA), Doha (Qatar), and Bosnia and Herzegovina, each starting with dozens of initial members to bolster local communities. Chapters play a pivotal role in recruitment through programs like Member Get a Member, an annual initiative running from August to December that incentivizes existing members to refer new professionals, thereby strengthening the global network.

Mission and Core Activities

Focus Areas and Initiatives

ISACA's primary focus areas encompass a range of interconnected domains critical to advancing trust in , including IT and assurance, , , , , and emerging technologies such as (AI) and cybersecurity. These pillars guide the association's efforts to equip professionals with the tools and knowledge needed to navigate complex digital landscapes, ensuring that organizations can effectively manage technological risks while fostering innovation. For instance, in and , ISACA emphasizes aligning IT strategies with business objectives to mitigate potential disruptions. A key initiative in these areas is the Digital Trust Ecosystem Framework (DTEF), which provides a comprehensive structure for integrating trust-based strategies across technology and business operations, addressing challenges in cybersecurity, , and ethical technology deployment. The DTEF supports professionals in building resilient systems by incorporating elements like and into digital ecosystems. Complementing this, ISACA advocates for ethical use in enterprises, promoting models that balance innovation with safeguards against biases, data violations, and security threats, as highlighted in discussions on the "new triad" of governance involving , cybersecurity, and legal . ISACA's annual reports, such as the State of Cybersecurity 2025, offer insights into global trends in digital risks, revealing priorities like AI-driven threats and the need for enhanced workforce skills in cybersecurity. This report underscores how organizations are grappling with evolving regulations and technology adoption, with AI-driven cyber threats identified as the biggest concern for professionals. Through these resources, ISACA helps align cybersecurity strategies with broader business goals. To amplify its impact, ISACA engages in partnerships with global organizations to develop standards and influence policy on , , and cybersecurity. These collaborations enhance digital skills enhancement and promote unified approaches to , ensuring that efforts translate into practical advancements for members worldwide.

Conferences and Events

ISACA organizes a range of major conferences and events designed to advance in information systems , , , and . The flagship events include the annual ISACA North America Conference, ISACA Europe Conference, ISACA Virtual Conference, and the Governance, Risk, and Control (GRC) Conference, supplemented by regional chapter gatherings and specialized summits. These events typically adopt hybrid formats, combining in-person sessions with virtual access to broaden participation across global audiences. The conferences emphasize critical and evolving topics, including AI governance, cybersecurity threats, IT risk management, and emerging technologies such as post-quantum cryptography. For example, the 2025 GRC Conference addressed , cloud risk, blockchain, third-party risk, and cybersecurity best practices, while the 2025 ISACA Conference in explored implementation, quantum risks, digital trust, and cybersecurity strategies. Similarly, the 2025 Conference in Orlando covered digital trust, , , and emerging tech challenges. These sessions feature expert-led keynotes, workshops, and panels to equip attendees with practical insights. Global events like the and conferences attract several thousand attendees, fostering extensive networking opportunities among IT professionals, auditors, and executives. Participants earn continuing professional education (CPE) credits essential for , with full attendance providing up to 32 CPE hours through interactive sessions and workshops. ISACA members benefit from discounted registration fees for these events. To extend learning beyond live attendance, ISACA provides post-event resources such as session recordings and digital materials, enabling participants and absentees to access content at their convenience. Regional events and options, including the 2025 Virtual Student Summit on November 7, further support targeted professional growth and community engagement.

Standards and Frameworks

COBIT Framework

The (Control Objectives for Information and Related Technologies) framework, developed by ISACA, provides a comprehensive approach to IT and , enabling organizations to align IT with business goals, manage risks, and optimize resources. Initially released in 1996 as a set of control objectives to support financial auditors in evaluating IT controls, has evolved into a flexible, business-focused model for enterprise-wide of and technology. Significant milestones include the launch of 5 in 2012, which introduced seven enablers—such as principles, policies, frameworks, processes, organizational structures, , and people, skills, and competencies—to support holistic IT . This edition emphasized end-to-end coverage of the and with other standards. In 2019, 2019 built on this foundation by expanding the definition of to include both governance and management perspectives, organizing content around 40 objectives grouped into five domains: Evaluate, Direct and Monitor (); Align, Plan and Organize (APO); Build, Acquire and Implement (BAI); Deliver, Service and Support (DSS); and Monitor, Evaluate and Assess (MEA). These domains facilitate the evaluation of IT's contribution to business objectives, risk optimization, and resource management. In 2025, ISACA extended through the "Leveraging for Effective AI System ," which adapts the framework to address ethical implementation, including , , and alignment with organizational values in AI deployments. This extension maps AI-specific governance needs to 's core objectives and enablers, helping organizations mitigate biases, ensure accountability, and comply with emerging regulations. To support practical application, ISACA provides the 2019 Design Guide and Implementation Guide, along with toolkits that allow enterprises to tailor the based on factors like organizational size, industry, and risk profile. These resources outline steps for designing systems, selecting relevant objectives, and implementing processes to achieve measurable outcomes in IT .

Other Guidelines and Resources

ISACA's Risk IT Framework, released in 2009, provides a structured approach to managing IT-related business risks by bridging the gap between general practices and specific considerations. It outlines three core domains—Risk , Risk Evaluation, and Risk Response—offering guiding principles, processes, and practices to help organizations identify, analyze, and respond to IT risks that impact business objectives. This complements broader tools by focusing on IT-specific elements such as dependencies and operational disruptions, enabling enterprises to align with overall strategic goals. The IT Audit Framework (ITAF™), a professional practices framework for IT auditing, establishes standards and guidance to ensure consistent, high-quality IT assurance engagements. Updated in 2020 to its fourth edition, ITAF emphasizes risk-based auditing, , and evidence gathering tailored to IT environments, including controls over and system security. It serves as a foundational resource for IT auditors, promoting adherence to generally accepted auditing principles while addressing evolving technology risks like and digital transformations. ISACA's Cybersecurity Fundamentals guidelines, delivered through its certificate program, offer essential principles and practices for building foundational knowledge in protecting organizational assets from cyber threats. These guidelines cover key domains such as threat identification, , , and incident response, providing practical strategies for non-specialists to contribute to cybersecurity efforts in business and IT settings. They emphasize proactive measures like policy development and awareness training to mitigate common attack vectors, helping professionals apply cybersecurity concepts in real-world scenarios without requiring advanced technical expertise. Introduced in 2024, the Digital Trust Ecosystem Framework (DTEF) addresses the need for holistic in digital ecosystems by integrating trust principles across , processes, and people. This framework applies to evaluate and enhance digital trust through domains like culture, architecture, operations, and assurance, enabling organizations to manage risks in interconnected environments such as and services. It supports enterprise-wide strategies for building confidence by aligning practices with emerging challenges, including data privacy and ethical use. In addition to these frameworks, ISACA provides free resources such as white papers and case studies to support practical implementation in IT assurance and . For instance, white papers on AI auditing explore techniques and controls for AI deployments, offering step-by-step guidance for auditors. Case studies illustrate real-world applications, such as applying risk frameworks to cybersecurity incidents, helping professionals translate theoretical guidelines into actionable strategies without cost barriers. These materials are accessible via ISACA's resource library, promoting knowledge sharing and continuous in evolving IT landscapes.

Publications

Journals and Periodicals

ISACA's flagship periodical, the ISACA Journal, has been published bimonthly since 1973, originally under the title The EDP Auditor, and serves as a key resource for professionals in information systems , , and . The journal features peer-reviewed, in-depth articles on topics such as IT auditing, cybersecurity, , emerging technologies like , and , drawing contributions from global experts to provide practical guidance and forward-looking insights. In 2022, the publication marked its 50th anniversary, highlighting its evolution from a foundational newsletter-style outlet in ISACA's early years to a comprehensive digital resource that has influenced the profession over five decades. The journal is organized into volume-based archives, offering members access to decades of content, including specialized issues on contemporary challenges such as cybersecurity threats in 2025, with articles exploring adaptive strategies and proactive defenses. ISACA members receive free exclusive digital to current and archived editions, including through a dedicated that supports offline reading, ensuring professionals can stay informed on high-impact developments without barriers. This accessibility underscores the journal's role in fostering continuous , with authoring opportunities allowing certified practitioners and thought leaders to share expertise and earn continuing professional education credits. Complementing the journal, the ISACA Now blog provides frequent updates on industry news, member success stories, and emerging trends, delivering real-time perspectives on topics like AI governance, cyber defense innovations, and digital trust in a global context. Published regularly throughout the year, the blog features contributions from ISACA leaders, staff, and community members, emphasizing practical applications and organizational impacts to support professionals navigating rapid technological shifts. Like the journal, it is freely available to members via the ISACA website, promoting an ongoing dialogue on the evolving landscape of information systems and security.

Books and Technical Guides

ISACA publishes a comprehensive collection of books and technical guides that serve as professional references for IT , , , and cybersecurity professionals. These resources are designed to provide in-depth guidance on implementing best practices and frameworks, with a strong emphasis on practical application. The organization's library encompasses over 190 titles covering topics such as , assurance, , , cybersecurity , , and , available through the ISACA online store where members receive exclusive discounts on purchases. Central to ISACA's offerings are its COBIT-related publications, which form the backbone of its resources. The 2019 Framework: Introduction and Methodology outlines the core structure of the framework, including an expanded definition of and principles for aligning IT with business objectives. Complementing this, the COBIT 2019 Implementation Guide: Implementing and Optimizing an Information and Technology Solution provides step-by-step methodologies for designing and deploying systems tailored to organizational needs. Additionally, the for : Leveraging for Effective System guide, released in 2025, adapts the framework to address -specific challenges, offering strategies for risk management and ethical implementation in systems. Beyond , ISACA's technical guides include foundational texts like Cybersecurity Fundamentals Study Guide (2020), which introduces key concepts in cybersecurity for professionals entering the field, covering threat landscapes, controls, and compliance essentials. The IT Governance Implementation Guide, integrated within resources, details processes for establishing effective IT governance structures, emphasizing alignment with enterprise strategy and risk mitigation. These guides are regularly updated to incorporate emerging trends, such as risks; for instance, recent ISACA resources integrate quantum risk assessments into governance practices, using frameworks like Risk IT to evaluate threats to and in a post-quantum era. Members benefit from free access to select digital versions of core publications and discounted pricing on print and e-book formats via the ISACA , ensuring broad accessibility for ongoing . This extensive library supports ISACA's mission by equipping practitioners with authoritative, up-to-date tools for navigating complex IT environments.

Certifications

Professional Certifications

ISACA's professional certifications are advanced credentials designed to validate expertise in key areas of information systems auditing, , , , , and . These certifications require candidates to pass a comprehensive , demonstrate relevant professional , and commit to ongoing continuing professional (CPE) to maintain their status. Globally recognized, they support career advancement for IT professionals and have been awarded to over 500,000 individuals across various domains. The foundational certification, Certified Information Systems Auditor (CISA), launched in 1978, focuses on auditing, control, and assurance of information systems. It covers five job practice areas: the information systems auditing process; and management of IT; information systems acquisition, development, and implementation; information systems operations and business resilience; and protection of information assets. The CISA exam consists of 150 multiple-choice questions over four hours. Introduced in 2002, the Certified Information Security Manager (CISM) certification emphasizes the management of information security programs, including , , program development, and . The exam format mirrors CISA's, with 150 questions in four hours. In 2025, CISM was named the Best Program by the SC Awards. The Certified in Risk and Information Systems Control (CRISC), established in 2006, targets professionals in IT risk identification, , and mitigation. It includes four domains: ; IT ; risk response and reporting; and and . The is also 150 questions over four hours. Launched in 2007, the Certified in the Governance of Enterprise IT (CGEIT) addresses enterprise IT , covering for , , benefits realization, optimization, and resource optimization. Like other core s, it requires a four-hour, 150-question . The Certified Data Privacy Solutions Engineer (CDPSE), introduced in 2021, focuses on privacy program governance, privacy architecture, technology management, and operations. Its exam is 120 questions over 3.5 hours. Among newer offerings, the Advanced in Audit (AAIA) certification, launched in 2025, equips auditors to evaluate AI systems for , , and ethical considerations. It builds on foundational knowledge with AI-specific domains. In 2025, ISACA introduced the Certified Cybersecurity Operations Analyst (CCOA) certification, which concentrates on implementing and managing cybersecurity controls and operations. This credential was named Professional Certification Program of the Year in the 2025 Cybersecurity Breakthrough Awards and also a finalist in the 2025 SC Awards Europe. The Certified in Emerging Technology (CET) certification addresses skills in such as , , and , with domains tailored to , , and implementation in these areas. ISACA also introduced the Advanced in AI Security Management (AAISM) certification in 2025, focusing on implementing AI solutions and managing AI-related security s. To earn these certifications, candidates must pass the respective exam and provide evidence of at least five years of relevant work experience, with possible waivers for education or other certifications reducing this to as few as three years. All certified professionals must adhere to ISACA's and maintain their credential through CPE, requiring a minimum of 20 hours annually and 120 hours over a three-year reporting cycle.

Certificate Programs

ISACA offers a suite of entry-level programs designed to provide foundational knowledge in key areas of information systems, , cybersecurity, and , targeting professionals seeking quick skill acquisition without prior experience requirements. These programs emphasize practical, performance-based learning to build competencies that support entry or transitions into specialized roles. The IT Fundamentals introduces core principles of IT auditing, including planning, evidence collection, and reporting, through interactive modules that cover six key domains such as internal controls and . Similarly, the Cybersecurity Fundamentals focuses on essential cybersecurity concepts like , , and basic incident response, equipping learners with baseline skills for protecting assets. The Foundation provides an overview of the COBIT framework for IT and management, highlighting processes for aligning IT with business objectives. The Digital Trust Ecosystem Framework Foundation explores the components of digital trust, including identity verification, data privacy, and ecosystem , to foster secure digital environments. In 2025, ISACA introduced the Fundamentals as an addition, offering interactive training on AI principles, models, , and applications to address emerging technology needs. These certificates are delivered as self-paced online courses combining video lectures, interactive eLearning modules, and knowledge-based assessments, culminating in a remotely proctored typically lasting two hours with multiple-choice and performance-based questions. No professional experience is required for enrollment in most programs, allowing completion within a few weeks depending on the learner's pace, though official estimates suggest 20-40 hours of study time. Upon successful completion, participants earn continuing professional education (CPE) credits—ranging from 10 to 20 per program—to maintain professional , and receive a via Credly (Acclaim) for verifiable online sharing on professional profiles. These certificates serve as preparatory stepping stones toward advanced professional certifications like CISA, enhancing eligibility and foundational understanding without the rigorous experience validation of full certifications. Verification of certificate status is available through ISACA's public registry, ensuring transparency for employers. Integration with ISACA membership provides additional perks, such as discounted course fees (up to 20% off for members), access to exclusive study resources, and bundled CPE tracking tools within the MyISACA , facilitating ongoing .

References

  1. [1]
    Press Releases 2024 ISACA Celebrates 55 Years of Impact
    Oct 31, 2024 · ISACA is a global professional association and learning organization that leverages the expertise of its 185,000 members who work in digital ...Expanding Its Presence And... · Advancing Training And... · Making A Difference Around...
  2. [2]
    ISACA - Who We Are
    ISACA is a global IS/IT community of professionals advancing careers, enterprises, and digital trust, with a focus on advocacy and a global reach.A Community Of Is/it... · Advancing Knowledge &... · Moving The Industry Forward
  3. [3]
    About ISACA
    ISACA is a global professional association and learning organization with 185,000 members who work in digital trust fields such as information security, ...Careers at ISACA · Contact ISACA · Who We Are
  4. [4]
    ISACA Certifications
    Become an ISACA credential holder and join a vibrant global community of experts in audit, cybersecurity, risk, privacy and governance.Certification · CISA® Certification · CRISC® Certification · CISM® Certification
  5. [5]
    ISACA Advocacy and Government Relations
    ISACA advocates globally, supports US legislation, partners with EU/UK, and advises policymakers to shape best practices for the IS/IT industry.Global Advocacy Wins For... · Advocating For Isaca Members... · Isaca Strengthens Efforts To...
  6. [6]
    COBIT®| Control Objectives for Information Technologies® - ISACA
    Created by ISACA, COBIT allows practitioners to govern and manage IT holistically, incorporating all end-to-end business and IT functional areas of ...COBIT 5 Framework · COBIT for AI Governance · COBIT Design & ImplementationMissing: 1996 | Show results with:1996
  7. [7]
    Our Chapter History - Dhaka Chapter - ISACA Engage
    Our Chapter History In 1969, Stuart Tyrnauer, an employee of the Douglas Aircraft Company, founded the EDP Auditors Association (EDPAA) and served as its ...
  8. [8]
    2019 Volume 3 ISACA 50 Years of Keeping Pace With Changing ...
    May 1, 2019 · Enter the Electronic Data Processing Auditors Association (EDPAA) in 1969, heralding the arrival of the IT audit profession. 1970s—Gaining ...
  9. [9]
    ISACA Now Blog 2019 Coincidence or History
    Jul 1, 2019 · On 23 October 1969—just a few months after Apollo 11 landed on the moon—the Electronic Data Processing Auditors Association (EDPAA).
  10. [10]
    CISA® Exam Content Outline - ISACA
    Since its inception in 1978, more than 200,000 people have obtained ISACA's CISA certification to validate their expertise in understanding and performing ...
  11. [11]
    Industry News 2020 COBIT 2019 and COBIT 5 Comparison - ISACA
    Apr 27, 2020 · COBIT was first released in 1996; the latest version, COBIT 2019, was released in 2018. COBIT 5 was published in 2012, and to include new ...Principles And Objectives · Performance Management And... · Governance System Design...
  12. [12]
    CISM® Exam Content Outline - ISACA
    Since its inception in 2002, more than 107,000 people have obtained ISACA's CISM certification to validate their expertise in information security ...
  13. [13]
    CRISC® Exam Content Outline - ISACA
    Since its inception in 2010, more than 46,000 people have obtained ISACA's CRISC certification to validate their expertise in using governance best practices ...
  14. [14]
    50th Anniversary Year Provides Inspiration to Look to ISACA's Future
    Jan 2, 2019 · ISACA's remarkable story is far from complete. The calendar has now flipped to 2019, the much-anticipated year of ISACA's 50 th anniversary celebration.<|control11|><|separator|>
  15. [15]
    The Role of the Board of Directors - ISACA
    The ISACA Board defines strategy, provides governance, makes decisions in the best interests of ISACA, and participates in strategic plan preparation.<|control11|><|separator|>
  16. [16]
    Nominations for the 2026-2027 ISACA Board of Directors
    Nominations for the 2026-2027 ISACA Board of Directors will open on 30 July 2025, following the Annual General Meeting (AGM), and candidate applications must ...
  17. [17]
    Press Releases 2025 ISACA Welcomes 2025 2026 Board of Directors
    Jul 30, 2025 · In total, the following 13 leaders were installed on the 2025-2026 ISACA Board of Directors during ISACA's Annual General Meeting: John De ...
  18. [18]
    ISACA Board of Directors
    Director Erik Prusch is chief executive officer for ISACA. Prior to joining ISACA, Erik was chief executive officer at Harland Clarke Holdings Corp., a provider ...
  19. [19]
    Have a question? Contact Us - ISACA
    ISACA Global 1700 E. Golf Road, Suite 400, Schaumburg, Illinois 60173, USA Phone: 1-847-253-1545 | Fax: 1-847-253-1443. ISACA Europe Limited
  20. [20]
    Executive Leadership Team - ISACA
    Meet ISACA's Leadership Team · Erik Prusch Chief Executive Officer · Ajay Barot Chief of Staff · Djenne Clayton General Counsel · Chris Dimitriadis Chief Global ...Djenne Clayton · Chris Dimitriadis · Shannon Donahue
  21. [21]
    Press Releases 2023 ISACA Welcomes New CEO Erik Prusch
    Jun 12, 2023 · Erik Prusch will join ISACA as its new CEO today. Based in Washington state, Prusch brings significant tech and leadership experience as a ...
  22. [22]
    Kicking off 2025 with a New Mission and Vision - ISACA
    Jan 29, 2025 · Kicking off 2025 with a New Mission and Vision. Erik Prusch. Author: Erik Prusch, ISACA CEO Date Published: 29 January 2025. Read Time: ...
  23. [23]
    2024 Volume 2 The Ethical Challenge of IT Silos - ISACA
    Mar 13, 2024 · ISACA's Code of Professional Ethics states that certification holders must “perform their duties with objectivity, due diligence, and ...Communication Breakdown · Mistrust And Lack Of... · Decision Making
  24. [24]
    Elevating ISACA's Impact: Building a High-Performing Board for the ...
    Apr 30, 2025 · ISACA Board Director Asaf Weisberg addresses the Board's composition and varied backgrounds in this installment of Notes from the Boardroom.
  25. [25]
    ISACA® Membership Levels
    ISACA offers four levels of membership, with each providing its own set of benefits, including access to networking, discounts on products and opportunities ...
  26. [26]
    Membership: What does my "Member level" mean? - ISACA Support
    Your membership level may make you eligible for exclusive perks and offers. Bronze level represents 3-4 years of continuous membership. Silver level represents ...
  27. [27]
    https://www.isaca.org/membership/member-levels
  28. [28]
    ISACA® Membership Benefits
    Experience the power of an ISACA membership · Earn 70+ free CPE credits a year · Save up to 25% on exam registration · Gain exclusive access to job postings · Get ...
  29. [29]
    ISACA® Local Chapters
    ISACA has over 200 chapters worldwide, offering a variety of benefits to members, including networking, education, and career development opportunities.
  30. [30]
    Member Get a Member - ISACA
    The Member Get a Member Program empowers you to show other IS/IT professionals how an ISACA membership can help build skills, increase networks and advance ...
  31. [31]
    Digital Trust Ecosystem Framework - ISACA
    The Digital Trust Ecosystem Framework (DTEF) enables IS/IT professionals to integrate trust-based strategies into technology and business operations.State of Digital Trust · State of Digital Trust 2023 · ISACA Digital Videos · HereMissing: initiatives | Show results with:initiatives
  32. [32]
    Collaboration and the New Triad of AI Governance - ISACA
    Sep 19, 2025 · The most effective triads are synchronized. They anticipate risk, embed compliance and security from inception, and ensure that legal, privacy, ...
  33. [33]
    State of Cybersecurity - ISACA
    Access ISACA's State of Cybersecurity 2025 report to learn more and help you in your work to align cybersecurity strategy with business goals, strengthen ...Missing: policy | Show results with:policy
  34. [34]
    Press Releases 2025 AI driven cyber threats are the biggest ... - ISACA
    Oct 21, 2025 · ISACA believes ensuring staff are both trained to use AI safely and securely in the workplace and trained to respond to AI-driven cybersecurity ...Missing: pillars | Show results with:pillars
  35. [35]
    ISACA® Conferences
    Upcoming conferences and events ; ISACA 2025 Europe Conference · 15–17 October 2025 ; ISACA 2025 Virtual Student Summit · 7 November 2025 ; ISACA 2026 North America ...ISACA North America · ISACA Europe Conference · ISACA Virtual Conference
  36. [36]
    ISACA Announces 2025 Global Event Lineup: Advancing Digital ...
    Mar 3, 2025 · ISACA's 2025 events include in-person and virtual conferences, such as the North America and Europe conferences, and virtual summits, focusing ...
  37. [37]
    2025 Governance, Risk, and Control Conference from ISACA and ...
    Jun 17, 2025 · For more than 55 years, ISACA has empowered its community of 185,000+ members with the knowledge, credentials, training and network they need to ...Missing: figures | Show results with:figures
  38. [38]
    ISACA Europe 2025: Building Trust in Technology Amid a New Era ...
    Oct 27, 2025 · ISACA Europe 2025 in London explored AI, quantum risk and digital trust, uniting global experts to define the future of cybersecurity and ...Isaca Ceo Erik Prusch · Share Episode · Ai In The Real World
  39. [39]
    ISACA Conference North America 2025 Attendee List - Vendelux
    ISACA Conference North America typically attracts several thousand attendees from across North America and internationally. The audience includes senior ...
  40. [40]
    How to Earn CPE | Continuing Professional Education - ISACA
    All Training Topics · Artificial Intelligence · Cybersecurity · IT Audit · Certification ... Earn up to 32 CPEs when attending an ISACA Conference. LEARN MORE.The ISACA Foundation · ISACA Virtual Conference · ISACA Training Week
  41. [41]
    ISACA® Conference Session Recordings
    Explore ISACA's session recordings to stream on-demand video of invaluable, expert-led presentations recorded live at global conferences and events.<|control11|><|separator|>
  42. [42]
    What is COBIT? COBIT Explained – BMC Software | Blogs
    Dec 6, 2024 · History of COBIT ... International professional association ISACA first released COBIT in 1996 as a set of control objectives to aid the financial ...Missing: evolution | Show results with:evolution
  43. [43]
    Employing COBIT 2019 for Enterprise Governance Strategy - ISACA
    Oct 28, 2019 · The governance and management objectives in COBIT 2019 are grouped into 5 domains. The domains have ids with verbs that express the key purpose ...Results And Application Of... · Assumptions And Observations... · Cobit 2019 Based On Bsc As A...
  44. [44]
    Leveraging COBIT for Effective AI System Governance - ISACA
    Jan 31, 2025 · This white paper explores the role of the COBIT® framework as a robust, adaptable solution for effective AI governance and management.
  45. [45]
    ISACA Now Blog 2025 COBIT A Practical Guide for AI Governance
    Feb 4, 2025 · The COBIT framework can help organizations implement artificial intelligence more responsibly and in ways that ultimately will create more value for the ...
  46. [46]
    2019 Volume 1 The Optimal Risk Management Framework ... - ISACA
    Jan 1, 2019 · It is recommended that a risk framework, assessment and supporting analysis be used to help guide IT and the business in driving value to the organization.
  47. [47]
    ISACA® IT Risk Resources
    Risk IT Framework, 2nd Edition. The Risk IT Framework fills the gap between generic risk management concepts and detailed IT risk management.Missing: 2009 | Show results with:2009
  48. [48]
    IT Scenario Analysis in Enterprise Risk Management - ISACA
    Endnotes. ISACA, The Risk IT Framework, USA, 2009. ISACA, The Risk IT Practitioner Guide, USA, 2009. Risk analysis is the actual estimation of frequency ...
  49. [49]
    Frameworks, Standards and Models - ISACA
    The Digital Trust Ecosystem Framework and its accompanying suite of products are designed to empower IS/IT professionals in fostering the advancement of ...Digital Trust Ecosystem... · Blockchain Framework And... · It Audit Framework (itaftm)...Missing: initiatives State policy
  50. [50]
    Press Releases 2020 ISACA Updates IT Audit Framework ITAF
    Oct 22, 2020 · The 2020 ITAF updates include more IT-specific guidance, emphasis on risk assessment, updated auditor objectivity, and a more user-friendly ...
  51. [51]
    ISACA® IT Audit Resources
    ISACA provides tools and resources for IT audits, including AI and cybersecurity programs, and publications to enhance audit processes.
  52. [52]
    Cybersecurity Fundamentals Certificate - ISACA
    Get practical guidance on how to protect organizations, their critical systems and sensitive information from digital attacks. START LEARNING. Take a look ...
  53. [53]
    Cybersecurity Fundamentals Certificate | Resources - ISACA
    Authored by global industry experts, the study guide helps build your knowledge of the Cybersecurity Fundamentals domains, outlines what to expect from the exam ...
  54. [54]
    ISACA® Cybersecurity Awareness Resources
    ISACA offers information cybersecurity resources across audit & assurance, governance, enterprise, information security, and risk topics.
  55. [55]
    2023 Volume 1 Defining Establishing and Measuring Digital Trust
    Jan 1, 2023 · A Digital Trust Ecosystem Framework. ISACA® has developed a framework for digital trust, called the Digital Trust Ecosystem Framework (DTEF).
  56. [56]
    Digital Trust Ecosystem Framework a Valuable Complement to ...
    Mar 4, 2024 · DTEF was designed to be compatible with several existing frameworks and best practices, including COBIT, ITIL, GDPR, and numerous ISO and NIST standards.
  57. [57]
    White Papers 2024 Using DTEF to Achieve Trustworthy AI - ISACA
    Apr 30, 2024 · This white paper explores the benefits of using ISACA's Digital Trust Ecosystem Framework (DTEF) for enterprises adopting artificial intelligence (AI)-enabled ...Missing: studies | Show results with:studies
  58. [58]
    ISACA® Journal
    Previous ISACA Journals. Dive into a rich archive of bimonthly Journals spanning over a decade for a wealth of valuable insights and knowledge.View Journal Archives · Volume 3 · Volume 2 · Volume 1
  59. [59]
    ISACA® Resources
    ISACA Journal. Read through peer-reviewed, in-depth articles on pressing industry topics. LEARN MORE. Illustration ...
  60. [60]
    Celebrating Five Decades of the ISACA Journal
    Feb 18, 2022 · Journal 50 Years. Author: ISACA Now Date Published: 18 February 2022. The ISACA Journal is more than just a print and digital publication ...
  61. [61]
    ISACA® Journal Archives
    Explore the ISACA Journal archives where you can find all archived journal publications, point of views and scenario models for ISACA members.
  62. [62]
    ISACA® Journal Article Submission
    Submit an ISACA Journal article to get your name in front of your peers, earn CPE credit hours and establish yourself as an industry expert.
  63. [63]
    ISACA® Now Blog
    ISACA Now offers global perspectives and real-time insights on evolving challenges and opportunities facing our professional community.ISACA Award-Winner... · ISACA's Exciting 2024 is... · ISACA 2024 Annual Report...
  64. [64]
    ISACA Now Blog 2025 Six Practical Steps for Faster Smarter Cyber ...
    Feb 17, 2025 · ISACA offers Information Cybersecurity resources across audit & assurance, governance, enterprise, information security, and risk topics.
  65. [65]
    ISACA® News and Trends
    Discover ISACA's latest industry-leading articles, blogs and podcasts, as well as a deep archive with a convenient searchable interface.
  66. [66]
    ISACA® Publications
    ISACA offers a wide range of topics in our library, including audit, assurance, control, information security, cybersecurity risk, governance, COBIT and more.
  67. [67]
    Store - ISACA Portal
    Free deliveryA Practical Guide to the Payment Card Industry Data Security Standard | Digital | English. $35.00 Member Pricing. $60.00 Non-member Pricing.Login · Event · Order history · Register
  68. [68]
    How to Conduct a Quantum Risk Assessment Using ... - ISACA
    May 19, 2025 · This quantum risk assessment (QRA) walkthrough demonstrates how to translate quantum risk from an abstract future threat into a practical, actionable program.
  69. [69]
    COBIT: Is the new COBIT guidance free to members? - ISACA Support
    The PDF download of the following four (4) core COBIT® 2019 publications will be free to members. Additionally, ISACA members will receive exclusive discounts.
  70. [70]
    CISA® Certification | Certified Information Systems Auditor® - ISACA
    ISACA'S CISA certification exams are computer-based and administered at authorized PSI testing centers globally or as remotely proctored exams.
  71. [71]
    Earn a CISA® Certification - ISACA
    Pass the CISA Exam within the last five years. · Have five or more years of professional information systems auditing, control or security work experience ...Missing: first | Show results with:first
  72. [72]
    Press Releases 2025 ISACAs CISM Named Best Professional ...
    May 29, 2025 · CISM, established in 2002, has been earned by more than 100,000 professionals since its inception. Last year, CISM became approved for use with ...
  73. [73]
    Press Releases 2025 CCOA Named Professional Certification ...
    Oct 14, 2025 · The new Certified Cybersecurity Operations Analyst certification was also named a finalist in 2025 SC Awards Europe.
  74. [74]
    Which ISACA Certification is Right for You? | Infographic
    Sep 24, 2025 · ISACA Credentials · CET—Certified in Emerging Technology Certification · CISA—Certified Information Systems Auditor · AAIA Certification | ISACA ...
  75. [75]
    Maintain CISA® Certification - ISACA
    Maintaining your CISA® requires earning a minimum of 20 CPEs annually and a total of 120 CPEs over a 3-year period. 20 CPE. Required annually. 120 CPE. Required ...Isaca Offers Opportunities... · How To Report My Cpe · Cisa Maintenance...
  76. [76]
    Information Systems & Cybersecurity Certificates - ISACA
    ISACA certificates demonstrate commitment, enhance IT knowledge, increase understanding of fundamentals, and validate knowledge in areas like cyber and cloud ...
  77. [77]
    IT Audit Fundamentals Certificate - ISACA
    There are no prerequisites. You can register for the IT Audit Fundamentals exam at any time. The online, remotely proctored 2-hour exam blends both knowledge ( ...
  78. [78]
    Artificial Intelligence Fundamentals Certificate - ISACA
    This interactive, self-guided course blends knowledge and performance-based training components to help you master key AI principles, models, and ...VIEW ALL Study Materials
  79. [79]
    Verify a Certification - ISACA
    Select the type of certification, enter the certificate number that they would have provided you with, and their last name exactly as it appears in their ISACA ...