ISACA has this month released news of more than 40 customisable IT audit/assurance programmes, which have been developed to help IT auditors who are facing increasing challenges brought about by “Bring Your Own Device” (BYOD) trends that occur as part of the so-called consumerisation of technology.
NOTE: Previously known as the Information Systems Audit and Control Association, ISACA now goes by its acronym only, to reflect the “broad range” of IT governance professionals it serves. Today ISACA is a non-profit association serving 100,000 IT professionals in 180 countries.
The new programmes from ISACA are as follows:
NOTE: This third module is also said to help auditors evaluate internal controls affecting business processes related to outsourcing. It permits the audit/assurance professional to place audit reliance on the data and operational processes performed by the supplier on behalf of the customer.
In other news, cybercrime & crisis management
Other ISACA audit programs include cybercrime, social media, crisis management, change management and cloud computing.
“ISACA’s audit programs can be used by auditors worldwide as a road map for specific assurance processes,” said Greg Grocholski, CISA, international president of ISACA and global business finance director for the Ventures and Business Development unit within The Dow Chemical Company. “They can be customised by IT auditors in any type of environment to help them conduct effective reviews that will help ensure trust and value in the enterprise’s information systems.”
The audit/assurance programmes are based on the standards and guidance in ISACA’s IT Assurance Framework (ITAF) and align with the COBIT business framework for governance and management of IT. They have been developed by assurance professionals and are peer reviewed.
The organisation describes COBIT 5 as the latest edition of ISACA’s framework, providing an end-to-end business view of the governance of enterprise IT that reflects the central role of information and technology in creating value for enterprises.
According to ISACA “The principles, practices, analytical tools and models found in COBIT 5 embody thought leadership and guidance from business, IT and governance experts around the world.”
The programmes detailed here are downloadable in a Word document and can be customised to fit specific operating environments. ISACA insists that they can also be used by security and business professionals, to apply the control objectives and audit steps to make the respective scope areas more robust.
The audit/assurance programs are free for ISACA members and around £30 for non-members at www.isaca.org.