New exam and prep available now.
Note: Early bird pricing ends on 17 July.
Mitigate enterprise cybersecurity risk with ISACA's CMMI Cybermaturity Platform.
Start with the NEW COBIT Foundation Online Course.
ISACA is Your Career
Make a name for yourself. Stand out. Grow. All with the support of your family at ISACA.
ISACA is Community
As a member you get more than just discounts, you get family. A family of like minds to share ideas successes and passion for the IT Audit, Risk, Security & Governance.
Membership & ChaptersBe one with a membership community more than 145,000 strong and growing every year. ISACA’s member network extends globally, and with over 220 local ISACA chapters around the world, meets you where you are. Become Our Community
Engage, Your Online CommunityBe a part of ISACA’s community. Gain the insights of like-minded professionals. Share your know-how, enthusiasm and volunteer spirit. Explore upcoming events. Engage with a world of people and exciting possibilities for professional and personal growth. Begin Engagement
ISACA is Enterprise
ISACA’s Enterprise Solutions not only builds stronger teams and organizations, we offer smart solutions — designed and delivered by certified experts!
Build your team’s know-how and skills with customized training
ISACA has been helping IS/IT professionals and the enterprises they serve for 50 years and counting. Our Corporate Training helps build team effectiveness and stakeholder confidence in enterprises worldwide.Start Training
Affirm your employees’ expertise, elevate stakeholder confidence
More than 200,000 practitioners and managers have earned ISACA certifications that affirm them among the world’s most trusted information systems and cybersecurity professionals.Certify your Team
Assess and improve your enterprise performance
Whether you’re talking about protecting your organization from growing cyber threats or ensuring a new medical device works optimally and safely—the best first step starts with self-assessment using ISACA®’s CMMI® Institute models.Assess your organization
Get ahead of the knowledge, skills, networking and career curve. Discover opportunities galore with all that’s new from ISACA.
How the CSX-P Certification Has Bolstered My Credibility in Audit
As an IT or systems auditor, my job is all about assessing and testing controls designed and in place to protect the company’s treasure trove of information. In my case, health insurance claims data of our members is the Holy Grail to be protected. When I go into an audit, my credibility sets the tone for an open and honest dialogue throughout the engagement.10 July 2020
COBIT Focus Area: Information Security
COBIT Focus Area: Information Security provides guidance related to information security and how to apply COBIT to specific information security topics/practices within an enterprise. The publication is based on the COBIT core guidance for governance and management objectives, and enhances the core guidance by highlighting security-specific practices and activities as well as providing information security-specific metrics. In COBIT 2019, a focus area describes a certain governance topic, domain or issue that can be addressed by a collection of governance and management objectives and their components. This publication describes information security and details additional metrics and activities that should be considered when implementing or assessing COBIT in the context of information security.
Beware, Coronavirus-Themed Ransomware is Here
It’s important to recognize how essential grocery stores, hospitals, clinics and supply chain organizations are in light of COVID-19, and it’s equally important to recognize technology as their critical infrastructure. Without it, countless organizations would be left inept, disorganized and overwhelmed.9 July 2020
Essential Functions of a Cybersecurity Program
No matter the size of an organization, every organization that depends on information technology to conduct any part of its business should have a functioning cybersecurity program.Author: Steve Akridge
#IamISACA: Building an IT Audit Community From the Bottom Up
I started work at the State Audit Office (SAO) of Georgia in late 2013 as an intern. At that time, SAO had no IT audit function, but one was needed to keep up with the government due to rapid development of government electronic systems. I was tasked to learn more about IT audit and build a qualified team.8 July 2020
#IamISACA: Satisfaction Through Volunteering
Life is all about tackling and winning over challenges that come your way. In that spirit, I want to share some of my experiences with ISACA (mostly with the Chennai, India Chapter) and from my personal life – and how these two became connected.8 July 2020
Leveraging Cybersecurity to Increase Diversity, Equity and Inclusion
As an industry, cybersecurity has always been challenged by a shortage of supply when it comes to talent. This is further complicated by a lack of diversity, an issue that when addressed well has always proven to deliver stronger teams and better results.7 July 2020
Becoming an NYU Cyber Fellow
Watch the story of a TIAA’s Business Information Security Officer and ISACA member.
Seven Ways AI is Improving the Job Market – Not Killing It
Artificial intelligence is not a thing of the future anymore. We live in a world where AI is working diligently in the shadows of every major industry. The industrial revolution of the past built the world we are enjoying today, and it was done using the strength...6 July 2020
Preserving Privacy in Video Analytics Solutions in Smarter Cities
Video analytics in smarter cities pose a challenge for security and privacy professionals that are focused on preserving the privacy of the public, while balancing their organization’s desire to utilize information. As with all analytics, these principles come with competing needs.2 July 2020
#IamISACA: Embracing Cross-Cultural Connections
I worked for a company a long time ago that sent us to a training about cultural differences between the US and UK. Most of our senior managers were in the UK or in the U.S. and we thought, we both speak English so why can’t we communicate?1 July 2020
#IamISACA: Carrying on My Father’s Volunteering Legacy
After voting precincts began relying upon computers, my father stopped volunteering as an election worker. That’s right about when he passed the torch to me and I signed up.1 July 2020
Deploying a Data Security Defense
Maintaining data security has become more challenging in recent years. Many countries have passed and adopted comprehensive laws dealing with this issue, and others are debating the necessity of doing so.Author: Jason Jiao
Becoming the Boss: Guidance for New Supervisors in an Era of Remote Work
Emily Tsitrian, senior manager of professional services at Castlight Health, presented last week at the Pride Summit in her session, “Boss Up! How to Become the Boss.” Tsitrian visited with ISACA Now following her session to share some of her guidance on transitioning to becoming a supervisor, especially in current times in which remote work has become increasingly commonplace.30 June 2020
The Value of IT Governance
Ineffective governance has a substantial impact on business alignment and risk management. Misalignment can result in improper identification of sensitive data, critical services and substandard security controls.29 June 2020
The DoD’s Cybersecurity Maturity Model Certification—As Explained by the Classic Movie Independence Day
In a highly technical world where we are all more connected everyday, the opportunity for cybersecurity risks, threats and vulnerabilities facing organizations are growing daily and at an almost exponential rate.29 June 2020
Open-Minded Approaches to Addressing the Cybersecurity Skills Gap
It is more important than ever that organizations become creative in their approaches to addressing under-resourced security staffs. If you look at ISACA’s State of Cybersecurity 2020 report, which predates COVID-19, 62% of companies are understaffed and 57% have unfilled security positions.26 June 2020
ISACA’s Risk IT Framework Offers a Structured Methodology for Enterprises to Manage Information and Technology Risk
Managing risk and opportunity, including information and technology (I&T) risk, is a key strategic activity for enterprise success—which is even more relevant today during this time of disruption. ISACA has released new editions of risk IT resources to help guide enterprises – Risk IT Framework, 2nd Edition and Risk IT Practitioner Guide, 2nd Edition.25 June 2020
Risk IT Revitalized
I had the privilege of being on the task force that created the original version of ISACA’s Risk IT Framework several years ago. At the time, I felt Risk IT was an important contribution to the profession...25 June 2020
NIST and COBIT: Working in Harmony for More Reliable and Secure Technology
The events of 2020 have shown us, more than ever before, how profoundly circumstances can change, seemingly in a moment. Information and technology are constantly on the move, and we have seen technology revolutions on every front, from mobile devices to changing office environments – even in our spacecraft!24 June 2020
#IamISACA: Never Too Late to Start a New Dream
In 1984, when I was 16 years old, I had the opportunity to take computer science as an additional school subject. The classes were presented after regular school hours, and this opportunity opened up the new world of computers to me.24 June 2020
#IamISACA: IT Leader By Day, Belly Dancer By Night
I took up belly dancing at the same time I started preparing for my CISA exam 16 years ago. It is great exercise, and concentrating on the music and the movements takes my mind completely off the problems and stressful decisions that I face in my daily work as the leader of a big team of highly skilled IT auditors.24 June 2020
COVID-19 Underscores Value of Resilient Supply Chains
My supply chain focus started when I was the vice president controller for a shoe retailer in the US, and we were hit with an unexpected new tariff on our Chinese products for a piece of metal that was used to keep the holes in place for shoelaces to go through.23 June 2020
ISACA Outlines How to Strengthen Enterprise Supply Chain Resiliency During the Pandemic and Beyond
A new white paper from ISACA, Supply Chain Resilience and Continuity: Closing Gaps Exposed in a Global Pandemic, offers approaches that enterprises can implement to increase the resiliency of their own supply chain—during the current pandemic and potential similar future crises.22 June 2020