ISACA Seeks Public Comment on IS Audit and Assurance Standards

Business Wire

Tuesday, October 23rd 2012

ISACA is seeking public comment on a refresh of its IS Audit and Assurance Standards. The global association of 100,000 IT audit, security, risk and governance professionals has posted the exposure draft at www.isaca.org/standardexposure. Comments are accepted through 28 December 2012.

ISACA introduced its IT Audit and Assurance Standards in 1988. Now called the IS Audit and Assurance Standards, the refresh includes 17 standards that establish the mandatory requirements for an information systems (IS) audit and assurance professional to follow.

“The refreshed standards provide additional clarity to IS audit and assurance professionals by precisely stating the requirements of each standard, defining key terms used within each standard and enhancing their alignment with other global auditing standards,” said Krysten McCabe, CISA, director of ISACA and senior manager in the Assurance and Advisory Management Program at The Home Depot. “They also are fully integrated into the IT Assurance Framework (ITAF), which serves as a living reference framework that includes other ISACA tools and techniques, such as IS audit programs.”

ISACA’s Professional Standards Committee aims to have all standards and their associated guidelines updated, and exposed to public comment, by the end of 2013.

“The world of information systems is constantly evolving. Those who wish to gain assurance that their systems are working as anticipated must have trust in the standards that audit and assurance professionals are using to deliver that trust. Likewise, audit and assurance professionals need confidence that the guidelines that help them interpret and implement the standards are up to date and reflect changes in the world of information systems,” said Ian Sanderson, CISA, CRISC, FCA, specialist information systems auditor to the International Board of Auditors for NATO. “ISACA’s Professional Standards Committee is reviewing, refreshing and enhancing the IS Audit and Assurance Standards so that they continue to meet the needs and expectations of those placing trust in information systems and the professionals who deliver that trust.”

To comment on the standards visit www.isaca.org/standardexposure. For additional information on ITAF, visit www.isaca.org/itaf.

About ISACA

With 100,000 constituents in 180 countries, ISACA^® (www.isaca.org) is a global provider of knowledge, certifications, community, advocacy and education on information systems (IS) assurance and security, enterprise governance and management of IT, and IT-related risk and compliance. Founded in 1969, the nonprofit, independent ISACA hosts international conferences, publishes the ISACA^® Journal, and develops international IS auditing and control standards, which help ensure trust in, and value from, information systems. It also attests IT skills and knowledge through the Certified Information Systems Auditor^® (CISA^®), Certified Information Security Manager^® (CISM^®), Certified in the Governance of Enterprise IT^® (CGEIT^®) and Certified in Risk and Information Systems Control^™ (CRISC^™) designations. ISACA developed and continually updates COBIT, which helps IT professionals and enterprise leaders fulfill their IT governance and management responsibilities, and deliver value to the business.