Senin, 12 Maret 2012

Information System Audit

ISACA is an international professional association that deals with IT Governance. It is an affiliate member of IFAC.Previously known as the Information Systems Audit and Control Association, ISACA now goes by its acronym only, to reflect the broad range of IT governance professionals it serves.

History

 The ISACA was founded in the USA in 1967, when a group of individuals with jobs auditing controls in the computer systems, which were becoming increasingly critical to the operations of their organizations, recognized the need for a centralized source of information and guidance in the field. In 1969, Stuart Tyrnauer, employed by the (then) Douglas Aircraft Company, incorporated the entity as the EDP Auditors Association, serving as its founding Chairman for the first three years. In 1976 the association formed an education foundation to undertake large-scale research efforts to expand the knowledge and value of the IT governance and control field.

Current status

 ISACA currently serves more than 95,000 constituents (members and professionals holding ISACA certifications) in more than 160 countries. The job titles of members are such as IS auditor, consultant, educator, IS security professional, regulator, chief information officer and internal auditor. They work in nearly all industry categories. There is a network of ISACA chapters with 170 chapters established in over 160 countries. Chapters provide education, resource sharing, advocacy, networking and other benefits.

Major publications

  • Standards, Guidelines and Procedures for information system auditing(Guideline co-developed with the International Federation of Accountants)
  • COBIT
  • Val IT (Getting best value from IT investments)
  • Risk IT
  • Information System Control Journal

Certifications

Certified Information Systems Auditor(CISA)

Certified Information Security Manager (CISM)

Certified in the Governance of Enterprise IT (CGEIT)

Certified in Risk and Information Systems Control (CRISC)

Certified in Risk and Information Systems Control (CRISC) is a certification for information technology professionals with experience in managing IT risks, awarded by ISACA. To gain this certification, candidates must pass a written examination and have at least eight years of information technology or business experience, with a minimum of three years work experience in at least three CRISC domains.
The intent of the certification is to provide a common body of knowledge for information technology / systems risk management, and to recognize the knowledge of enterprise and IT risk that a wide range of IT and Business practitioners have acquired, as well as the capability to: design, implement and maintain information system (IS) controls, to mitigate IS/IT risks.
The CRISC requires demonstrated knowledge in five functional areas or ‘’Domains’’ of IT risk management.
  • Risk Identification, Assessment and Evaluation
  • Risk Response
  • Risk Monitoring
  • Information Systems Control Design and Implementation
  • IS Control Monitoring and Maintenance
Diposting oleh di
Label:

Tidak ada komentar:

Posting Komentar

Langganan: Posting Komentar (Atom)