Enterprises that effectively govern their information technology achieve their IT and business goals more frequently, according to a new study of 538 organizations worldwide. Commissioned by ISACA and conducted by the IT Alignment and Governance Research Institute, the study examined the business outcomes of implementing the COBIT and Val IT frameworks.
Results of the study are published in Building the Business Case for COBIT and Val IT: Executive Briefing, available as a free download at www.isaca.org/downloads.
“The study revealed a strong relationship between the implementation of COBIT and Val IT processes and the achievement of IT goals—and a strong relationship between the achievement of IT goals and the achievement of business goals,” said Wim Van Grembergen, co-author of the report and professor at the University of Antwerp and the University of Antwerp Management School. “As a result, a strong business case exists that shows the benefits enterprises achieve when using COBIT and Val IT.”
The survey also identified which COBIT and Val IT processes are most frequently—and fully—implemented.
“The results show that enterprises are still focusing more on operational issues—implementation, delivery and support—than on the equally important planning and monitoring issues, indicating that there is room for improvement,” said Steven De Haes, also a co-author of the report and professor at the University of Antwerp and University of Antwerp Management School.
According to respondents, most of the top five most fully implemented COBIT processes at organizations around the world are in the Deliver and Support (DS) domain, with one each in the Acquire and Implement (AI) and the Monitor and Evaluate (ME) domains:
1. Manage the physical environment. (DS12)
2. Manage service desk and incidents. (DS8)
3. Acquire and maintain technology infrastructure. (AI3)
4. Ensure systems security. (DS5)
5. Ensure compliance with external requirements. (ME3)
While many similar findings existed among regions, some key differences were identified. European organizations, for instance, reported a fuller implementation status than most North American and Asian enterprises, particularly for P09 Assess and manage IT risks. This finding is likely due to the impact of regulatory requirements such as Basel II. North America reported the highest implementation score for ME2 Monitor and evaluate internal control—likely due to the Sarbanes-Oxley Act. Asia outperformed other regions for AI1 Identify automated solutions, which is most likely explained by the presence of many outsourced service providers that develop systems.
A complimentary download of COBIT, a globally accepted set of tools that ensures IT is working as effectively as possible to minimize IT-related risks and maximize controls, is available at www.isaca.org/cobit. Val IT, a comprehensive collection of proven management practices and techniques for investment in business change and innovation, is available as a free download at www.isaca.org/valit.
About ISACA
With more than 86,000 constituents in more than 160 countries, ISACA® (www.isaca.org) is a leading global provider of knowledge, certifications, community, advocacy and education on information systems assurance and security, enterprise governance of IT, and IT-related risk and compliance. Founded in 1969, ISACA sponsors international conferences, publishes the ISACA® Journal, and develops international information systems auditing and control standards. It also administers the globally respected Certified Information Systems Auditor™ (CISA®), Certified Information Security Manager® (CISM®) and Certified in the Governance of Enterprise IT® (CGEIT®) designations.
ISACA developed and continually updates the COBIT®, Val IT™ and Risk IT frameworks, which help IT professionals and enterprise leaders fulfill their IT governance responsibilities and deliver value to the business.
Contact:
Kristen Kessinger, +1.847.660.5512, kkessinger@isaca.org
Deborah Vohasek, +1.847.660.5566, dvohasek@isaca.org
Joanne Duffer, +1.847.660.5564, jduffer@isaca.org
Monday, June 29, 2009
New ISACA Survey Shows Strong Business Case for Implementing IT Governance Frameworks
Rolling Meadows, IL, USA (25 June 2009)—
Friday, June 19, 2009
New ISACA Guide Helps Organizations Manage Application Controls
Rolling Meadows, IL, USA (18 June 2009)—
Virtually every aspect of day-to-day business activity is dependent on timely, accurate and reliable information—information that is generated, processed, accumulated, stored and reported by automated information systems. Because this information is so critical, it is essential for risks in the underlying application systems that process the information to be managed and controlled.
COBIT and Application Controls, a new guide from the nonprofit IT assurance, security and governance association ISACA, helps business and IT managers, IT developers, and internal and external auditors implement and manage application controls.
The publication is structured based on the life cycle of application systems—from defining requirements through providing assurance on application controls. The concepts presented apply to both new and existing legacy application systems. The book also offers guidance on:
· The definition and nature of application controls (addressing the six application controls discussed in COBIT)
· The design and operation of application controls
· Relationships and dependencies that application controls have with other controls, such as IT general controls
·
The responsibilities of business and IT management
“While IT application controls have always been important, the rise in related legislation around the world has given them even more prominence in all enterprises,” said Gary Hardy, a developer of the ISACA publication. “COBIT, which was developed and is continually updated by ISACA, is based on industry standards and best practices and enables enterprises to reduce IT-related risks, increase confidence in the information provided by IT and help manage compliance. This publication builds on the globally respected COBIT framework by providing practical direction for effective application controls.”
COBIT and Application Controls is available as a free download for ISACA members at www.isaca.org/downloads. Nonmembers can purchase a PDF for US $55 from the ISACA Bookstore (www.isaca.org/bookstore). Print copies are US $35 for members and US $75 for nonmembers.
About ISACA
With more than 86,000 constituents in more than 160 countries, ISACA® (www.isaca.org) is a leading global provider of knowledge, certifications, community, advocacy and education on information systems assurance and security, enterprise governance of IT, and IT-related risk and compliance. Founded in 1969, ISACA sponsors international conferences, publishes the ISACA® Journal, and develops international information systems auditing and control standards. It also administers the globally respected Certified Information Systems Auditor™ (CISA®), Certified Information Security Manager® (CISM®) and Certified in the Governance of Enterprise IT® (CGEIT®) designations.
ISACA developed and continually updates the COBIT®, Val IT™ and Risk IT frameworks, which help IT professionals and enterprise leaders fulfill their IT governance responsibilities and deliver value to the business.
Contact:
Kristen Kessinger, +1.847.660.5512, kkessinger@isaca.org
Deborah Vohasek, +1.847.660.5566, dvohasek@isaca.org
Joanne Duffer, +1.847.660.5564, jduffer@isaca.org
Virtually every aspect of day-to-day business activity is dependent on timely, accurate and reliable information—information that is generated, processed, accumulated, stored and reported by automated information systems. Because this information is so critical, it is essential for risks in the underlying application systems that process the information to be managed and controlled.
COBIT and Application Controls, a new guide from the nonprofit IT assurance, security and governance association ISACA, helps business and IT managers, IT developers, and internal and external auditors implement and manage application controls.
The publication is structured based on the life cycle of application systems—from defining requirements through providing assurance on application controls. The concepts presented apply to both new and existing legacy application systems. The book also offers guidance on:
· The definition and nature of application controls (addressing the six application controls discussed in COBIT)
· The design and operation of application controls
· Relationships and dependencies that application controls have with other controls, such as IT general controls
·
The responsibilities of business and IT management
“While IT application controls have always been important, the rise in related legislation around the world has given them even more prominence in all enterprises,” said Gary Hardy, a developer of the ISACA publication. “COBIT, which was developed and is continually updated by ISACA, is based on industry standards and best practices and enables enterprises to reduce IT-related risks, increase confidence in the information provided by IT and help manage compliance. This publication builds on the globally respected COBIT framework by providing practical direction for effective application controls.”
COBIT and Application Controls is available as a free download for ISACA members at www.isaca.org/downloads. Nonmembers can purchase a PDF for US $55 from the ISACA Bookstore (www.isaca.org/bookstore). Print copies are US $35 for members and US $75 for nonmembers.
About ISACA
With more than 86,000 constituents in more than 160 countries, ISACA® (www.isaca.org) is a leading global provider of knowledge, certifications, community, advocacy and education on information systems assurance and security, enterprise governance of IT, and IT-related risk and compliance. Founded in 1969, ISACA sponsors international conferences, publishes the ISACA® Journal, and develops international information systems auditing and control standards. It also administers the globally respected Certified Information Systems Auditor™ (CISA®), Certified Information Security Manager® (CISM®) and Certified in the Governance of Enterprise IT® (CGEIT®) designations.
ISACA developed and continually updates the COBIT®, Val IT™ and Risk IT frameworks, which help IT professionals and enterprise leaders fulfill their IT governance responsibilities and deliver value to the business.
Contact:
Kristen Kessinger, +1.847.660.5512, kkessinger@isaca.org
Deborah Vohasek, +1.847.660.5566, dvohasek@isaca.org
Joanne Duffer, +1.847.660.5564, jduffer@isaca.org
Monday, June 8, 2009
ISACA’s CISA Certification Earns 2009 SC Magazine Award for Best Professional Certification Program
Rolling Meadows, IL, USA (23 April 2009)—
ISACA, a nonprofit association serving more than 86,000 IT governance professionals in 160 countries, has been recognized with an SC Magazine 2009 Professional Award. ISACA’s Certified Information Systems Auditor (CISA) designation was selected as the winner of the Best Professional Certification Program, and its Certified Information Security Manager (CISM) certification was named a finalist.
The award, which recognizes ISACA’s outstanding achievement in IT security, was presented Tuesday at the exclusive SC Awards Gala, held in conjunction with the annual RSA Conference in San Francisco, California, USA.
The CISA certification has been earned by more than 60,000 professionals since its inception in 1978. It is recognized internationally as the global standard for IS audit, control and security professionals. CISM, introduced in 2002, has been earned by more than 10,000 professionals.
“We are honored that ISACA’s commitment to the information security field has been recognized by SC Magazine’s distinguished award program,” said Lynn Lawton, CISA, FBCS CITP, FCA, FIIA. “The CISA and CISM designations are based on real-world professional experience and are highly regarded by employers and information security professionals seeking to advance their careers.”
ISACA’s CISA and other 2009 Professional Awards winners were chosen by a panel of 22 judges from major corporations and public-sector organizations that were hand-picked by SC Magazine’s editorial team for their breadth of knowledge and experience in the information security industry. The awards highlight and showcase the best solutions, services and professionals, while recognizing achievement and technical excellence in the information security industry. With almost 700 entries submitted in 30 categories, the 2009 SC Awards were the most competitive yet in the program’s 12-year history.
“ISACA represents one of the industry’s beacons of leadership, and the 2009 SC Awards judges have given it this high distinction for its innovative contributions to IT security over the past year,” said Illena Armstrong, editor in chief, SC Magazine.
For more information and a detailed list of categories and winners, please visit www.scmagazineus.com/awards. Additional information on ISACA’s CISA and CISM certifications, as well as the new Certified in the Governance of Enterprise IT (CGEIT) designation, is available at www.isaca.org/certification.
ISACA
With more than 86,000 constituents in more than 160 countries, ISACA (http://www.isaca.org/) is a recognized worldwide leader in IT governance, control, security and assurance. Founded in 1969, ISACA sponsors international conferences, publishes the ISACA Journal, and develops international information systems auditing and control standards. It also administers the globally respected Certified Information Systems Auditor (CISA) designation, earned by more than 60,000 professionals since 1978; the Certified Information Security Manager (CISM) designation, earned by more than 10,000 professionals since 2002; and the new Certified in the Governance of Enterprise IT (CGEIT) designation.
About SC Magazine
SC Magazine provides IT security professionals with in-depth and unbiased information through timely news, comprehensive analysis, cutting-edge features, contributions from thought-leaders and the best, most extensive collection of product reviews in the business. By offering a consolidated view of IT security through independent product tests and well-researched editorial content that provides the contextual backdrop for how these IT security tools will address larger demands put on businesses today, SC Magazine enables IT security pros to make the right security decisions for their companies. The brand’s portfolio includes the SC Awards, SC Directory, SC Magazine Newswire and SC World Congress.
Contact:
Kristen Kessinger, +1.847.660.5512, kkessinger@isaca.org
Deborah Vohasek, +1.847.660.5566, dvohasek@isaca.org
Joanne Duffer, +1.847.660.5564, jduffer@isaca.org
ISACA3701 Algonquin Road, Suite 1010Rolling Meadows, IL 60008USA
ISACA, a nonprofit association serving more than 86,000 IT governance professionals in 160 countries, has been recognized with an SC Magazine 2009 Professional Award. ISACA’s Certified Information Systems Auditor (CISA) designation was selected as the winner of the Best Professional Certification Program, and its Certified Information Security Manager (CISM) certification was named a finalist.
The award, which recognizes ISACA’s outstanding achievement in IT security, was presented Tuesday at the exclusive SC Awards Gala, held in conjunction with the annual RSA Conference in San Francisco, California, USA.
The CISA certification has been earned by more than 60,000 professionals since its inception in 1978. It is recognized internationally as the global standard for IS audit, control and security professionals. CISM, introduced in 2002, has been earned by more than 10,000 professionals.
“We are honored that ISACA’s commitment to the information security field has been recognized by SC Magazine’s distinguished award program,” said Lynn Lawton, CISA, FBCS CITP, FCA, FIIA. “The CISA and CISM designations are based on real-world professional experience and are highly regarded by employers and information security professionals seeking to advance their careers.”
ISACA’s CISA and other 2009 Professional Awards winners were chosen by a panel of 22 judges from major corporations and public-sector organizations that were hand-picked by SC Magazine’s editorial team for their breadth of knowledge and experience in the information security industry. The awards highlight and showcase the best solutions, services and professionals, while recognizing achievement and technical excellence in the information security industry. With almost 700 entries submitted in 30 categories, the 2009 SC Awards were the most competitive yet in the program’s 12-year history.
“ISACA represents one of the industry’s beacons of leadership, and the 2009 SC Awards judges have given it this high distinction for its innovative contributions to IT security over the past year,” said Illena Armstrong, editor in chief, SC Magazine.
For more information and a detailed list of categories and winners, please visit www.scmagazineus.com/awards. Additional information on ISACA’s CISA and CISM certifications, as well as the new Certified in the Governance of Enterprise IT (CGEIT) designation, is available at www.isaca.org/certification.
ISACA
With more than 86,000 constituents in more than 160 countries, ISACA (http://www.isaca.org/) is a recognized worldwide leader in IT governance, control, security and assurance. Founded in 1969, ISACA sponsors international conferences, publishes the ISACA Journal, and develops international information systems auditing and control standards. It also administers the globally respected Certified Information Systems Auditor (CISA) designation, earned by more than 60,000 professionals since 1978; the Certified Information Security Manager (CISM) designation, earned by more than 10,000 professionals since 2002; and the new Certified in the Governance of Enterprise IT (CGEIT) designation.
About SC Magazine
SC Magazine provides IT security professionals with in-depth and unbiased information through timely news, comprehensive analysis, cutting-edge features, contributions from thought-leaders and the best, most extensive collection of product reviews in the business. By offering a consolidated view of IT security through independent product tests and well-researched editorial content that provides the contextual backdrop for how these IT security tools will address larger demands put on businesses today, SC Magazine enables IT security pros to make the right security decisions for their companies. The brand’s portfolio includes the SC Awards, SC Directory, SC Magazine Newswire and SC World Congress.
Contact:
Kristen Kessinger, +1.847.660.5512, kkessinger@isaca.org
Deborah Vohasek, +1.847.660.5566, dvohasek@isaca.org
Joanne Duffer, +1.847.660.5564, jduffer@isaca.org
ISACA3701 Algonquin Road, Suite 1010Rolling Meadows, IL 60008USA
3,000 Professionals Earn ISACA’s New CGEIT Certification
Rolling Meadows, Illinois, USA (23 April 2009)—
Established in late 2007, ISACA’s Certified in the Governance of Enterprise IT (CGEIT) credential has already been earned by 3,000 professionals.
The CGEIT certification is awarded to those who meet stringent requirements, which include passing the exam and providing proof of experience, or being accepted through the grandfathering provision, which ended in December. The first CGEIT exam was administered in December 2008, and the 2009 CGEIT exams will be held on 13 June and 12 December.
“ISACA has experienced overwhelming demand for the new CGEIT certification,” said Howard Nicholson, chair of the CGEIT Certification Board. “It is clear that governance of enterprise IT is a top-of-mind issue and that a credential indicating experience in that area is in great demand by professionals who want to further set themselves apart and provide valuable contributions to their businesses.”
ISACA, a nonprofit professional association serving more than 86,000 IT governance professionals worldwide, established the CGEIT certification to recognize those who have the professional knowledge, skills and business experience to maximize information technology’s (IT’s) contribution to an enterprise’s success, and manage and mitigate risks posed by IT.
The CGEIT certification helps:
· Support the growing business demands related to IT governance
· Increase the awareness and importance of IT governance good practices and issues
· Define the roles and responsibilities of the professionals performing IT governance work
The CGEIT designation is the third certification offered by ISACA. In 1978, ISACA established the Certified Information Systems Auditor (CISA) designation, which has been earned by more than 60,000 professionals since inception. In 2002, the CISM certification was introduced. It has since been earned by more than 10,000 professionals. Both designations are accredited by the American National Standards Institute (ANSI) under ISO/IEC 17024:2003 and are consistently rated among the highest-value certifications by independent consultancy Foote Partners LLC. Additional information on all three of the certifications is available at www.isaca.org/certification.
About ISACA
With more than 86,000 constituents in more than 160 countries, ISACA (http://www.isaca.org/) is a recognized worldwide leader in IT governance, control, security and assurance. Founded in 1969, ISACA sponsors international conferences, publishes the ISACA Journal, and develops international information systems auditing and control standards. It also administers the globally respected CISA, CISM and CGEIT certifications.
Contact:
Kristen Kessinger, +1.847.660.5512, kkessinger@isaca.org
Deborah Vohasek, +1.847.660.5566, dvohasek@isaca.org
Joanne Duffer, +1.847.660.5564, jduffer@isaca.org
Established in late 2007, ISACA’s Certified in the Governance of Enterprise IT (CGEIT) credential has already been earned by 3,000 professionals.
The CGEIT certification is awarded to those who meet stringent requirements, which include passing the exam and providing proof of experience, or being accepted through the grandfathering provision, which ended in December. The first CGEIT exam was administered in December 2008, and the 2009 CGEIT exams will be held on 13 June and 12 December.
“ISACA has experienced overwhelming demand for the new CGEIT certification,” said Howard Nicholson, chair of the CGEIT Certification Board. “It is clear that governance of enterprise IT is a top-of-mind issue and that a credential indicating experience in that area is in great demand by professionals who want to further set themselves apart and provide valuable contributions to their businesses.”
ISACA, a nonprofit professional association serving more than 86,000 IT governance professionals worldwide, established the CGEIT certification to recognize those who have the professional knowledge, skills and business experience to maximize information technology’s (IT’s) contribution to an enterprise’s success, and manage and mitigate risks posed by IT.
The CGEIT certification helps:
· Support the growing business demands related to IT governance
· Increase the awareness and importance of IT governance good practices and issues
· Define the roles and responsibilities of the professionals performing IT governance work
The CGEIT designation is the third certification offered by ISACA. In 1978, ISACA established the Certified Information Systems Auditor (CISA) designation, which has been earned by more than 60,000 professionals since inception. In 2002, the CISM certification was introduced. It has since been earned by more than 10,000 professionals. Both designations are accredited by the American National Standards Institute (ANSI) under ISO/IEC 17024:2003 and are consistently rated among the highest-value certifications by independent consultancy Foote Partners LLC. Additional information on all three of the certifications is available at www.isaca.org/certification.
About ISACA
With more than 86,000 constituents in more than 160 countries, ISACA (http://www.isaca.org/) is a recognized worldwide leader in IT governance, control, security and assurance. Founded in 1969, ISACA sponsors international conferences, publishes the ISACA Journal, and develops international information systems auditing and control standards. It also administers the globally respected CISA, CISM and CGEIT certifications.
Contact:
Kristen Kessinger, +1.847.660.5512, kkessinger@isaca.org
Deborah Vohasek, +1.847.660.5566, dvohasek@isaca.org
Joanne Duffer, +1.847.660.5564, jduffer@isaca.org
Subscribe to:
Posts (Atom)
ISACA®.org
Posts
