1 / 83

ISACA UPDATE

Presented By: Brian O’Brien, CISA Melissa Justice, CISA Jotham Nyamari Board Members of the Central Ohio ISACA Chapter. ISACA UPDATE. Central Ohio Chapter Goals Educational Programs Local Training Opportunities Professional Networking. Central Ohio Happenings.

Thomas
Download Presentation

ISACA UPDATE

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Presented By: Brian O’Brien, CISA Melissa Justice, CISA Jotham Nyamari Board Members of the Central Ohio ISACA Chapter ISACA UPDATE

  2. Central Ohio Chapter Goals Educational Programs Local Training Opportunities Professional Networking

  3. Central Ohio Happenings • Monthly luncheons on 2nd Thursday of month. • Board meets monthly (10 CPEs for chapter involvement). • Two (fall and spring) training seminars per year. • Oracle Database Auditing on October 28-29. • CISA / CISM Training Courses. • Local Job Postings. • Website / Newsletter ($35 per month). • Golf outing. • Just occurred in August. • Holiday Party / Beulah Park. • Scheduled for Saturday, November 1st. • Student Reduced Fees.

  4. Central Ohio Chapter Who’s Who?

  5. International Update

  6. Membership Benefits • Membership • K-NET • COBIT • Val IT • ITAF • Publication • Knowledge • Community of Peers • Downloads • Career Center Access to ISACA International’s website: http://www.isaca.org

  7. Membership • Total ISACA membership worldwide: 77,093

  8. K-NET • ISACA’s Knowledge Network • Online database • Peer reviewed • More than 6,000 links • Member access to 200+ topics in 13 subject areas • Fully searchable • Personalized tracking www.isaca.org/knet

  9. COBIT • COBIT 4.1 • COBIT Online • COBIT Quickstart • COBIT Foundation Course COBIT Family of Products www.isaca.org/cobit

  10. COBIT • IT Assurance Guide: Using COBIT • IT Governance Implementation Guide: Using COBIT and Val IT, 2nd Edition • COBIT Security Baseline COBIT Downloads www.isaca.org/downloads

  11. COBIT® Foundation Course • Case Studies • Real-world Examples • Overview of COBIT Control Objectives, Control Practices, Management Guidelines, and Audit Guidelines • 40 Sample Questions to Prepare for COBIT Foundation Exam • 8 Hours; $499

  12. COBIT® Foundation Course Consists of 5 Modules: • Responding to IT Challenges • Introducing COBIT • What COBIT Provides • Applying COBIT in Practice • Products and Support Available from ITGI

  13. Val IT Provides guidance to: • Define relationships between IT and other functions with governance responsibilities • Manage an organization’s portfolio of IT investments • Maximize the quality of business cases for IT investments www.isaca.org/valit

  14. ITAF New! • ITAFTM: A Professional Practices Framework for IT Assurance • Provides guidance on the design, conduct and reporting of IT audit and assurance assignments • Defines terms and concepts specific to IT assurance • Establishes standards that address IT audit and assurance professional roles and responsibilities, knowledge, skills and diligence, conduct, and reporting requirements www.isaca.org/downloads

  15. Publications • Information Systems Control Journal • Print and online versions • www.isaca.org/journal • Journal Online • Articles that supplement the journal • Online only • www.isaca.org/JOnline • Global Communiqué • Member newsletter • Online only • www.isaca.org/gcomm

  16. Knowledge • ISACA Bookstore Discounts • Listservs Discussion Forums • Sarbanes-Oxley • COBIT • IT Governance • Information Security Management • General Topics www.isaca.org/bookstore

  17. Community of Peers The Local Level: Your Chapter • Why you should get involved: • More than 170 chapters in 140 countries • Leadership opportunities • Networking • Professional growth • Positive impact on the local business community www.isaca.org/chapters

  18. Community of Peers The International Level: ISACA/ITGI • Why you should get involved: • Impressive global network of peer contacts • Shared expertise and learning • A personal role in the future of the association, as well as the IT assurance, security and governance professions. www.isaca.org/leadership

  19. Downloads • Standards, Statements and Guidelines for IS audit and control • Audit Programs and Internal Control Questionnaires on more than 20 topics • IT Governance Institute research documents and presentations • Free ITGI research publication downloads including: • COBIT Security Baseline • Securing the Network Perimeter

  20. Career Centre • ISACA Members Can Search for Jobs by • Geography • Professional Certification • Experience Level • ISACA Members Can Store Resume or/and Post for Employers • Receive E-mail When New Jobs Post

  21. Career Centre • Employers Can Post Jobs • 30 Day Listing for $295 • 60 Day Listing for $395 • Posting is Immediate • Employers Can Search Resumes http://jobs.isaca.org/

  22. Comprehensive Student Program • Reduction of student dues • $25 • New member fee waived • All benefits delivered electronically • Many chapters reduce or waive chapter dues for students • Student area of the web site • Student membership application • Eligibility and dues • Benefits of membership • IT Audit Basics articles

  23. Education Around the World

  24. CISA, CISM, and CGEIT Certifications

  25. CISA Certification Current Facts Certified the 60,000th CISA earlier this year More than 45,000 current CISAs A 2007 survey of ISACA members who hold the CISA designation revealed: 94% value their CISA certification 72% agreed that CISA has advanced their career

  26. Current CISAs by ISACA Geographical Area

  27. Current CISAs (more than 500) by Country 1,044 Australia 898 Germany 883 Singapore 870 Spain 597 China 541 South Africa

  28. Exam Registrations Past 12 Months CISA Exam Registration TOTAL Asia 11,700 C/S America 750 Europe/Africa 6,600 N. America 7,100 Oceania 300

  29. CISAs in the Workplace More than: 9,000 serve as IT audit practitioners 9,000 serve as IS/IT audit directors, managers, or hold senior positions 2,200 serve as chief audit executives (CAEs), audit partners or audit heads More than: 11,000 hold managerial or consulting positions in IT operations or compliance 3,800 serve as CIOs, CISOs, security directors, security managers 1,400 serve as the CEO or CFO of theirorganizations

  30. Recent CISA Program Recognition CIO Magazine, SC Magazine and Foote Partners research continually cite CISA as a credential that earns top pay compared with other credentials Certification Magazine’s 2007 salary survey ranked CISA in the top five highest paying certifications Salary for auditing certifications such as CISA continue to be boosted by compliance requirements and independent auditor control provisions

  31. Recent Significant CISA Certification Board Actions • Moved to Item Response Theory (IRT) method of classifying and selecting exam items, beginning with the June 2008 exam (see next slide) • Reduced the administrative exam to 170 items (graded) with additional blocks of 30 new items (ungraded) used to gather performance statistics

  32. Recent Significant CISA Certification Board Actions (continued) • Approved to discontinue any exam language that averages less than 100 candidates annually over any successive three-year period • Approved to allow a 1 year educational waiver for achievement of a Master’s degree in Information Systems or IT from an accredited university • Motion pending on approval of Polish as new CISA exam language

  33. Item Response Theory (IRT) method The IRT method of classifying exam items allows the CISA Certification Board to: • Accumulate better statistics on item performance • Score the exam more quickly • Select items to produce a desired level of difficulty • Move to computer-based testing in the future

  34. ANSI Accreditation The American National Standards Institute (ANSI) has awarded accreditation under ISO/IEC 17024 to the CISA certification program in 2005. Accreditation by ANSI signifies that ISACA’s procedures meet ANSI’s requirements for openness, balance, consensus and due process. Reaccredited in 2006 and 2007. Currently being assessed for 2008.

  35. CISA Preparation Related Education Activities • Updated CISA Review instructor-led-training (ILT) course provided to ISACA chapters • Updated topics and notes • Added a course training guide • Added 100 question sample exam (sorted by domain and scrambled) • Introduced new CISA Online Review Course • Serves both for exam preparation and as continuing professional education • Chapter incentive program offered • Converted sample questions on ISACA web site to on-line CISA self-assessment

  36. Item Writing Program • US$50 per accepted question • Earn 1 CPE hour for each accepted question • US$100 per accepted question offered when questions are accepted in areas of need for the exam Continuing Education • Did you know…Active participation on an ISACA and/or ITGI board, committee, task force or active participation as an officer of an ISACA chapter earns one continuing professional education hour for each hour of active participation. (10-hour annual limitation)

  37. CISM Certification Facts 9,145 CISM Certifications have been awarded since 2003 Currently there are more than 8,000 active CISM members of ISACA This year the total number of CISMs awarded will exceed 10,000

  38. Who are the CISMs? • Most CISMs are consultants (37%) or work in financial services (19%). • As expected most CISMs are directors(32%) or managers (22%). • 16% of CISMs have a “C” level title.

  39. Where CISMs Work • CISMs primarily work in large organizations (34%) with 15,000 or more employees. • 30% of CISMs manage organizations whose security staff is larger than 25 individuals. 61% work in organizations having a security staff larger than 5 individuals.

  40. Years of Professional Experience • A large number of CISMs have more than 14 years of professional experience (63%). 84% report having 10 or more years of experience.

  41. Geographic Representation Member CISMs by ISACA Region Asia Central / South America Europe / Africa North America Oceania 14.4% 3.4% 24.7% 54.2% 3.3%

  42. CISM Exam Registration by Region December 07 June 08 Total Asia 527 556 1083 Central South America 152 124 276 Europe Africa 686 801 1487 North America 825 838 1663 Oceania 64 65 129

  43. Countries with more than 40 CISM Exam Takers (June 08) Asia North America • India • Singapore • United Arab Emirates • Canada • USA Central / South America Oceania • Mexico • Australia Europe / Africa • Germany • Spain • Nigeria • United Kingdom

  44. CISM Languages June 08 This June the CISM Exam was offered in four languages. For the first time it was available in Korean. English Spanish Japanese Korean 90.7% 6.0% 3.0% 0.3%

  45. CISM in the News IT professionals who obtained ISACA's information security managers certification (CISM) are in a better position to deal with the growing emphasis on business needs over technology, according to a recent survey of more than 1,400 CISMs in 83 countries. (CSO Magazine) A report shows that formally certified security professionals on average are commanding about 10% to 15% higher salaries than noncertified individuals in comparable roles. Among the certification programs commanding the highest premiums were Certified Information Systems Auditor (CISA) and Certified Information Security Manager (CISM). (Computerworld) CISM was listed as the 2nd highest paid certification in Certification Magazine’s 2007 salary survey.

  46. Recent Significant CISM Certification Board Actions • Approved to certify professors who pass the CISM Exam and who have a minimum of 6 years experience in security management research and teaching.

  47. ANSI Accreditation The American National Standards Institute (ANSI) has awarded accreditation under ISO/IEC 17024 to the Certified Information Security Manager (CISM) in 2005. Accreditation by ANSI signifies that ISACA’s procedures meet ANSI’s essential requirements for openness, balance, consensus and due process. Reaccredited in 2006 and 2007. Currently being assessed for 2008.

  48. CISM Preparation Related Education Activities • Updated CISM Review instructor-led-training (ILT) course provided to ISACA chapters • Updated topics and notes • Added a course training guide • Added 100 question sample exam (sorted by domain and scrambled) • Recruited more than 100 CISM subject matter experts to participate in the development of the 2009 CISM Review Manual • Converted sample questions on ISACA web site to on-line CISM self-assessment

  49. CISM Preparation Related Education Activities • Modified the manner in which the CISM Questions, Answers and Explanations Manual and Supplement are developed to be more consistent with how the CISM Test Enhancement Committee develops questions • Recruited experienced CISM TEC members to participate in QAE development

More Related