isaca global leadership conference update l.
Skip this Video
Loading SlideShow in 5 Seconds..
ISACA Global Leadership Conference Update PowerPoint Presentation
Download Presentation
ISACA Global Leadership Conference Update

Loading in 2 Seconds...

play fullscreen
1 / 37

ISACA Global Leadership Conference Update - PowerPoint PPT Presentation

  • Uploaded on

ISACA Global Leadership Conference Update. ISACA Lietuvos skyriaus gegužės mėn. susitikimas Henrikas Šavela, Pirmininko pavaduotojas Aušra Gustainienė, Narystės direktorė 2011.05.25. Agenda. ISACA Statistics ISACA Hosted Chapter websites CobIT5 Update ISACA Certifications overview

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'ISACA Global Leadership Conference Update' - albert

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
isaca global leadership conference update

ISACA Global Leadership Conference Update

ISACA Lietuvos skyriaus gegužės mėn. susitikimas

Henrikas Šavela, Pirmininko pavaduotojas

Aušra Gustainienė, Narystės direktorė


  • ISACA Statistics
  • ISACA Hosted Chapter websites
  • CobIT5 Update
  • ISACA Certifications overview
  • Research Deliverables
isaca organization
ISACA Organization
  • 191 chapters
  • 79 countries, 6 continents
  • 2,000+ chapter leaders
  • Together we touch >85,000 members
regional breakdown
Regional Breakdown

Five geographic regions around the world







As of 1 February 2011

web site development
Web site development
  • Lithuanian chapter in Phase x?
  • Latvia chapter participated in Phase x? – will gladly share experience, especially in making “localizing” website.
  • ISACA offers:
    • Training manual
    • Short tutorial videos (2-3 minutes each)
    • 9 Topics/tasks
    • Available 24/7
cobit 5 objectives
COBIT 5 Objectives
  • The initiative charge from the Board of Directors is to “tie together and reinforce all ISACA knowledge assets with COBIT.”

COBIT 5 will:

  • Provide a renewed and authoritative governance and management framework for enterprise information and related technology, building on the current widely recognized and accepted COBIT framework, linking together and reinforcing all other major ISACA frameworks and guidance such as:

Val IT Risk IT


Board Briefing Taking Governance Forward

  • Connect to other major frameworks and standards in the marketplace (ITIL, ISO standards, etc.)

© 2010 ISACA. All rights reserved. 11

what will be delivered
What Will Be Delivered?
  • An enterprisewide, “end-to-end” framework addressing governance and management of information and related technology.
  • The framework structure will include familiar components such as a domain/process model and other components such as governance/ management practices, RACI charts and inputs/ outputs.
  • An initial COBIT 5 product architecture, specifying which types of “products” and other “guidance” that could be developed for specific IT professional audiences (e.g., assurance, security, risk) in support of enterprise business needs.

© 2010 ISACA. All rights reserved. 12

draft framework
Draft Framework
  • A work in progress today
potential products
Potential Products
  • A work in progress today
other guidance options
Other Guidance Options

The COBIT 5 product architecture will also contain practitioner guidance designed to support specific business requirements, the needs of ISACA constituent groups, specific content topic development and reference to the COBIT framework and specific framework as necessary. Such guidance could include:

  • Getting Started Guides
  • Mappings
  • Surveys and Benchmarks
  • Implementation Guides
key messages for it professionals
Key Messages for IT Professionals
  • IT Professionals in assurance, security governance, risk and control roles
      • COBIT 5 is builds and expands on COBIT 4.1
      • COBIT 5 will include the scope of Val IT and Risk IT within a single framework—current users will have more robust functionality with better integration (also integrating BMIS and ITAF)
      • Enterprise leadership needs to champion effective governance and management of enterprise IT—COBIT can help.
time plan
Time Plan
  • Plan the initiative and obtain necessary approvals
  • Design the overarching COBIT 5.0 framework and validate the design with
  • the market
    • Design draft document Public Exposure, April 2010
    • Design workshop, May 2010
    • Finalize the overarching COBIT 5.0 framework design, May - July 2010
  • Develop the contents for the overarching COBIT 5.0 framework publication
    • Development workshops, summer 2010
    • Subject Matter Expert content reviews, October 2010 – April 2011 (including an exposure draft of the full publication)
    • Public exposure of draft framework, June – July 2011
    • Finalize the overarching COBIT 5.0 framework development, July – August 2011
  • Prepare the developed materials for publication, post September 2011

COBIT 5 News

  • As the initiative progresses throughout 2010 and 2011 there will be periodic updates provided:
    • On the ISACA web site,
    • In the COBIT Focus newsletter
    • In other ISACA membership communications, events, marketing materials and PR activities
  • Watch these spaces for more news!
certifications overview
Certifications Overview

Established 1978

65,000 certifications awarded

SC Magazine 2009 Best Professional Certification Program awardANSI Accredited as compliant to ISO/IEC 17024:2003

Established 2002

65,000 certifications awarded

Finalist SC Magazine 2009 & 2010 Best Professional Certification ProgramANSI Accredited as compliant to ISO/IEC 17024:2003

Established 2007

65,000 certifications awarded

Established 2010

Finished Grandfathering Phase (April 2010 - March 2011)

First exam December 2011

certification summary
Certification Summary


CRISC – operational level to mitigate risk

CGEIT – significant management, advisory or assurance role


CRISC – design, implement and maintain IS controls

CISA – perform independent reviews of controls


CRISC – encompass security, operational and compliance

CISM – manage, design, oversee and/or assess Inf. Security

crisc grandfathering
CRISC - Grandfathering

CRISC grandfathering application deadline extended to 30 June 2011!


8 years of IT or business experience

6 years of experience across all domains with a minimum of 3 years experience in risk- related domains

Compliance with the:

CRISC Continuing Education Policy

ISACA Code of Professional Ethics


Research Deliverables
  • The Guidance & Practices Committee(GPC) is responsible for developingpractical and pragmatic guidance forISACA’s constituents related to ISACA’sframeworks, emerging technologies andother issues that are relevant to members
top technology business issue survey report
Top Technology & Business IssueSurvey Report
  • The survey identified seven top issues among ISACA’smembers:

1. Regulatory Compliance

2. Enterprise based IT Management and IT Governance

3. Information Security Management

4. Disaster Recovery / Business Continuity

5. Challenges of managing IT Risks

6. Vulnerability Management

7. Continuous Process Improvement / Business Agility

gpc deliverables26
GPC Deliverables
  • The GPC is addressing the areas identifiedin this survey (among others) with practicalguidance in the form of:

1. White Papers

2. Audit programs

3. Books

4. Presentations at Conferences

5. Vision Series

gpc deliverables28
GPC Deliverables
  • Implementing and Continually Improving ITGovernance
    • Available for download for members, purchase for all
    • Tool kit zip files for ISACA members now contain 22supporting documents in various formats including anExcel Process Maturity Tool based on the COBITmaturity model and designed to provide practicalsupport for its use, highlighting the need to addressIT governance, perform a gap analysis and identifyareas to mature.
gpc deliverables29
GPC Deliverables
  • Security, Audit and Control Features OracleDatabase, 3rd Edition
    • Focuses on the attributes and incrementalfunctionality in the most recent Oracle relationaldatabase management system (RDBMS) softwarereleases 10g and 11g (with focus on 11g).
    • Audit / assurance program and internal controlquestionnaire available as a download to members at
gpc deliverables30
GPC Deliverables
  • Monitoring of Internal Controls and IT
    • Expands the 2009 COSO Guidance on Monitoringof Internal Controls by bringing emphasis to themonitoring of application and IT general controlsand discussing the use of automation (tools) forincreased efficiency and effectiveness ofmonitoring processes
    • Available free to members
guidance and p ractices whitepapers
Guidance and PracticesWhitepapers
  • The Guidance and Practices Committee hasdeveloped 10 white papers:
    • Cloud Computing: Business Benefits withSecurity, Assurance and GovernancePerspectives
    • Securing Mobile Devices
    • Data Loss Prevention (DLP)
    • New Service Auditor Standard that is ReplacingSAS70
    • Social Media
    • E-Commerce and Consumer Retailing: Risks andBenefits
    • Electronic Discovery
    • Security Information and Event Management(SIEM): Business Benefits and Security,Assurance and Governance Perspectives
    • Virtualization: Benefits and Challenges
    • Sustainability
guidance and practices whitepapers
Guidance andPracticesWhitepapers
  • Currently there are five more papers indevelopment:
    • XBRL
    • Geolocation
    • Secure Web Coding
    • Data Analytics
    • Business Continuity Mangement
guidance and practices cloud projects
Guidance and PracticesCloud Projects
  • IT Control Objectives for Cloud Computing– June 2011
  • Guiding Principles for Cloud Computing
  • Enterprise Governance of IT for CloudComputing
  • Cloud Vision Series
  • Continued white papers and auditprograms
klausimai diskusijai
Klausimai diskusijai
  • Kokia kryptimi ISACA Lietuvos skyrius turėtų eiti?
    • ISACA Lietuva narių ir sertifikuotų narių skaičiaus didinimo?
    • Į sertifikatų ir narystės bei aktyvaus dalyvavimo ISACA Lietuvos skyriaus veikloje vertės kūrimą darbdavio akimis?
  • Kokią papildomą naudą ISACA Lietuvos skyrius galėtų suteikti nariams?