ISACA Produces New Audit Program Based on NIST Framework Program details key processes and activities leading to successful cyber governance
Announcement posted by ICON International Communications 12 Jan 2017
Global business technology and information security association ISACA’s new audit program, based on the National Institute of Standards and Technology (NIST) Cybersecurity Framework, provides professionals and their enterprises key direction on cyber governance.
“Cybersecurity: Based on the NIST Cybersecurity Framework”, aligned with the COBIT 5 framework, is designed to provide management with an assessment of the effectiveness of its organisation’s cyber security identify, protect, detect, respond, and recover processes and activities. The program also covers asset management, awareness training, data security, resource planning, recovery planning and communications.
“This audit program based on the NIST framework offers detailed guidance that can provide enterprise leaders confidence in the effectiveness of their organisation’s cyber security governance, processes and controls,” said Christos Dimitriadis, Ph.D. CISA, CISM, CRISC, chair of ISACA’s Board of Directors and group director of Information Security for INTRALOT.
The program comes in an Excel spreadsheet. According to a supplementary overview, the primary security and control issues addressed in the program are:
· Protection of sensitive data and intellectual property
· Protection of networks to which multiple information resources are connected
· Responsibility and accountability for the device and information contained on it
In the Recover section, testing steps are provided to help organisations put in place recovery planning that ensures timely restoration of systems or assets affected by cyber security events.
The program is free to ISACA members and available for purchase to non-members for USD $45 (approx. AUD$60). It is among 14 audit/assurance programs offered by ISACA aligned with COBIT 5, the leading framework for the governance and management of enterprise IT.
ISACA audit programs have been developed and reviewed by audit/assurance professionals worldwide. They can be downloaded to allow customisation that fits varying work environments.
The NIST Cybersecurity Framework is used by a wide range of organisations. ISACA has previously issued guidance on how organisations can implement NIST.
About ISACA
ISACA® (isaca.org) helps professionals around the globe realise the positive potential of technology in an evolving digital world. By offering industry-leading knowledge, standards, credentialing and education, ISACA enables professionals to apply technology in ways that instill confidence, address threats, drive innovation and create positive momentum for their organisations. Established in 1969, ISACA is a global association with more than 140,000 members and certification holders in 187 countries. ISACA is the creator of the COBIT framework, which helps organisations effectively govern and manage their information and technology. Through its Cybersecurity Nexus (CSX), ISACA helps organisations develop skilled cyber workforces and enables individuals to grow and advance their cyber careers.
Twitter: https://twitter.com/ISACANews
LinkedIn: https://www.linkedin.com/company/isaca
Facebook: www.facebook.com/ISACAHQ
Contact:
Julie Fenwick, +61 468 901 655 JFenwick@iconinternational.com.au
Ellen McIver, +61 8235 7600, EMcIver@iconinternational.com.au