Technical privacy certification just for you.
Receive a US$50-off voucher to use on ISACA publications, including exam prep materials, when you become a new ISACA member!
Get the training (and CPEs) you want, anywhere you want it, with ISACA’s online training solutions.
ISACA is Your Career
Make a name for yourself. Stand out. Grow. All with the support of your family at ISACA.
ISACA is Community
As a member you get more than just discounts, you get family. A family of like minds to share ideas successes and passion for the IT Audit, Risk, Security & Governance.
Membership & ChaptersBe one with a membership community more than 145,000 strong and growing every year. ISACA’s member network extends globally, and with over 220 local ISACA chapters around the world, meets you where you are. Become Our Community
Engage, Your Online CommunityBe a part of ISACA’s community. Gain the insights of like-minded professionals. Share your know-how, enthusiasm and volunteer spirit. Explore upcoming events. Engage with a world of people and exciting possibilities for professional and personal growth. Begin Engagement
ISACA is Enterprise
ISACA’s Enterprise Solutions not only builds stronger teams and organizations, we offer smart solutions — designed and delivered by certified experts!
Build your team’s know-how and skills with customized training
ISACA has been helping IS/IT professionals and the enterprises they serve for 50 years and counting. Our Corporate Training helps build team effectiveness and stakeholder confidence in enterprises worldwide.Start Training
Affirm your employees’ expertise, elevate stakeholder confidence
More than 200,000 practitioners and managers have earned ISACA certifications that affirm them among the world’s most trusted information systems and cybersecurity professionals.Certify your Team
Assess and improve your enterprise performance
Whether you’re talking about protecting your organization from growing cyber threats or ensuring a new medical device works optimally and safely—the best first step starts with self-assessment using ISACA®’s CMMI® Institute models.Assess your organization
Get ahead of the knowledge, skills, networking and career curve. Discover opportunities galore with all that’s new from ISACA.
What Do You Think About When You Hear the Words “Cybersecurity” and “Breaches”?
Cybersecurity refers to the technologies and processes implemented to help protect computers and networks from unauthorized access or attacks. A breach is an incident in which confidential information is viewed, stolen or utilized by an unauthorized individual.27 March 2020
Learning is Evolving, Whether We Like it or Not. So Is ISACA.
No doubt, these are challenging times. Aside from dealing with all the stress at home, where those of us with kids are seeing them face anxiety adjusting to a normal they were never prepared for, we also, as adults, are learning to work differently.26 March 2020
Information Security Matters: Information Systems in the Time of Flu
I am not in the public health field either, so if you are concerned about the ability of doctors and hospitals to withstand the surge of demand that a pandemic will bring, speak with your local medical authorities.Author: Steven J. Ross
Securing Citizens’ Data in an Era of Connected Societies
Southeast Asia has some of the biggest cities in the world, such as Manila, Jakarta and Bangkok, with close to 47% of the local population living in cities. As governments strive to build future cities, where infrastructure and public delivery are connected and seamlessly enabled by digital advancement...25 March 2020
Five Steps to Realize Your Data Driven Digital Transformation Strategy
In today’s “data is the new oil” era, no one can say an organization is able to achieve digital transformation without data. Executives and even the board level are talking about data-driven business strategy when they develop business objectives and goals.24 March 2020
The Importance of Preparing for a Ransomware Attack Hits Close to Home
As a cybersecurity professional, I work with organizations every day to enhance the various aspects of their cybersecurity programs, from foundational capabilities such as data classification to more tactical functions like incident response. I’ve seen the real-world impacts that various types of attacks have on an organization and the efforts that go into recovery.19 March 2020
Avoid Having to Run Somewhere From Ransomware, Part 2: Top 10 Steps to Stay Protected
Ransomware can be defined as a malware deployed for the specific purpose of denying access to a victim’s systems and/or files until something of value is exchanged. The primary motivating factor for most ransomware attacks is clearly in the name, a ransom. Part 1 of this article series reviewed several prominent examples of the damage caused by recent ransomwares attacks...Authors: Syed Ishaq and Faizan Mahmood
Cybersecurity Survey Results Reveal Hiring Struggles Persist, More Diversity Progress Needed
ISACA recently released part 1 of its State of Cybersecurity 2020 survey report, which found that cybersecurity teams are still struggling with hiring and retention, with very little improvement from last year.18 March 2020
Building A Governance System: A Review of Information Flow and Items Component
The COBIT 2019 framework defines seven components of a governance system that individually and collectively contribute to the good operations of the enterprise system over information and technology. Among those components is information flow.17 March 2020
A Message from David: Navigating COVID-19
As a global community, we immediately feel the effects of a global crisis because it affects our families, our communities, our jobs and our professions everywhere. So I first want to share my concern for your well-being and talk about steps we are taking to help.16 March 2020
Organizational Security Spending Trending Toward Services
Since the emergence of information security online, organizations have poured millions of dollars into products promising to increase speed of incident recognition, response times and overall operational efficiencies. To a certain extent, the idea that automation and enablement work hand-in-hand has proved out over the past several decades.12 March 2020
Business Continuity – Pandemic Preparation
The recent outbreak of a new virus, COVID-19, or the coronavirus, has many businesses scrambling to develop or review their business continuity plans. While there is much unknown about COVID-19 and whether it will turn into a pandemic, there are many things business can do today to ensure their businesses continue to operate if it does occur.3 March 2020
Three Essentials To Thrive in a High Pressure CISO Role
A recent Ponemon Institute report predicted that the role of the chief information security officer (CISO) will continue to rise in significance. This is underpinned by the growing realization by executives that just one serious security incident or data breach could derail the growth and profitability of their companies because of impact to brand and the cost to remediate, the incurring of fines and legal fees, and/or customer lo27 February 2020
CRISC Exam Prep Course
Join fellow CRISC exam candidates along with a CRISC-certified trainer for a unique exam prep experience. The CRISC Exam Prep Course is an intensive, cram-style course that will cover some of the more challenging topics from the CRISC job practice. Drill through sample exam items, ask your most pressing questions and get the answers to build your confidence as you prepare for exam day.4-7 May 2020
ISACA's CISM Named Best Professional Certification Program by SC Media
ISACA’s Certified Information Security Manager (CISM) certification was recognized as the Best Professional Certification Program Tuesday in the SC Awards at RSA Conference 2020.26 February 2020
The Growing Role of Cybersecurity Disclosures
Yahoo Inc. was fined a US$35 million penalty for failing to disclose one of the largest data breaches in the world, in which hackers captured the personal data of millions of user accounts. The failure to disclose the breach misled investors.Authors: Jacob Peng and Gregory Krivacek
Fear IS OK, But Complacency Will Kill You
Complacency, refusal to deviate from a plan and freezing in stressful situations are harmful in a corporate environment but and can be deadly in an extreme adventuring context. Alison Levine, the first American women's Everest expedition team captain, shares how lessons she learned on Everest can apply in a business context.26 February 2020
CISM Exam Prep Course
Join an expert CISM-certified trainer and fellow exam candidates for a unique, online exam-prep experience. This intensive virtual instructor-led course will cover some of the more challenging topics from the CISM job practice. Drill through sample exam items, interact and ask your most pressing questions and get the answers to build your confidence as you prepare for exam day.27-30 July 2020
ISACA’s Cybersecurity Study Reveals Struggles with Hiring and Retention Persist, More Diversity Progress Needed
Cybersecurity teams continue to struggle with hiring and retention, and very little improvement has been achieved in these areas since last year, according to new global research from ISACA that identifies current workforce challenges and trends in the cybersecurity field.
Solving the Cybersecurity Skills Gap Requires a Mindset Change
ISACA’s State of Cybersecurity 2020 research on hiring and retention requires us to confront a challenging reality: We simply aren’t making enough progress.24 February 2020
5 Must-Ask Questions to Effectively – and Securely – Onboard Vendors
It is quite common today for enterprises to outsource certain activities to vendors to lower costs. However, with each new vendor, an element of risk is added, and businesses must rely on auditors to ensure successful and effective vendor relationships.19 February 2020
Digital Transformation: Proper Preparation Prevents Poor Performance
Without proper planning, backcountry winter camping in Canada can be deadly. With temperatures that can easily drop below -25 degrees Celsius (-13 degrees Fahrenheit) during polar vortex conditions while you are out there with little more than snowshoes (or backcountry skis), a tent, backpack and a sleeping bag (and enough nutrition to handle minor emergency situations), any mistakes or omissions from your kit...18 February 2020
Improve Your Third-Party Risk Management Program
Most organizations’ risk management programs have room for improvement, especially when it comes to third-party risk. Understanding third-party risk management best practices can help organizations improve their risk program and reduce their overall risk.19 February 2020