Featured COVID Resource
COVID-19 Study: ISACA Professionals Weigh in on Impact and Outlook
Cybersecurity Attacks Are Rising During COVID-19, But Only Half of Organizations Say Their Security Teams Are Prepared for ThemLearn More
As the novel coronavirus (COVID-19) continues to cause uncertainties, our focus is clear: It’s you—our members, partners, volunteers and staff. You are our priority. We have made several decisions and are working to provide valuable resources to help protect your health and guide you through the professional challenges COVID-19 poses in our organizations.
View ISACA CEO David Samuelson’s message here and view ISACA resources below.
- Protecting the ISACA Community
- ISACA Resources For Your Work
- ISACA Virtual Learning Opportunities
- Train Your Team Virtually
What’s the latest on events, conferences, volunteering, meetings and more.
ISACA Certification Exams
In light of the current circumstances and in order to enable you to get the certifications you need for your career, we have quickly convened a team to put together a live remote proctoring option for our CISA, CISM, CGEIT and CRISC certification exams. We hope to make this available to you mid to end of April 2020. Those of you who wish to take the certification exam in person will be able to do that if you prefer, provided your local exam center is open. Please remember that you have 12 months from the time your register to take the exam, and extensions will be made if your eligibility is expiring soon. Stay tuned for further details on remote proctored exams!
Due to the COVID-19 pandemic there will be possible delays in physical shipments. We apologize for the inconvenience and appreciate your understanding in this unprecedented situation. Please note that most of the physical items we offer are also available in digital format, so please consider that delivery option so your access to ISACA resources will not be interrupted.
If you have any questions, please contact the Customer Experience Center.
Conference, Training Weeks and other In-person Training
ISACA has postponed select events taking place in the next 30 days, including the North America CACS, CMMI Partner Workshop, Capability Counts conference and select Training Week events. All participants will be refunded. Registrants, speakers and other participants have been contacted with more detailed information.
We continue to monitor the situation as we look toward events planned for later this year. If any changes need to be made, participants will be notified and conference web pages will be updated immediately.
Additionally, ISACA committee and working group meetings scheduled to meet at ISACA Global have been postponed, or arrangements have been made for virtual gatherings.
As professionals with pivotal roles in business continuity, resiliency and security, your work in these challenging times is critical. We’ve compiled some resources to help you navigate business technology issues arising from COVID-19.
ISACA staff are fully equipped to seamlessly work from home so we have closed the office, with only absolutely essential duties performed onsite. Work travel has been completely restricted for the time being.
Over the next few weeks, as in-person events continue to be impacted, virtual learning offers a great opportunity to get the knowledge—and the CPEs—you need from the comfort of your home. See what ISACA offers, from free webinars to virtual instructor-led training and more.
Looking for content on business continuity, resiliency and remote work during this challenging time? See a number of ISACA resources below:
Messages From ISACA
Message from our CEO David Samuelson
Managing Risk in a Pandemic: Novel Today, Standard Practices Tomorrow
COVID-19, a novel coronavirus, has come as a shock to many across the globe, changing practically every aspect of our functioning daily lives.12 May 2020
Cyberhygiene: Going Beyond Dos and Don’ts
The recent barrage of coronavirus advisories by various authorities all have one recommendation in common: maintain personal hygiene until a treatment becomes available. This maxim is true for information security as well.11 May 2020
As Telehealth Becomes Common, Security Considerations Increasingly Important
The COVID-19 pandemic has changed almost every aspect of our daily lives. What we’re seeing in healthcare today is unprecedented.8 May 2020
Why Was There No Warning? Risk Management
Risk management is an old discipline. As such, some tend to underestimate its importance until something bad happens or a crisis is triggered. And COVID-19 brings up risk management again as a trending topic.Author: Ramón Serres
Cybersecurity Considerations for Remote Work
As a result of the COVID-19 pandemic, many organizations are now trying to manage having an entirely remote workforce. While remote work can allow people to stay safe while doing their jobs, there are some cybersecurity concerns associated with remote work.24 April 2020
Five Organizational Cybersecurity Dangers Amplified by COVID-19
The global pandemic has impacted businesses on an unprecedented level. Only in a handful of instances in the past 100 years have companies and organizations been forced to such extremes to maintain business operations.21 April 2020
A Needed Wakeup Call for Online School Safety
Right now, as millions of kids all over the world are in the midst of crisis learning done digitally, we are creating the perfect cybersecurity storm. Think about it. While many parents are also working at home, they hardly have the time to conduct their own work, let alone watch over their kids as they do everything online.16 April 2020
Organizational Cybermaturity Comes to the Forefront During COVID-19
The worldwide pandemic has touched everyone at different levels. Across the globe, people are taking additional steps and implementing new routines into their daily lives in order to help slow the spread of the coronavirus.7 April 2020
Privacy and Respect Under COVID-19
Many actions have been taken to address the COVID-19 pandemic. Some involve penalties for the spread of misinformation in Bosnia and Herzegovina, the derogation of some human rights in an emergency in Romania, Armenia and Latvia and companies like Palantir and Clearview AI negotiating partnerships with US state agencies for infection monitoring by surveillance, geolocation and facial recognition.3 April 2020
Learning is Evolving, Whether We Like it or Not. So Is ISACA.
No doubt, these are challenging times. Aside from dealing with all the stress at home, where those of us with kids are seeing them face anxiety adjusting to a normal they were never prepared for, we also, as adults, are learning to work differently.26 March 2020
A Message from David: Navigating COVID-19
As a global community, we immediately feel the effects of a global crisis because it affects our families, our communities, our jobs and our professions everywhere. So I first want to share my concern for your well-being and talk about steps we are taking to help.16 March 2020
Telework Successfully During (And After) the COVID-19 Pandemic
For state/province/national leaders, coronavirus is forcing a trade-off between public health and privacy as well as balancing the saving of human lives at the cost of temporarily limiting individual liberties.5 May 2020
Managing Remote Work Environments With COBIT 2019
More organizations are making the shift to remote working environments for their employees due to the current world health crisis. Those organizations and the personnel responsible for security, infrastructure, risk and governance may need guidance.30 March 2020
I Left My Security in the Office
Remote work is growing increasingly more common, and with good reason; it offers numerous benefits to enterprises that leverage it. But this new way of working also presents new security challenges. In this podcast, we discuss some of those challenges and how to combat them.30 August 2018
Here’s How Leading Organizations Keep Remote Workers Safe and Secure
For all of the benefits remote working offers businesses, it’s hard to ignore the security risks and threats.
Crisis Management and Business Continuity
Information Systems in the Time of Pandemic
Many organizations found themselves unprepared for the workplace and business disruptions caused by COVID-19. But it is possible for organizations to act now to protect their information systems.30 April 2020
Business Continuity – Pandemic Preparation
The recent outbreak of a new virus, COVID-19, or the coronavirus, has many businesses scrambling to develop or review their business continuity plans. While there is much unknown about COVID-19 and whether it will turn into a pandemic, there are many things business can do today to ensure their businesses continue to operate if it does occur.3 March 2020
Business Continuity Management: Emerging Trends
As the pace of change in information technology accelerates, business continuity management (BCM) continues to evolve rapidly within enterprises to meet increased market and regulatory demands. Significant business and technology changes need to be assessed by the enterprise from many perspectives, including impact on existing processes, associated risk, and how technology changes can be leveraged to improve continuity capabilities. This white paper provides an overview of the impacts, benefits and opportunities of four emerging technologies (virtualization, cloud computing, mobile devices and social networks) as they relate to BCM.1 January, 2012
Business Continuity Management Audit Program
IT audit and assurance professionals are expected to customize this document to the environment in which they are performing an assurance process. This document is to be used as a review tool and starting point. It may be modified by the IT audit and assurance professional; it is not intended to be a checklist or questionnaire. It is assumed that the IT audit and assurance professional has the necessary subject matter expertise required to conduct the work and is supervised by a professional with the Certified Information Systems Auditor (CISA) designation and/or necessary subject matter expertise to adequately review the work performed. Format: Word
FREE to ISACA Members
Not a Member? Join Now
IT Continuity Planning Audit Program
Objective—The IT continuity plan audit/assurance review will: Provide management with an evaluation of the IT function’s preparedness in the event of a process disruption Identify issues that may limit the interim business processing and restoration of same Provide management with an independent assessment relating to the effectiveness of the IT continuity plan and its alignment with the business continuity plan and IT security policy Format: Word
FREE to ISACA Members
Not a Member? Join Now
Security Incident Management Audit Program
Unplanned incident preparation for many enterprises includes business continuity programs, disaster recovery plans and information security strategies. While looking at some of the same elements as these incident preparation tactics – namely the security triad of confidentiality, integrity, and availability – security incident management differs in that it poises enterprises for the identification and analysis of threats or incidents. In the current landscape, the combined focus on security incidents from both regulatory and operational perspectives put enterprises in positions where the effectiveness of their Security Incident Management programs is not optional.
Crisis Management Audit Program
Objective—The crisis management audit review will: Provide management with an assessment of the plan’s effectiveness addressing scope, completeness, team membership, and state of readiness of the crisis management plan and team Identify internal control and regulatory deficiencies that could affect the enterprise during the implementation of the plan Format: Word
FREE to ISACA Members
Not a Member? Join Now
We want to help you meet your CPE requirements and advance your knowledge while you stay healthy.
Get state-of-the-art online training created by experts and delivered the way you want it. Check back often as we add more information.
Gender Equality, Diversity and COVID-19: Current Trends & Future Directions
ISACA’s Workforce 2020 survey highlighted that there are differing global perceptions in relation to diversity and inclusion in the tech workforce. It appears that men and women do think differently!Upcoming: 9 June 2020
Meeting The Board’s Security, Audit and Compliance Demands
Informative session on the state of corporate audit and compliance and how to establish consistent best practices.Archived: 3 March 2020
Robotic Process Automation (RPA) and Audit
Identifying RPA risk opportunities, audit execution and control automation.Archived: 19 March 2020
Improve Your Third-Party Risk Management Program
Most organizations’ risk management programs have room for improvement, especially when it comes to third-party risk. Understanding third-party risk management best practices can help organizations improve their risk program and reduce their overall risk.19 February 2020
CPE on Demand: All Access
The CPE on Demand: All Access collection provides timely, valuable insights for GRC, audit, and security and cybersecurity professionals and enables you to learn on your schedule while earning up to 25 ISACA CPEs. Access to the entire collection of recordings • each recorded at ISACA’s North America CACS 2019 Conference - is unlimited for a 90-day period and includes downloadable presentation decks.
IT Risk Management Essentials
ISACA’s new introductory-level IT Risk video, is a high production quality instructional video featuring an engaging industry expert, and visual support aids. The video content focuses on IT Risk Management essentials, best practices and basics of performing an IT Risk assessment.
CPE on Demand: Technical Security Insights
The CPE on Demand: Technical Security Insights collection provides timely, valuable insights for Information Security, Cybersecurity, and IT Audit professionals, and enables you to learn on your schedule while earning up to 5 ISACA CPEs. Access to the entire collection of recordings - each recorded at ISACA’s North America CACS 2019 Conference - is unlimited for a 90-day period and includes downloadable presentation decks.
CPE on Demand: Third-Party Services
The CPE on Demand: Third-Party Services collection provides timely, valuable insights for GRC, audit, and security professionals and enables you to learn on your schedule while earning up to 6 ISACA CPEs. Access to the entire collection of recordings - each recorded at ISACA’s North America CACS 2019 Conference - is unlimited for a 90-day period and includes downloadable presentation decks.
Cybersecurity Fundamentals Online Course
Gain new expertise and prepare to start or advance your role in the increasingly important and in-demand field of cybersecurity. Leverage the power of our Cybersecurity Fundamentals Online Course to enhance your understanding of the principles that frame and define cybersecurity and the integral role of cybersecurity professionals in protecting enterprise data and infrastructure.
Cybersecurity Audit Certificate Online Course Bundle with eBook
This Cybersecurity Audit Certificate bundle includes the Cybersecurity Audit Certificate Online Course, the Companion Study Guide (eBook version) and the Cybersecurity Audit Certificate Exam. With the increasing number of cyberthreats, it is becoming critical for audit plans to include cybersecurity. ISACA’s new Cybersecurity Audit Certificate Program provides audit/assurance professionals with the knowledge needed to excel in cybersecurity audits, and IT risk professionals with an understanding of cyber-related risk and mitigating controls.With Included eBook
Cybersecurity Audit Certificate Online Course Bundle with Print Book
This Cybersecurity Audit Certificate bundle includes the Cybersecurity Audit Certificate Online Course, the Companion Study Guide (print version) and the Cybersecurity Audit Certificate Exam. With the increasing number of cyberthreats, it is becoming critical for audit plans to include cybersecurity. ISACA’s new Cybersecurity Audit Certificate Program provides audit/assurance professionals with the knowledge needed to excel in cybersecurity audits, and IT risk professionals with an understanding of cyber-related risk and mitigating controls.With Included Print Book
CISA Online Review Course
Prepare to obtain the Certified Information Systems Auditor® (CISA) certification and be recognized among the world’s most-qualified information systems professionals. The CISA Online Review Course provides online, on-demand instruction and is ideal for preparing you and fellow audit, assurance, control, security and cyber security professionals for the CISA certification exam.
Looking for more online training?Find all online training here
ISACA® is committed to meeting the needs of our enterprise clients and your IS/IT and cybersecurity teams. In response to the COVID-19 pandemic’s challenges, we are stepping up efforts to provide accessible-anywhere training and solutions to your business.
Get training in the fields of audit, security, risk, governance and cybersecurity for your team
ISACA Virtual Instructor-Led Training (VILT) Courses
Live expert instruction and interaction in a state-of-the-art virtual classroom.
Customizable Online Training
IT audit, risk management, security and governance training and certification prep to meet your organization’s specific needs: Delivered online with an expert instructor; or online, on-demand for self-paced learning.
ISACA’s CPE on Demand
On-demand, expert-led streaming videos allows team members to earn CPEs and grow their expertise at their own pace.
Complete the form below or email us at firstname.lastname@example.org for more information about ISACA’s Enterprise Solutions group training offerings. If you’re interested in individual training, please click here.