Information Systems Audit and Controls Association (ISACA)

Information Systems Audit and Controls Association (ISACA) identified the need for a control framework tailored for the special needs of IT and in 1996 published the Control Objectives for Information and Related Technologies (COBIT) framework. ISACA provides continuing education and offers several IT certifications: Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in the Governance of Enterprise IT (CGEIT) and Certified in Risk and Information Systems Control (CRISC). The CISA designation is a globally recognized certification for information systems audit control, assurance, and security professionals. The CISM certification focuses on information security management. It is designed for individuals who manage, design, oversee, and assess an organization's information security. CGEIT focuses on enterprise IT governance principles and practices. The ISACA provides guidance and thought leadership on IT risks and controls. ISACA created Control Objectives for Information and Related Technologies (COBIT), which provides a widely used framework for IT governance and management.