Ensuring that internal controls are effective is a critical business issue worldwide. To provide audit and assurance professionals with the most up-to-date guidance, ISACA, a nonprofit association serving 95,000 IT professionals in 160 countries, has developed four new audit programs:

·         Cloud Computing, which covers governance over cloud computing, the relationship between the service provider and customer, and specific control issues

·         Crisis Management, which focuses on pre-crisis planning; the scope of the plan, including the relevance of the crisis scenarios selected, the probability that they will  occur, and  appropriate responses; as well as  testing, maintaining and aligning  the plan with business risks

·         Information Security Management, which features governance, policy, monitoring, incident management, implementing security configurations and selecting security technologies

·         Windows Active Directory, which covers Active Directory management, Secure Active Directory boundaries, secure domain controllers, physical security of the domain controllers, configuration settings, and secure administrative practices

“These audit programs are valuable tools because they provide a template to help auditors worldwide complete specific assurance processes,” said Norm Kelson, CISA, CGEIT, CPA, lead author of the programs. “They have been developed by a team of experienced assurance professionals from around the world, representing the latest global expertise, and are peer reviewed. In addition, they are downloadable in a Word document and can be easily customized to fit a specific operating environment.”

The programs can also be used by security and business professionals, who will benefit from applying the control objectives and audit steps to make the respective scope areas more robust.

The audit programs are free for ISACA members and US $45 for nonmembers at www.isaca.org/auditprograms. Additional guidance and the Information Technology Assurance Framework (ITAF) are available at www.isaca.org/assurance.

About ISACA

With 95,000 constituents in 160 countries, ISACA® (www.isaca.org) is a leading global provider of knowledge, certifications, community, advocacy and education on information systems (IS) assurance and security, enterprise governance and management of IT, and IT-related risk and compliance. Founded in 1969, the nonprofit, independent ISACA hosts international conferences, publishes the ISACA® Journal, and develops international IS auditing and control standards, which help its constituents ensure trust in, and value from, information systems. It also advances and attests IT skills and knowledge through the globally respected Certified Information Systems Auditor™ (CISA®), Certified Information Security Manager® (CISM®), Certified in the Governance of Enterprise IT® (CGEIT®) and Certified in Risk and Information Systems Control™ (CRISC™) designations.

ISACA continually updates COBIT®, which helps IT professionals and enterprise leaders fulfill their IT governance and management responsibilities, particularly in the areas of assurance, security, risk and control, and deliver value to the business.

Follow ISACA on Twitter:  http://twitter.com/ISACANews