From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

Information Systems Audit and Control Association
ISACA logo.png
PurposeTo help business technology professionals and their enterprises around the world realize the positive potential of technology.
HeadquartersSchaumburg, Illinois
Coordinates42°3′10.9794″N 88°2′11.9754″W / 42.053049833°N 88.036659833°W / 42.053049833; -88.036659833Coordinates: 42°3′10.9794″N 88°2′11.9754″W / 42.053049833°N 88.036659833°W / 42.053049833; -88.036659833
165,159 (as of Dec 2021)
Official language
David Samuelson[2]
Pam Nigro
Increase USD $98.53 million (2021)
ExpensesIncrease USD $86.19 million (2021)
200 (2019)
2,000+ (2019)
Formerly called
EDP Auditors Association

ISACA is an international professional association focused on IT (information technology) governance. On its IRS filings, it is known as the Information Systems Audit and Control Association, although ISACA now goes by its acronym only.[1][6][7] ISACA currently offers 8 certification program as well as other micro-certificates.


ISACA originated in United States in 1967,[6] when a group of individuals working on auditing controls in computer systems started to become increasingly critical of the operations of their organizations. They identified a need for a centralized source of information and guidance in the field. In 1969, Stuart Tyrnauer, an employee of the (later) Douglas Aircraft Company, incorporated the group as the EDP Auditors Association (EDPAA).[8] Tyrnauer served as the body's founding chairman for the first three years. In 1976 the association formed an education foundation to undertake large-scale research efforts to expand the knowledge of and value accorded to the fields of governance and control of information technology.

The association became the Information Systems Audit and Control Association in 1994.[9]

By 2008 the organization had dropped its long title and branded itself as ISACA.[10]

In March 2016, ISACA bought the CMMI Institute who is behind the Capability Maturity Model Integration.[11]

In January 2020, ISACA updated refreshed its look and digital presence, introducing a new logo.[12]

Current status[edit]

ISACA currently serves more than 140,000 constituents (members and professionals holding ISACA certifications) in more than 180 countries.[13] The job titles of members are such as IS auditor, consultant, educator, IS security professional, regulator, chief information officer, chief information security officer and internal auditor. They work in nearly all industry categories. There is a network of ISACA chapters with more than 200 chapters established in over 80 countries. Chapters provide education, resource sharing, advocacy, networking and other benefits.[14]

Major publications[edit]


  • Certified Information Systems Auditor (CISA,1978)[18]
  • Certified Information Security Manager (CISM, 2002)[18]
  • Certified in the Governance of Enterprise IT (CGEIT, 2007)[18]
  • Certified in Risk and Information Systems Control (CRISC, 2010)[18]
  • Cybersecurity Practitioner Certification (CSX-P, 2015)[19]
  • Certified Data Privacy Solutions Engineer (CDPSE, 2020)[20]
  • Information Technology Certified Associate (ITCA, 2021)[21][22]
  • Certified in Emerging Technology (CET, 2021)[23][24]

The CSX-P, ISACA's first cybersecurity certification, was introduced in the summer of 2015. It is one of the few certifications that require the individual to work in a live environment, with real problems, to obtain a certification. Specifically, the exam puts test takers in a live network with a real incident taking place. The student's efforts to respond to the incident and fix the problem results in the type of score awarded.[25]


  • COBIT Certificates
  • IT Risk Fundamentals Certificate
  • Certificate in Cloud Auditing Knowledge
  • CSX Nexus Cybersecurity Certificates
  • Cybersecurity Audit Certificate Program
  • Computing Fundamentals Certificate
  • Networks and Infrastructure Fundamentals Certificate
  • Cybersecurity Fundamental Certificate
  • Software Development Fundamentals Certificate
  • Data Science Fundamentals Certificate

See also[edit]


  1. ^ a b "INFORMATION SYSTEMS AUDIT AND CONTROL ASSOCIATION INC Form 990 2015". ProPublica. 9 May 2013. Retrieved 19 September 2017.
  2. ^ "ISACA Names David Samuelson CEO". ISACA. 29 March 2019. Retrieved 21 July 2020.
  3. ^ "About us". About ISACA. ISACA. Retrieved 13 July 2020.
  4. ^ "ISACA's Annual Reports". Annual Report. ISACA. Retrieved 4 May 2022.
  5. ^ "Board of Directors". Board of Directors. ISACA. Retrieved 21 July 2020.
  6. ^ a b [1] Archived 2 October 2007 at the Wayback Machine
  7. ^ Vacca, John (2009). Computer and Information Security Handbook. Morgan Kaufmann Publications. Elsevier Inc. p. 600. ISBN 978-0-12-374354-1.
  8. ^ Katsikas, Sokratis K. (2000). "A Postgraduate Programme on Information and Communication Systems Security". In Qing, Sihan; Eloff, Jan H. P. (eds.). Information Security for Global Information Infrastructures. IFIP Advances in Information and Communication Technology. Vol. 47. Springer. p. 50. ISBN 9780792379140. [...] the Information Systems Audit and Control Association (ISACA - formerly EDPAA) [...]
  9. ^ Gleim, Irvin N.; Hillison, William A.; Irwin, Grady M. (June 1995). Auditing & systems: objective questions and explanations. 1. Vol. 6 (6 ed.). Gainesville, Florida: Accounting Publications. p. 37. ISBN 9780917537745. In 1994, the association changed its name to the Information Systems Audit and Control Association.
  10. ^ Verschoor, Curtis C. (2008). Audit Committee Essentials. John Wiley & Sons. p. 205. ISBN 9780470337073. [...] ISACA - previously known as the Information Systems Audit and Control Association [...]
  11. ^ Loeb, Matt. "ISACA Acquires CMMI Institute". ISACA. ISACA. Retrieved 1 June 2017.
  12. ^ Samuelson, David. "New Look Marks a New Era for ISACA". ISACA. ISACA. Retrieved 9 June 2020.
  13. ^ "History of ISACA". ISACA. Retrieved 9 June 2020.
  14. ^ "About Our Chapter – Isaca". Retrieved 8 December 2020.
  15. ^ [2] Archived 16 July 2011 at the Wayback Machine
  16. ^ ISACA IT Resources
  17. ^ "Security, Audit and Control Features SAP ERP, 4th Edition". Retrieved 3 November 2015.
  18. ^ a b c d[bare URL PDF]
  19. ^ "CSX-P | Cybersecurity Practitioner".
  20. ^ "Certified Data Privacy Solutions Engineer".
  21. ^ "Shift Your Career into Higher and Higher Gear". Information Technology Certified Associate. ISACA. Retrieved 4 May 2021.
  22. ^ "New ISACA certification to help upskill IT professionals". Technology Decisions. Westwick-Farrow Pty Ltd. Retrieved 4 May 2021.
  23. ^ "Fast Track Your Career in Emerging Technology". Certified in Emerging Technology. ISACA. Retrieved 4 May 2021.
  24. ^ Barth, Bradley (21 April 2021). "New certification program trains cyber pros in cloud, IoT and other emerging tech". SC. CyberRisk Alliance, LLC. Retrieved 4 May 2021.
  25. ^ "ISACA is First to Combine Skills-based Cybersecurity Training with per". 16 April 2015.

External links[edit]