ISACA Issues First COBIT 5 Audit Programs

“ISACA’s audit programs are flexible and customizable, providing a clear structure that covers all of the COBIT 5 enablers,” said Tony Hayes, international president of ISACA and appointed deputy director-general of the department of communities, child safety and disability services in the Queensland Government, Australia, in a statement. “These particular programs provide a road map that enable assurance professionals to effectively plan, scope and execute IT assurance initiatives, navigate technology complexity and demonstrate strategic value to IT and business stakeholders.”

The audit/assurance programs are peer-reviewed and based on the standards and guidance in ISACA’s IT Assurance Framework (ITAF) and align with COBIT 5. There are five new programs to start things off.

The Ensure Governance Framework Setting and Maintenance Audit/Assurance Program helps ensure that there is a consistent and integrated approach aligned with enterprise governance, that IT-related decisions are made in line with the enterprise’s strategies and objectives, that IT-related processes are overseen effectively and transparently, and that the organization is in compliance with legal and regulatory requirements.

The Ensure Benefits Delivery Audit/Assurance Program helps auditors verify that optimal value is secured from IT-enabled initiatives, services and assets. It also ensures cost-effective delivery of solutions and services and provides a reliable and accurate picture of costs and likely benefits so that business needs are supported effectively and efficiently.

The Ensure Risk Optimization Audit/Assurance Program helps auditors validate that IT-related enterprise risk does not exceed risk appetite and risk tolerance; the impact of IT risk to enterprise value is identified and managed; and the potential for compliance failures is minimized.

The Ensure Resource Optimization Audit/Assurance Program helps auditors determine whether an enterprise’s resource needs are met in the most effective manner, IT costs are optimized, and there is an increased likelihood of benefit realization and readiness for future change.

The Ensure Stakeholder Transparency Audit/Assurance Program validates effective and timely communication to stakeholders and an established basis for reporting to increase performance and identify areas for improvement. It also helps verify that IT-related objectives and strategies are in line with the enterprise’s strategy.

All of the programs are downloadable in a Word document and can be customized to fit specific operating environments. They also can be used by business and IT professionals to apply to the management practices and activities to make the respective scope areas more robust, ISACA noted.

What’s hot on Infosecurity Magazine?