@ISACA Volume 9: 25 April 2012 

@ISACA Relevant, Timely News

2012 Renewal Season Is Coming to a Close

Why do ISACA members choose to renew their membership and certifications year after year? They see how the relationship between ISACA and its members impacts not only their own professional growth, but also the growth of the entire IT governance, risk, control, assurance and security professions.

As an ISACA member you have the opportunity to grow your knowledge by accessing ISACA’s materials in the Knowledge Center, to enhance your credibility by earning and maintaining one or more of ISACA’s prestigious certifications, and to contribute to the profession by participating in current research projects that IT governance, assurance, security and risk professionals can use to add value to their enterprise.


Renew your ISACA membership before 30 April and continue your professional growth.


Interact With North America CACS Speakers

Join North America Computer Audit, Control and SecuritySM (CACSSM) conference speakers in ISACA’s Knowledge Center and get a dialog going.

North America CACS speakers will participate in discussions revolving around their session topics. Speakers will be available before, during and after the conference to answer questions and share thoughts about popular industry topics. By sharing your ideas and offering feedback, your discussions will also help the speakers shape their presentations.

Start participating by visiting the North America CACS page today. Join us in Orlando, Florida, USA, on 7-10 May 2012, for North America CACS.


Social Media Helps Members Connect

ISACA has long provided a number of opportunities for ISACA members to interact—from in-person and virtual conferences to ISACA’s Knowledge Center. Now, thanks to social media, members have even more ways to connect:

  • Twitter:  Follow ISACA and join the conversation.
  • Facebook:  Like ISACA and “meet” ISACA’s nearly 5,000 fans.
  • LinkedIn:  Join one or more of ISACA’s many groups, including ISACA (Official), COBIT (Official) and ISACA Educational Events.
  • New conferences app:  New this year, ISACA will pilot an app for select conferences. The first to be launched is the North America CACSSM app, available for most smart devices. The app will provide customizable schedules, the ability to get messages from ISACA onsite, a notes section so attendees can capture highlights from the event and direct links to social media sites. Visit the North America CACS page for more information.


Two Worlds Meeting in One Place:  The Information Security Arena
Jan Mikulecky, CISM, CGEIT, CRISC, Shares His Experiences

In the mid 2000s, there were not too many who held the Certified Information Security Manager (CISM) certification in the Czech Republic. Jan Mikulecky felt compelled to obtain a professional advantage and, in doing so, acquired a great source of personal satisfaction.

With the growing importance of information security in our electronic world, many more information security specialists have been needed—in all corners of the world—to face the challenges of security threats in IT and the implementation of appropriate security measures. Constant changes and competition have increased and it has become more critical to establish enduring relationships with clients based on mutual benefit and integrity. In Mikulecky’s opinion more and more customers have been looking for highly experienced and certified consultants because “an internationally recognized certification is a guarantee of a high standard.” Certification instills confidence and assurance in one’s professional capabilities.

Mikulecky travels a lot and works with people all over the globe, thus, he navigates the virtual IT connection between the Czech Republic and his clients and colleagues. He also plays an active role on the CISM Test Enhancement Subcommittee (TES) from which he enjoys the many chances to learn from international trends, via his colleagues on the CISM TES and within ISACA. When crossing the bridge between his home country and the rest of the world, Mikulecky enjoys the connection for two reasons: continuous growth and mutual respect. “It is very interesting to meet professionals from all over the world and to listen to their opinions on different areas of information security. In my work on the TES, I always leave feeling that we have done a great job. What I have found amazing about the committee meetings is the mutual respect among the members,” Mikulecky says.

Mikulecky has found it to be very rewarding to connect with other experts in information security. His partaking in the CISM global network has given him confidence and recognition, not to mention the skills and experience, to strengthen his professional life. Back in the Czech Republic, Mikulecky has taken the next big step in his work life by moving to a larger, and one of the world’s most influential firms. “I like my job more than ever,” Mikulecky affirms. “After 13 years, it still brings me great personal satisfaction.”


Book Review:  The Data Governance Imperative:  A Business Strategy for Corporate Data
Reviewed by Bright Munongwa, CISA, CGEIT, CRISC, CIA

Enterprises are increasingly holding large amounts of data relating to their business operations. A key challenge facing enterprises is: how to maintain quality information for business decision making. A centralized approach to managing data is required to ensure the quality of data within an enterprise.

At some point, enterprises realize the need for data governance. This may be in response to regulatory requirements or the need for reliable management information. Frequently, the main reason for implementing data governance is that enterprises have traditionally maintained silos of disparate data with little interaction between them.

The Data Governance Imperative by Steve Sarsfield is a practical business guide for implementing data governance. The book is targeted at business and IT users who have an interest in data governance. At the heart of this book is the fact that data governance is a business issue, with only a small part of data governance being about technology. The book takes a business perspective and provides the reader with strategies and tactics for managing a data governance initiative.

The first chapter of the book looks at the need for data governance. The author suggests that the need for quality information for business decision making drives the need for data governance for most enterprises. Chapter two defines data governance as well as the benefits that can be derived from it. The rest of the book explores business issues around data governance, including how to get funding and the people involved in a data governance team. In chapter eight, the author explores technologies that support data governance in a way that is not too technical and is easy to understand for business people. A case study is presented in the final chapter.

Because the book looks at data governance from a business perspective, both technical and nontechnical readers will find the book easy to read and understand. It is practical and provides useful examples throughout.

The Data Governance Imperative:  A Business Strategy for Corporate Data is available from the ISACA Bookstore. For information, see the ISACA Bookstore Supplement in the latest issue of the ISACA Journal, visit the ISACA Bookstore online or email bookstore@isaca.org.

Bright Munongwa, CISA, CGEIT, CRISC, CIA, is a specialist IT auditor at Nedbank Ltd., one of South Africa’s Big Four banks. Munongwa serves on the ISACA Publications Subcommittee.


Member Receives India Presidential Award

ISACA member Sridev Kumar Chitta, CISA, CISM, CRISC, CFE, superintendent of customs and central excise, Hyderabad II Commissionerate, received the Presidential Award of Appreciation Certificate from the Customs and Central Excise Department of India.

Chitta joined the department as an inspector in 1994 and worked in the antismuggling wing for close to a decade before being elevated to the post of superintendent. He played a critical role in the detailed study of various smuggling syndicates and Hawala operations. His efforts, as well as those of his colleagues, resulted in two major gold seizures involving more than 100 kilos of gold and three sensational narcotic drug seizures.

For the last six years, Chitta has been involved in automation of the Customs and Central Excise Department and is presently involved in a program of e-governance and policy implementation processes.



Read More Articles in Our Archives