Press Release


 The Bank of Ghana Recommends ISACA Credentials for Cybersecurity Professionals 

Bank’s Cyber & Information Security Directive Encourages Security Professionals to Attain Credentials as Part of its Qualification Structure

Schaumburg, IL, USA (12 December 2018) – Certifications and certificates from ISACA, the leading global association for IT audit, risk, governance and security professionals, were recently recognized by the Bank of Ghana in its Cyber & Information Security Directive’s Enhanced Competency Framework (ECF) on Cybersecurity. This directive aims to provide a framework for cybersecurity and information security protocols and procedures, in particular for the financial services industry in Ghana.

The directive’s ECF encourages professionals in various roles involved in ensuring operational cyber resilience to attain the CSX Fundamentals Certificate, CSX Practitioner certification (CSXP) or Cybersecurity Audit Certificate at the Core Level (for entry-level staff with fewer than five years of relevant experience) and to achieve the Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC) or Certified in the Governance of Enterprise IT (CGEIT) at the Professional Level (for staff with five or more years of relevant experience).

Three lines of defense under cyber risk governance are outlined in the ECF—the first line: IT security operations and delivery, the second line: IT risk management and control, and the third line: IT audit. Out of these, CSXP, CSX Fundamentals, CISA and CISM were recommended for all three lines of defense, CRISC and CGEIT were recognized for the second line of defense, and the Cybersecurity Audit Certificate for the second and third lines of defense.

“The Central Bank of Ghana’s recognition of ISACA certifications in both Core and Professional roles in Cybersecurity lends credence to the benefits of the certifications as well as enforcing IT Governance at the Board level. As a certified professional, such credit is welcome news,” says Adjoa Asamoah (CISA, CISM, CRISC, CGEIT), Information Systems Auditor at the Bank of Ghana, past secretary and current mentor of the ISACA Accra Chapter. “The emphasis on professionals with these certifications gives banks and employers the assurance that employees (including potential employees) are up to tenets of the BOG’s directive and its inherent deliverables.”

To learn more about ISACA’s CISA, CISM, CGEIT and CRISC credentials, visit For information on ISACA’s Cybersecurity Audit Certificate, visit To learn about ISACA’s CSX credentials, visit


Nearing its 50th year, ISACA ( is a global association helping individuals and enterprises achieve the positive potential of technology. Today’s world is powered by technology, and ISACA equips professionals with the knowledge, credentials, education and community to advance their careers and transform their organizations. ISACA leverages the expertise of its 450,000 engaged professionals in information and cybersecurity, governance, assurance, risk and innovation, as well as its enterprise performance subsidiary, CMMI Institute, to help advance innovation through technology. ISACA has a presence in more than 188 countries, including 217 chapters worldwide and offices in both the United States and China.


Press Contacts:

Emily Van Camp, +1.847.385.7223,
Kristen Kessinger, +1.847.660.5512,