ISACA Now Blog

 Filters

 ‭(Hidden)‬ Admin Links

Knowledge Center > ISACA Now

Questions to Ask Yourself Before Pursuing the CISA Designation

Kyle Miller, CISA, QSA, Senior Consultant, Plante Moran, PLLC, Member, CISA Certification Working Group (ISACA)
Posted: 8/24/2016 3:14:00 PM | Category: Certification | Permalink | Email this post

Before I pursued the Certified Information Systems Auditor (CISA)
designation, I wish I would have ____________________.

I recently posed that question to a number of candidates who had pursued the CISA (Certified Information Systems Auditor) designation. As the responses poured in, I identified 5 questions which, if answered early in the pursuit process, could help future candidates avoid uttering that same “wish I would have” statement. So to future CISA pursuers, take a moment to ask yourselves the following questions:

 
Read More >>
    

Process Improvement for Management of IT-related Processes

John Jasinski, CGEIT, CRISC, CISA, CISM, ITIL, Business Process Consultant
Posted: 8/23/2016 3:00:00 PM | Category: COBIT-Governance of Enterprise IT | Permalink | Email this post

Most organizations have objectives for quality and improvement. Enterprises want employees to continually look for opportunities that fuel effectiveness and strengthen the company. The improvement theme is both a nice to have and a basis to survive, providing a direction to get better and a model for personal behavior and work culture. The basic improvement model is one of common sense, similar to those used in psychology and coaching. It can be teamed with any process reference model.

The improvement model has evolved over time with influences from many thought leaders, good practices and industries, including Dr. Edwards Deming, a key influence with the Plan-Do-Check-Act (PDCA) cycle (preferred over Guess-Do-Pray-Hope); John Kotter with organizational change; international standards such as those from the International Organization for Standardization (ISO), ISO 90001 for Quality, ISO 20000 for IT Service Management, ISO 27001 for IT Security; COBIT, ITIL, the National Institute of Standards and Technology (NIST) and Project Management Body of Knowledge (PMBOK), all of which incorporate or support improvement themes; and, Six Sigma programs, which have an improvement phase and so should you.

 
Read More >>
    

CISA Exam Prep Course on VILT set for 30 August-1 September

Shawna M Flanders CISA, CISM, CRISC, CSSGB, SSBB, President and Chief Technical Consultant/Trainer, Business Technology Guidance Associates, LLC
 
Posted: 8/18/2016 3:11:00 PM | Category: Certification | Permalink | Email this post

Today’s IT auditor needs to have strong analytical skills and a broad general knowledge of technology, along with an understanding of the auditing process. They also need to know about organizational business processes and the technology that supports those processes to effectively assess risk and articulate it in common business language. Unfortunately, the most knowledgeable and experienced candidate may fail in his or her assignment if they do not possess exceptional soft skills.

The most important soft skills include the ability to:

  • Clearly communicate verbally and in writing using common business language
  • Be nonjudgmental or unbiased throughout the audit process
  • Remain calm and collected even during conflict situations
  • Serve as a mentor or consultant to the enterprise on control design and testing

The IT auditor is presented with a variety of assignments ranging from reviewing access rights to running queries or even reviewing firewall rules. He or she may observe project meetings, sit on the change control board, observe a DR test, review the due care process of onboarding a new vendor or cloud provider, or even serve as a consultant during a product implementation. Being prepared to perform these varying tasks requires experience and training.

 
Read More >>
    

Audit: A Key Success Factor

Paul Phillips, Technical Research Manager, ISACA
Posted: 8/17/2016 3:12:00 PM | Category: Audit-Assurance | Permalink | Email this post

Why is it that some companies succeed and others fail? There is a general consensus certain things are common among successful companies. We call these things key success factors. Key success factors are essential attributes that are critical to an organization reaching its business goals.

There is no agreed-upon list of success factors because they vary depending on the nature of the business, among other things. Some business experts would say good, productive employees are a key success factor. Others believe keeping loyal customers is a critical factor. Still others would submit that having clear policies and procedures is how organizations succeed.

 
Read More >>
    

Reinvent Your IT So You Can Disrupt and Handle Disruption

Ammett Williams CCIE, CGEIT, Telecommunication Team Leader, First Citizens TT
Posted: 8/16/2016 3:00:00 PM | Category: Risk Management | Permalink | Email this post

It may not be on the mind of every CEO, CIO or CTO but the rise of disruption is of major concern. Disruption itself has always been a part of business theory under Michael Porter’s five forces and classified as “the threat of new entrants”; but this threat has continued to evolve.

Barriers to entry in various markets have been in place to control competition. However, modern disruption can occur outside these barriers with the “disruptors” changing the very way the market sector operates thereby out manoeuvring and altogether eliminating existing big market players who could not anticipate this risk.

 
Read More >>
    
<< First   < Previous     Page: 1 of 127     Next >   Last >>

 About This Blog

 

This blog is intended to offer a way for ISACA leaders, constituents and staff to exchange information of interest pertinent to the association, the business environment and/or the profession.

The comments on this site are the author’s own and do not necessarily represent ISACA’s opinions or plans. ISACA does not endorse, monitor or control any links to external sites offered in this blog, and makes no warranty or statement regarding the content on those external sites.

Anyone posting comments on this site should ensure that the content remains on-topic and steers well clear of any statements that could be considered insensitive, offensive or threatening. Given ISACA’s global nature, the need to communicate in a way that is accessible and acceptable to many cultures should be taken into account. ISACA retains the right, at its sole discretion, to refuse content that is considered inappropriate.

   

To volunteer to write a blog or suggest a topic send an email here.