IS Control

As the proportion of members from the IS Control Professional community grows, ISACA has perceived a need to produce further ethical guidance and standards for its non-audit membership.

Knowledge Center

Download Standards, Guidelines, and Tools and Techniques for Audit/Assurance and Control Professionals (2.5M)

Objectives, Scope and Authority for IS Control Professionals

Objectives

The objectives of ISACA Standards for IS Control Professionals are to inform:

IS Control Professionals of the minimum level of acceptable performance required to meet the professional responsibilities set out in the ISACA Code of Professional Ethics
Management and other interested parties of the profession's expectations concerning the work of practitioners

Scope and Authority of Standards for IS Control Professionals

ISACA's intent is to respond to the growing need for standards outside the IS Audit profession, including but not limited to these areas:

Data security
Business continuity planning
Data and media administration
Quality assurance

The framework for the ISACA Standards for IS Control Professionals provides for multiple levels of standards, as follows:

Standards define mandatory requirements for IS Control functions.

Guidelines provide guidance in applying standards for IS Control Professionals. The IS Control Professional should consider them in determining how to achieve implementation of the standards, use professional judgment in their application and be prepared to justify any departure.

Tools and techniques provide examples of procedures an IS Control Professional might follow. The procedure documents provide information on how to meet the standards when performing IS Control Professional functions, but do not set requirements.

Development of Standards, Guidelines and Procedures

ISACA Professional Standards Committee is committed to wide consultation in the preparation of Standards, Guidelines and Tools and Techniques. Prior to issuing any documents, the Professional Standards Committee issues exposure drafts internationally for general public comment. The Professional Standards Committee also seeks out those with a special expertise or interest in the topic under consideration for consultation where necessary.

The Professional Standards Committee has an ongoing development program, and welcomes the input of members of ISACA and holders of the CISA designation to identify emerging issues requiring new standards products. Any suggestions should be emailed to (standards@isaca.org) or faxed (+1.847.253.1443) or mailed to the attention of the Director of Research, Standards and Academic Relations, ISACA International Office, 3701 Algonquin Road, Suite 1010, Rolling Meadows, IL 60008, USA.


What is CISA	What is CISM	What is CGEIT	What is CRISC
Benefits of CISA	Benefits of CISM	Benefits of CGEIT	Benefits of CRISC
How to Become Certified	How to Become Certified	How to Become Certified	How to Become Certified
Register for the Exam	Register for the Exam	Register for the Exam	Register for the Exam
Prepare for the Exam	Prepare for the Exam	Prepare for the Exam	Prepare for the Exam
Taking the Exam	Taking the Exam	Taking the Exam	Taking the Exam
Apply for Certification	Apply for Certification	Apply for Certification	Apply for Certification
Maintain Your CISA	Maintain Your CISM	Maintain Your CGEIT	Maintain Your CRISC


COBIT 5 Home
Product Family
Education and Training
News
Recognition
Join the Conversation
Looking for COBIT 4.1?

ISACA: Serving IT Governance Professionals

IS Control

Objectives, Scope and Authority for IS Control Professionals

Objectives

Scope and Authority of Standards for IS Control Professionals

Development of Standards, Guidelines and Procedures

Quick Links