ISACA Journal Author Blog

ISACA > Journal > Practically Speaking Blog > Posts > The Intersection of Framework and Legislation

The Intersection of Framework and Legislation

| Published: 6/16/2014 8:55 AM | Category: COBIT-Governance of Enterprise IT | Permalink | Email this Post | Comments (0)
By Fatih Altinel, CISA, and Yeliz Kilinc

Industrial and professional organizations have a great need to standardize applications. ISACA and COBIT have a leading role in spreading and widening acceptance of the notions of IT governance, IT risk and IT control concepts. But at the same time, sectoral authorities are the most important agents for country-wide acceptance of these types of frameworks. In this context, the Banking Regulation and Supervision Agency of Turkey (BRSA) has the leading role in the adoption of IT governance, IT risk and IT control concepts by banks.

Since the Imar Bank case of 2000, an IT-oriented banking fraud case, and the Turkish retailer Gima case, in which a massive amount of credit card information was stolen, IT audits have been performed in Turkish banks since 2006.   

BRSA, the sole Turkish regulatory authority of the banking industry, credit card systems and other payment systems, is guided partially by COBIT and predominantly by local legislation, which has been prepared in parallel with other international frameworks. BRSA recommends the use of COBIT in internal audit and external audit activities performed in banks. Our recent Journal article discusses the similiarities between COBIT 5 and local legislation and Turkish banking regulations.

Read Fatih Altinel and Yeliz Kilinc’s recent JournalOnline article:
Similarities Between Banking Regulations of Turkey Made by BRSA and COBIT 5 Governance Area,” ISACA Journal, volume 3, 2014


There are no comments yet for this post.