The ISACA Timeline
Since 1969, ISACA has been advancing careers and transforming organizations worldwide through knowledge, credentials, education and community. Explore milestones, achievements and successes spanning ISACA’s rich 50+ year history.
2020
ISACA launched the Certified Data Privacy Solutions Engineer (CDPSE) credential. More than 7,500 professionals earned the credential within its first six months.
2019
ISACA turns 50. After five decades, the association has 135,000 members, 220+ chapters and nearly 200 staff members.
2018
ISACA released the latest version of COBIT—COBIT 2019—which included a Design Guide that helped enterprises easily tailor the framework to meet their specific needs.
The General Data Protection Regulation (GDPR) compliance deadline brings a heightened focus to information privacy and security.
ISACA establishes a presence in Mainland China.
2018
ISACA moves into its new headquarters, 1700 East Golf Road, Schaumburg, Illinois, USA.
2016
ISACA launches the Connecting Women Leaders in Technology program (later renamed SheLeadsTech™) and the Women’s Leadership Council.
2016
ISACA acquires the CMMI Institute, expanding its approach to enterprise performance and capability improvement.
2015
Anticipating its 50th anniversary, ISACA embarks on an extensive interview program with past presidents and members around the world, which will continue through the anniversary in 2019.
2014
ISACA has 120,000 members in 185 countries.
2014
ISACA launches Cybersecurity Nexus (CSX) to meet the growing demand for cybersecurity skills.
The Sony Pictures and Yahoo! data breaches bring renewed global focus on issues of cybersecurity. The ISACA Journal publishes "Risk to Entities Regarding Data Breaches: Lessons from a Brief Case Study."
2012
ISACA grows to 200 chapters in 82 countries.
2012
COBIT 5 launches.
2011
ISACA extends its strategic planning with a 10-year plan.
2010
ISACA introduces the Certified in Risk and Information Systems Control (CRISC) certification.
2010
Nearly 90 professionals are employed at ISACA’s headquarters.
2008
The CISA Review Course is made available online for the first time.
2007
ISACA introduces the Certified in the Governance of Enterprise IT (CGEIT) certification.
2006
ISACA adopts the acronym as its formal name.
2005
As mobile devices proliferate, ISACA releases ISACA Journal guidance on "Security and Ownership of Personal Security Devices," a topic that receives extensive focus in the years to come.
COBIT 4.0 is released.
2004
ISACA has more than 45,000 members.
2002
ISACA introduces the Certified Information Security Manager (CISM) certification. With the passage of the US Sarbanes-Oxley Act of 2002, enterprises increasingly turn to ISACA for compliance guidance.
2001
A third edition of COBIT is introduced with new Management Guidelines.
2000
The new millennium arrives without serious computer system failure after ISACA provided Y2K guidance to its professional community.
1998
The second edition of COBIT is released.
ISACA creates the IT Governance Institute (ITGI), focused on IT governance original research and best practices.
1997
ISACA hosts the Y2K/Year 2000 conference in Chicago, focused on technology challenges related to the new millennium.
1996
The Control Objectives for Information and Related Technology (COBIT) framework is introduced.
1994
ISACA has more than 14,000 members, with 134 chapters in nearly 60 countries.
ISACA celebrates its 25th anniversary.
1994
The organization formally changes its name from EDPAA to Information Systems Audit and Control Association (ISACA).
1992
EDPAA launches its first website.
The first chapter in the Africa region is established in South Africa.
1992
EDPAA moves to a new headquarters location at 3701 Algonquin Road, Rolling Meadows, Illinois, USA. It remains there for the next 26 years.
1991
EDPAA's new membership newsletter, Global Communiqué, is launched.
1990
The organization establishes the “2000 and Beyond” committee, establishing brand standards across the organization as well as a long-term plan for growth.
1986
A delegation of American ISACA members visits China.
EDPAA welcomes its 100th chapter, in Victoria, British Columbia, Canada, and passes the 9,000-member mark.
1985
The organization moves headquarters offices to 455 East Kehoe Boulevard in Carol Stream, Illinois, USA.
1985
EDPAA purchases the rights to the Computer Audit Control and Security (CACS) conference from industry pioneer Harold Weiss.
1984
EDPAA hosts PC-MACS, the first conference devoted to microcomputers, in Atlanta.
1982
EDPAA elects its first female president.
The organization purchases its first computer for the administrative office, an IBM Datamaster.
The China Hong Kong chapter is established as the first chapter in the Asia-Pacific region.
1981
More than 200 individuals receive the CISA certification after the first CISA exam.
1981
The organization moves into its first dedicated office space on South Schmale Road in Carol Stream, Illinois, USA, and institutes its Three-Year Long Range Plan.
1980
Through fundraisers and the sale of its publications, the EDP Auditors Foundation turns the $10,000 grant received in 1979 into $1.2 million in revenue.
1980
EDPAA hosts its first conference outside the United States, in Mexico City, Mexico.
1979
The EDP Auditors Foundation nears bankruptcy and receives a US$10,000 grant from the EDPAA.
1979
The first chapters in the Europe region are established in Israel and Milan, Italy.
1978
The Certified Information Systems Auditor (CISA) certification is introduced.
1976
EDPAA hires its first full-time employee, Marian King, a secretary who works out of the third bedroom in her home, which becomes known as the association’s first office.
1976
EDPAA establishes the EDP Auditors Foundation.
The organization reaches 1,500 members across 19 chapters.
The first chapters outside of the United States are established, in Mexico City, Mexico, and Sydney, Australia.
1975
The first version of Control Objectives, a seminal document outlining data processing audit and control best practices, is published.
1975
EDPAA establishes geographic regions and regional vice presidents.
1973
EDPAA hosts its first conference, under the theme “EDP Auditing: A Coming of Age,” in Santa Monica, California, USA.
1973
The Equity Funding Corp. scandal unfolds, elevating the need for risk management.
The EDP Auditor, EDPAA’s first quarterly publication, debuts.
1972
EDPAA is reconstituted. Eugene Frank is appointed president. Howard “Bud” Friedman is named vice president.
1971
Most of the board resigns as a result of competing personal and professional commitments. The organization effectively comes to a standstill.
1970
1969
Electronic Data Processing Auditors Association (EDPAA)—the future ISACA—is incorporated in Los Angeles, California, USA.
1960
The growing commercial use of computers, such as the IBM 360 mainframe, creates a need for information technology controls and auditing.