New ISACA Guide Calls for Improved Sustainability Governance

Taken from BlogRolling Meadows, IL, USA (21 April 2011)—To improve cost performance and demonstrate corporate social responsibility, enterprises are increasingly embarking on green IT and sustainability initiatives. Now viewed as a critical business issue, sustainability projects are attracting investment, innovation and supporting technologies. ISACA’s complimentary new white paper, Sustainability, outlines the drivers, business risks and benefits, and impacts of sustainability, and helps enterprises effectively scope and govern their sustainability initiatives.

According to the ISACA white paper, there are four main factors driving sustainability:

  • Economic sense (e.g., cost savings)
  • Environmental concerns
  • Social responsibility
  • Legislation/regulations

“A sustainable perspective is no longer optional. Sustainable IT is an essential component of business success, and stakeholders take sustainability into account when evaluating their relationship with an enterprise,” said Ramsés Gallego, CISM, CGEIT, CISSP, CCSK, member of ISACA’s Guidance and Practices Committee and chief strategy officer for the security and risk management practice at Entel IT Consulting.

Studies consistently show that if an enterprise can shoulder the initial costs of sustainability initiatives, they will receive a large positive return. However, there is significant room for improvement.

“The current state of governance reflects the fact that the marketplace has yet to reach consensus on who is responsible for business sustainability efforts,” said Gallego. “Existing governance approaches pertaining to IT will need to be revised to incorporate sustainability, much as how enterprise financial governance models were enhanced to incorporate Sarbanes-Oxley requirements.”

For a free download of the Sustainability white paper, visit



ISACA geeft examentrainingen om de titel CISA te mogen voeren. CISA is een wereldwijd erkend certificaat voor IS audit control. Het toont aan dat u de benodigde ervaring, skills en kennis heeft om veiligheidsrisico's te detecteren en betrouwbare audits uit te voeren.

Lees meer over de CISA-training


Als CISM bent u in staat om zelfstandig informatieveiligheid te analyseren. ISACA verzorgt een examentraining voor CISM, die zowel ruimte biedt voor het bijspijkeren van kennis als concrete oefeningen voor het examen.

Lees meer over de CISM examentraining