ISACA Training Week Brings IT Audit and Security Education to Ottawa

Taken from Blog

  • Fundamentals of IT Audit and Assurance—This course is aligned with the Certified Information Systems Auditor (CISA) certification job practice areas, and will discuss controls and control objectives tailored to the evolving role of IT auditors, including an understanding of how to achieve business goals.
  • COBIT:  Strategies for Implementing IT Governance—This course applies COBIT in practical situations and provides a performance measurement framework using the most current COBIT and Val IT  information and related tools.
  • Governance of Enterprise IT (new)—This course is aligned with Certified in the Governance of Enterprise IT (CGEIT) certification and addresses how to develop a governance strategy to achieve value and manage risk within an enterprise, and explains the value that governance brings to the enterprise.  

“ISACA Training Week is an excellent opportunity to gain a solid foundation in information security, IT audit or IT governance,” said Emil D’Angelo, CISA, CISM, international president of ISACA. “The valuable tools presented equip attendees with expertise they need to reduce risk, protect their enterprise and develop strategies for IT governance in this continually challenging climate.”

Instructors at the Ottawa event include Barry D. Lewis, CISM, CGEIT, CRISC, CISSP, president of Cerberus; Craig McGuffin, CISA, CISM, CGEIT, CRISC, principal of C.R. McGuffin Consulting Services; and John Tannahill, CISM, CGEIT, management consultant specializing in information security and audit services. 





ISACA Training Week


4-8 April 2011


Ottawa Marriott, Ottawa, Ontario, Canada

Web site 


The ISACA Training Week registration fee, which includes course materials, is US $2,295 for ISACA members and US $2,495 for nonmembers. Participants are eligible to earn up to 38 continuing professional education (CPE) hours.

For additional ISACA Training Week information or to register, please visit

Upcoming ISACA Training Weeks include:

  • 8-12 August, Seattle, Washington, USA
  • 12-16 September, Minneapolis, Minnesota, USA
  • 24-28 October, Baltimore, Maryland, USA
  • 5-9 December, Scottsdale, Arizona, USA


ISACA Issues Japanese Edition of COBIT and Application Controls

Taken from BlogRolling Meadows, IL, USA (1 February 2011)—ISACA’s new Japanese translation of COBITand Application Controls: A Management Guide makes the guidance more accessible worldwide. Because of the importance of reliable information, this publication is designed to reinforce that application controls represent business functionality and are not the sole domain of the audit community.

COBITand Application Controls: A Management Guide is available in Japanese as a complimentary PDF download for ISACA members at

The publication is structured based on the life cycle of application systems—from defining requirements through implementation, operation and maintenance and, finally, providing assurance on application controls. The life cycle activities support management needs to ensure that the controls within the application systems are sufficient to ensure the reliability of the resulting information.

COBIT and Application Controls complements COBIT 4.1, dealing more specifically with application controls AC1 through AC6 as defined in COBIT 4.1. Providing this increased detail around application controls will help to improve overall understanding of how application controls help enterprises maintain information integrity.

“This is a useful document for raising management awareness of roles and responsibilities related to application controls,” said Gary Hardy, CGEIT, founding member of the COBIT Steering Committee. “It provides guidance for those who design, implement, operate, manage and assess application controls. By offering it in Japanese, we are reaching out to another very important audience of professionals. ”

Business and IT management and business process owners will find COBIT and Application Controls helpful as it uses business language and tries to minimize “audit-speak.” Developers, users, auditors and compliance practitioners will also use this publication, which is relevant for all industries around the world.


5,000th Professional Earns ISACA’s CRISC Certification

Taken from BlogRolling Meadows, IL, USA (24 February 2011)—Ten months into the rigorous grandfathering program for the new Certified in Risk and Information Systems Control (CRISC) credential,  the 5,000th candidate has earned the CRISC certification from ISACA.


The limited-time grandfathering program enables highly experienced professionals to apply for the CRISC credential without taking the CRISC exam by exhibiting additional years of related experience. ISACA, a nonprofit association of more than 95,000 IT professionals worldwide, requires applicants to prove at least eight years of IT or business experience, with six years of cumulative experience in the five CRISC (pronounced “see risk”) domain areas and three years of cumulative experience in the risk-related domains:


  • Risk identification, assessment and evaluation
  • Risk response
  • Risk monitoring
  • IS control design and implementation
  • IS control monitoring and maintenance 

Qualified candidates can apply for the CRISC certification through ISACA’s grandfathering program until 31 March 2011. The CRISC credential helps meet the need for professionals to demonstrate their proven ability to design, implement, monitor and maintain effective risk-based information systems controls.


The first CRISC exam will be administered on 11 June 2011. For additional information, visit The grandfathering application is available at


“Though it’s less than a year old, CRISC is already a globally respected and recognized certification because it demonstrates an ability to effectively manage IT-related business risk—a skill that is critical to the success of an organization,” said Urs Fischer, CISA, CRISC, chair of ISACA’s CRISC Certification Committee.


ISACA also administers the following three certifications, which are globally recognized by many industries, government entities and professionals:

  • Certified Information Systems Auditor (CISA), earned by 80,000 professionals since 1978
  • Certified Information Security Manager (CISM), earned by 15,000 professionals since 2002
  • Certified in the Governance of Enterprise IT (CGEIT), earned by more than 4,500 professionals since 2007 

Additional information about ISACA certifications is available at