sb-au logo
Story image

ISACA provides cyber governance roadmap for enterprise security

17 Jan 2017

ISACA has given professionals and enterprises a roadmap and direction for the areas of cyber governance, with the launch of its new audit program that is based on the National Institute of Standards and Technology (NIST) Cybersecurity Framework.

The new audit program provides assessments of organisations’ security practices, including the ‘identify, protect, detect, respond and recover’ processes. It also helps organisations with asset management, awareness training, data security, resource planning, recovery planning and communications.

“This audit program based on the NIST framework offers detailed guidance that can provide enterprise leaders confidence in the effectiveness of their organisation’s cyber security governance, processes and controls,” says Christos Dimitriadis, chair of ISACA’s Board of Directors and group director of Information Security for Intralot.

ISACA says the program is in an Excel spreadsheet, which addresses primary security and control issues.

The issues include protection of sensitive data and intellectual property, protection of networks that connect multiple resources, and responsibility and accountability for devices and the information within.

The recover section includes testing steps to help organisations implement recover planning for timely restoration of assets and systems after security incidents, ISACA says.

The ISACA audit program is free to ISACA members and available for purchase to non-members.

ISACA runs 14 audit/assurance programs that have been developed and reviewed by professionals worldwide.

Story image
Cyber-risk to critical infrastructure reaches all-time high — report
New research from Nozomi Networks Labs found that attackers are doubling down on high-value targets and weaponising the software supply chain.More
Story image
IWD 2021: Ping Identity manager on women in the cybersecurity industry
By changing the perception of IT security roles, you are instantly addressing a wider available talent pool, writes Ping Identity marketing manager for ANZ Vivienne Horsfall.More
Story image
Dicker Data scores One Identity distribution agreement for Australia
Dicker Data has entered into a distribution agreement with One Identity, a Quest Software company specialising in identity-centric security. The agreement was effective as of 1 March 2021.More
Story image
Leader wins Acronis distribution agreement, brings cyber protection solutions to Aus
The agreement covers the entire Acronis Cyber Protect Cloud solution portfolio, which includes cybersecurity, backup, disaster recovery, secure file sync and share, as well as notary services.More
Story image
Video: 10 Minute IT Jams - Who is Interactive?
Interactive is Australia’s largest privately owned IT company, providing cloud and managed services for data centre, business continuity and hardware maintenance.More
Story image
Kaspersky ranked number one in channel partner satisfaction
“Being recognised for the second consecutive year as the number one cybersecurity vendor for channel satisfaction, reflects the investment we have made in the Kaspersky United partner program over the past two years."More