Get expert guidance, research policies and procedures to stay ahead of the curve in your IT audit and assurance career.
Artificial Intelligence Audit Toolkit
As the use of AI increases and becomes more integral in enterprise product and service delivery, it will come under more audit scrutiny. Audit coverage and assessment techniques will need to be dynamic and multi-disciplinary to keep pace with the breakneck speed in advancement and continuous development of AI-enabled systems.
ISACA Cybersecurity Audit Program: Based on the NIST Cybersecurity Framework 2.0
ISACA has updated its Cybersecurity Audit Program, adapted from the National Institute of Standards and Technology (NIST) Cybersecurity Framework 2.0 (released in February 2024).
Zero Trust Audit Program
Zero Trust is a security model that requires all users of an organization's network to be authenticated, authorized, reviewed, and validated periodically to ensure appropriate access privileges are granted and maintained and more importantly rights are deactivated when they are no longer needed to perform work duties.
Google Cloud Platform Audit Program
With the continued growth and adoption of Google® Cloud Platform (GCP®) now representing the third largest provider of cloud services, ISACA has developed an audit program that helps auditors assess and test control coverage adequacy and effectiveness of GCP® services.
Identity and Access Management Audit Program
The ISACA Identity and Access Management Audit Program provides specific testing and evaluation criteria to assist auditors in assessing the adequacy of safeguards in place to mitigate IAM risks.
Audit Practitioner’s Guide to Machine Learning, Part 1: Technology
Machine learning (ML), a subset of artificial intelligence (AI), has been rapidly adopted by enterprises and governments around the world.
Audit Practitioner’s Guide to Machine Learning, Part 2: Compliance Risk
Machine learning (ML), a subset of artificial intelligence (AI), has been rapidly adopted by enterprises and governments around the world.
Physical and Environmental Security Audit Program
Cybersecurity and audit practitioners may talk in terms of physical security being a part of cybersecurity or physical security being a subset of cybersecurity. While there may be differences of opinion in how physical security is defined in terms of cybersecurity, there is agreement that physical security may be overlooked while digital threats are considered from many perspectives.
Database Audit Program
Databases, comprised of data and database management systems, store data so that they can be used by different programs without concern for the data structure or organization. The ability of databases to accommodate large volumes of data, has led databases to be widely adopted.
COBIT for DevOps Audit Program
ISACA developed this audit program as a companion to COBIT Focus Area: DevOps, Using COBIT® 2019. The focus area publication describes how COBIT framework concepts apply to DevOps and is intended to help enterprises evaluate management practices important to the development of an effective governance system over DevOps.
VPN Security Audit Program
Virtual Private Networks (VPNs) are relied on to give remote workers access to the corporate network securely. As the number of remote workers and the duration of remote work have increased (from remote working being temporary to potentially permanent), awareness of VPNs has grown. Now, enterprises are questioning how secure VPNs are.
Advance your expertise and add to your career potential or enterprise skillset with training developed and delivered by the experts in IT audit.
Certified Information Systems Auditor (CISA)
The CISA certification is world-renowned as the standard of achievement for those who audit, control, monitor and assess an organization’s information technology and business systems. This certification is a must have for entry to mid-career IT professionals looking for leverage in career growth. The CISA exam is now available via remote proctoring!
CISA Exam Prep from ISACA
Whether you prefer to prep on your own time or with the additional guidance and interaction that comes with live, expert instruction, ISACA has the right test prep solutions for every professional. Choose what works for your schedule and your studying needs.
Zero Trust Audit Program
Zero Trust is a security model that requires all users of an organization's network to be authenticated, authorized, reviewed, and validated periodically to ensure appropriate access privileges are granted and maintained and more importantly rights are deactivated when they are no longer needed to perform work duties.
View IT Audit Publications and Resources
Gain additional insight and guidance on leveraging the IT Audit framework to create and maintain the most effective techniques and understanding to manage IT Audit.