ISACA

---

title: "ISACA" type: doc version: 1 created: 2026-02-28 author: "Wikipedia contributors" status: active scope: public tags: ["information-technology-organizations", "computer-security-organizations", "auditing-organizations", "organizations-established-in-1967", "professional-accounting-bodies"] description: "International professional association focused on IT" topic_path: "technology/computing" source: "https://en.wikipedia.org/wiki/ISACA" license: "CC BY-SA 4.0" wikipedia_page_id: 0 wikipedia_revision_id: 0

::summary International professional association focused on IT ::

::data[format=table title="Infobox organization"]

Field	Value
name	Information Systems Audit and Control Association
logo	ISACA logo.png
abbreviation	ISACA
formation	1969
type	501(c)(6)
tax_id	23-7067291
registration_id
purpose	To advance the pursuit of digital trust and the positive potential of technology.
headquarters	Schaumburg, Illinois
coords
region	Global
membership	169,000 (as of Dec 2022)
language	English
leader_title	CEO
leader_name	Erik Prusch
leader_title2	Board Chair
leader_name2	John De Santis
revenue	USD $100.36 million (2022)
expenses	USD $107.80 million (2022)
staff	300+ (2022)
volunteers	2,400 (2023)
website
formerly	EDP Auditors Association
footnotes
::

| name = Information Systems Audit and Control Association | native_name = | native_name_lang = | named_after = | image = | image_size = | alt = | caption = | logo = ISACA logo.png | logo_size = | logo_alt = | logo_caption = | map = | map_size = | map_alt = | map_caption = | abbreviation = ISACA | motto = | predecessor = | merged = | successor = | formation = 1969 | founder = | founding_location = | merger = | type = 501(c)(6) | tax_id = 23-7067291 | registration_id = | status = | purpose = To advance the pursuit of digital trust and the positive potential of technology. | headquarters = Schaumburg, Illinois | location = | coords = | region = Global | membership = 169,000 (as of Dec 2022) | membership_year = | language = English | leader_title = CEO | leader_name = Erik Prusch | leader_title2 = Board Chair | leader_name2 = John De Santis | board_of_directors = | key_people = | main_organ = | parent_organization = | subsidiaries = | secessions = | affiliations = | budget = | budget_year = | revenue = USD $100.36 million (2022) | expenses = USD $107.80 million (2022) | endowment = | staff = 300+ (2022) | staff_year = | volunteers = 2,400 (2023) | volunteers_year = | slogan = | mission = | website = | remarks = | formerly = EDP Auditors Association | footnotes = ISACA (formally the Information Systems Audit and Control Association) is an international professional association focused on IT (information technology) governance.

ISACA currently offers 8 certification programs, as well as other micro-certificates.

History

ISACA originated in United States in 1967, when a group of individuals working on auditing controls in computer systems started to become increasingly critical of the operations of their organizations. They identified a need for a centralized source of information and guidance in the field. In 1969, Stuart Tyrnauer, an employee of the (later) Douglas Aircraft Company, incorporated the group as the EDP Auditors Association (EDPAA). Tyrnauer served as the body's founding chairman for the first three years. In 1976 the association formed an education foundation to undertake large-scale research efforts to expand the knowledge of and value accorded to the fields of governance and control of information technology.

The association became the Information Systems Audit and Control Association in 1994.

the organization had dropped its long title and branded itself as ISACA.

In March 2016, ISACA bought the CMMI Institute, which is behind the Capability Maturity Model Integration.

In January 2020, ISACA updated and refreshed its look and digital presence, introducing a new logo.

Current status

ISACA currently serves more than 185,000 constituents (members and professionals holding ISACA certifications) in more than 180 countries. The job titles of members are such as IS auditor, consultant, educator, IS security professional, regulator, chief information officer, chief information security officer and internal auditor. They work in nearly all industry categories. There is a network of ISACA chapters with more than 225 chapters established in over 180 countries. Chapters provide education, resource sharing, advocacy, networking and other benefits. There are more than 90 global student groups.

Major publications

• COBIT ISACA Framework

• Frameworks, Standards and Models

  • Blockchain Framework and Guidance
  • Risk IT Framework
  • IT Audit Framework - (ITAF™): A Professional Practices Framework for IT Audit, 4th Edition
  • Business Model for Information Systems (BMIS)
  • Capability Maturity Model Integrated(CMMI)

• Information System Control Journal

• Insights and Expertise

  • Audit Programs and tools
  • Publications - over 200 professional publications and Guidance on Audit & Assurance, Emerging Technology, Governance, Information Security, Information Technology, Privacy, Risk. Some of the topics include:
    • Artificial Intelligence
    • Blockchain
    • Certification Exam Prep Guides for Certified Information Systems Auditor® (CISA®)CISA,AAIA,CISM,CRISC,CDPSE,CGEIT,CCOA,CSX-P and several Certificate Courses
    • Cloud Computing
    • COBIT
    • Compliance
    • Cybersecurity
    • Data Governance
    • Data Science
    • Internet of Things
    • Network Infrastructure
    • Software Development
    • Threats and Controls
    • Vendor Management
    • Young Professionals

• White Papers - Over 200 white papers on a range of contemporary topics

• News and Trends

Certifications

• Certified Information Systems Auditor (CISA,1978)
• Certified Information Security Manager (CISM, 2002)
• Certified in the Governance of Enterprise IT (CGEIT, 2007)
• Certified in Risk and Information Systems Control (CRISC, 2010)
• Cybersecurity Practitioner Certification (CSX-P, 2015)
• Certified Data Privacy Solutions Engineer (CDPSE, 2020)
• Information Technology Certified Associate (ITCA, 2021)
• Certified in Emerging Technology (CET, 2021)
• Certified Cybersecurity Operations Analyst (CCOA, 2025)
• Advanced in AI Audit (AAIA, 2025)
• Advanced in AI Security Management (AAISM, 2025)

The CSX-P, ISACA's first cybersecurity certification, was introduced in the summer of 2015. It is one of the few certifications that require the individual to work in a live environment, with real problems, to obtain a certification. Specifically, the exam puts test takers in a live network with a real incident taking place. The student's efforts to respond to the incident and fix the problem results in the type of score awarded.

AAISM was introduced in 2025 for experienced IT professionals to address AI-specific threats.

Certificates

• IT Audit Fundamentals Certificate
• IT Risk Fundamentals Certificate
• Certificate of Cloud Auditing Knowledge
• Cybersecurity Audit Certificate
• Computing Fundamentals Certificate
• Networks and Infrastructure Fundamentals Certificate
• Cybersecurity Fundamentals Certificate
• Software Development Fundamentals Certificate
• Data Science Fundamentals Certificate
• Cloud Fundamentals Certificate
• Blockchain Fundamentals Certificate
• IoT Fundamentals Certificate
• Artificial Intelligence Fundamentals Certificate
• COBIT Design and Implementation
• Implementing the NIST Cybersecurity Framework Using COBIT 2019
• COBIT Foundation
• COBIT 5 Certificates

References

References

1. (9 May 2013). "INFORMATION SYSTEMS AUDIT AND CONTROL ASSOCIATION INC Form 990 2015". ProPublica.
2. "About us". ISACA.
3. "ISACA's Annual Reports". ISACA.
4. "Board of Directors". ISACA.
5. "ISACA Overview and History".
6. Vacca, John. (2009). "Computer and Information Security Handbook". Elsevier Inc.
7. Katsikas, Sokratis K.. (2000). "Information Security for Global Information Infrastructures". Springer.
8. (June 1995). "Auditing & systems: objective questions and explanations". Accounting Publications.
9. (2008). "Audit Committee Essentials". John Wiley & Sons.
10. "ISACA Acquires CMMI Institute".
11. "New Look Marks a New Era for ISACA".
12. "History of ISACA".
13. "About Our Chapter – Isaca".
14. "Recognized ISACA® Student Groups".
15. "Making the Mark: The Importance of Certification".
16. "CSX-P | Cybersecurity Practitioner".
17. "Certified Data Privacy Solutions Engineer".
18. "Shift Your Career into Higher and Higher Gear". ISACA.
19. "New ISACA certification to help upskill IT professionals". Westwick-Farrow Pty Ltd.
20. "Fast Track Your Career in Emerging Technology". ISACA.
21. (21 April 2021). "New certification program trains cyber pros in cloud, IoT and other emerging tech". CyberRisk Alliance, LLC.
22. (16 April 2015). "ISACA is First to Combine Skills-based Cybersecurity Training with per".
23. Maundrill, Beth. (2025-08-20). "ISACA Launches AI-Centric Security Management Certification".

::callout[type=info title="Wikipedia Source"] This article was imported from Wikipedia and is available under the Creative Commons Attribution-ShareAlike 4.0 License. Content has been adapted to SurfDoc format. Original contributors can be found on the article history page. ::