by Angela Guess

A recent press release reports, “Global business technology and information security association ISACA’s new audit program, based on the National Institute of Standards and Technology (NIST) Cybersecurity Framework, provides professionals and their enterprises key direction on cyber governance. ‘Cybersecurity: Based on the NIST Cybersecurity Framework’, aligned with the COBIT 5 framework, is designed to provide management with an assessment of the effectiveness of its organisation’s cyber security identify, protect, detect, respond, and recover processes and activities. The program also covers asset management, awareness training, data security, resource planning, recovery planning and communications. ‘This audit program based on the NIST framework offers detailed guidance that can provide enterprise leaders confidence in the effectiveness of their organisation’s cyber security governance, processes and controls,’ said Christos Dimitriadis, Ph.D. CISA, CISM, CRISC, chair of ISACA’s Board of Directors and group director of Information Security for INTRALOT.”

The release goes on, “The program comes in an Excel spreadsheet. According to a supplementary overview, the primary security and control issues addressed in the program are: (1) Protection of sensitive data and intellectual property, (2) Protection of networks to which multiple information resources are connected, (3) Responsibility and accountability for the device and information contained on it. In the Recover section, testing steps are provided to help organisations put in place recovery planning that ensures timely restoration of systems or assets affected by cyber security events. The program is free to ISACA members and available for purchase to non-members for USD $45 (approx. AUD$60). It is among 14 audit/assurance programs offered by ISACA aligned with COBIT 5, the leading framework for the governance and management of enterprise IT.”

Read more at PR Wire.

Photo credit: ISACA