ISACA Seeks Public Feedback on IS Audit and Assurance Guidelines
Rolling Meadows, Illinois, USA (1 October 2013)—ISACA, a nonprofit association of more than 110,000 information systems (IS) audit, security, risk and governance professionals, is seeking public comment on the updates to the IS Audit and Assurance Guidelines.The exposure drafts of the 18 guidelines are at www.isaca.org/standardexposure. Comments will be accepted through 31 December 2013.
The guidelines support the Standards for IS Audit and Assurance, which also were recently updated after public exposure. ISACA introduced the standards in 1988 and is dedicated to keeping them current. The updated standards address IS audit and assurance professionals’ roles and responsibilities, and become effective 1 November 2013. The standards are also fully integrated into the IT Assurance Framework (ITAF), 2nd Edition, a living reference framework that includes references to other ISACA tools and techniques, such as COBIT 5. Previous standards will be withdrawn when the new standards become effective.
“The IS Audit and Assurance Guidelines assist IS audit and assurance professionals in complying with the new standards,” said Steven Sizemore, CISA, CIA, CGAP, IT audit manager for Texas Health and Human Services and chair of ISACA’s Professional Standards and Career Management Committee. “The committee welcomes feedback from the public exposure period and will review every response to ensure the updated guidelines meet the needs of these professionals.”
The ISACA Professional Standards and Career Management Committee plans to issue the updated guidelines in the third quarter of 2014.
“While the standards represent high-level principles that auditors must follow when conducting an IS audit and assurance engagement, the guidelines deliver the ‘meat on the bone’ of the standards,” said Ian Sanderson, CISA, CRISC, FCA, chief financial reporting officer of the NATO Supply Agency and member of ISACA’s Professional Standards Committee. “The guidelines are an essential tool for all IS audit and assurance professionals. They elaborate on the standards and provide practical guidance to meet their requirements.”