ISACA to revamp IS Audit and Assurance Standards

Risk and compliance knowledge provider ISACA issues an exposure draft of IS audit standards; seeks feedback from Indian technology professionals.

Leading risk/governance and compliance knowledge provider ISACA has released the exposure draft of its revised Information Systems (IS) Audit and Assurance Standards, seeking feedback from IT professionals in India and abroad. According to ISACA, feedback will be accepted till December 28, 2012.

According to S V Sunderkrishnan, member - ISACA India task force and Chief Risk Officer, Reliance Life insurance, this revision refreshes and consolidates the existing standard in the context of new and contemporary certifications as well as risk scenarios. The revision claims to bring additional clarity and specificity to the standards in terms of applicability to different situations and environments with existing tools, techniques and programs. This makes it more prescriptive in nature. “Revision of the ISACA IS standard sharpens this framework for professionals, thus ensuring that it provides additional assurance to practitioners,” says Sunderkrishnan.

ISACA's refresh includes 17 standards that establish mandatory information systems requirements. The refreshed IS standards bring significant changes to the original IT Audit and Assurance Standards, first released in 1988 – now known as IS Audit and Assurance Standards. These revised standards have also been integrated into ISACA’s IT Assurance Framework (ITAF), a reference framework that includes other ISACA tools and techniques such as IT Audit programs.

Read more on IT risk management