The IT Certification Resource Center

Featured Deal

Get CompTIA, Cisco, or Microsoft training courses free for a week.
Learn More ❯

ISACA Produces New Audit Program Based on NIST Framework

Rolling Meadows, IL, USA (10 January 2017) — Global business technology and information security association ISACA’s new audit program, based on the NIST Cybersecurity Framework, provides professionals and their enterprises key direction on cyber governance.


“Cybersecurity: Based on the NIST Cybersecurity Framework”, aligned with the COBIT 5 framework, is designed to provide management with an assessment of the effectiveness of its organization’s cyber security identify, protect, detect, respond, and recover processes and activities. The program also covers asset management, awareness training, data security, resource planning, recovery planning and communications.


“This audit program based on the NIST framework offers detailed guidance that can provide enterprise leaders confidence in the effectiveness of their organization’s cyber security governance, processes and controls,” said Christos Dimitriadis, Ph.D. CISA, CISM, CRISC, chair of ISACA’s Board of Directors and group director of Information Security for INTRALOT.


The program comes in an Excel spreadsheet. According to a supplementary overview, the primary security and control issues addressed in the program are:


  • Protection of sensitive data and intellectual property

  • Protection of networks to which multiple information resources are connected

  • Responsibility and accountability for the device and information contained on it


In the Recover section, testing steps are provided to help organizations put in place recovery planning that ensures timely restoration of systems or assets affected by cyber security events.


The program is free to ISACA members and available for purchase to non-members for US $45. It is among 14 audit/assurance programs offered by ISACA aligned with COBIT 5, the leading framework for the governance and management of enterprise IT.


ISACA audit programs have been developed and reviewed by audit/assurance professionals worldwide. They can be downloaded to allow customization that fits varying work environments.


The NIST Cybersecurity Framework is used by a wide range of organizations. ISACA has previously issued guidance on how organizations can implement NIST.



ISACA ( helps professionals around the globe realize the positive potential of technology in an evolving digital world. By offering industry-leading knowledge, standards, credentialing and education, ISACA enables professionals to apply technology in ways that instill confidence, address threats, drive innovation and create positive momentum for their organizations. Established in 1969, ISACA is a global association with more than 140,000 members and certification holders in 187 countries. ISACA is the creator of the COBIT framework, which helps organizations effectively govern and manage their information and technology. Through its Cybersecurity Nexus (CSX), ISACA helps organizations develop skilled cyber workforces and enables individuals to grow and advance their cyber careers.



LinkedIn: ISACA (Official),