Press release content from Business Wire. The AP news staff was not involved in its creation.
PRESS RELEASE: Paid content from Business Wire
Press release content from Business Wire. The AP news staff was not involved in its creation.

ISACA Issues New Blockchain, CASB Solutions and GDPR Audit Programs

March 19, 2019

SCHAUMBURG, Ill.--(BUSINESS WIRE)--Mar 19, 2019--Auditors face an onslaught of new technologies, systems and regulations to incorporate into assessments. New audit programs from global technology association ISACA give auditors additional frameworks for toolkits to provide assurance for blockchain, cloud access security brokers (CASBs) and the EU GDPR.

The  Blockchain Preparation Audit Program  helps organizations manage the preparation for using blockchain technology--the underlying distributed network system often associated with the decentralized cryptocurrency, bitcoin--found in applications across myriad industries. Covering all aspects of blockchain, from pre-implementation, governance, development, security, transactions and consensus, this program guides auditors in identifying and developing key policies, procedures and controls to mitigate risk and streamline processes prior to a blockchain implementation and includes a blockchain technology audit preparation program worksheet. By using this program, auditors gain tools to:

  • Provide management with an assessment of whether their proposed blockchain technology control environment is adequately designed and operationally effective
  • Identify potential blockchain risks which could result in reputational and/or material financial impact
  • Provide management with a holistic perspective on blockchain technology that considers both technical and non-technical factors.

To assist IT auditors assess the effectiveness of CASB solutions, ISACA releases the  Cloud Security Access Broker (CASB) Audit Program. Enterprises often use CASBs to manage risks, such as those associated with various deployment models, identity management, and compliance with data drive regulations. This audit program factors in several considerations auditors should keep in mind when assessing whether operational and compliance expectations can be met with their CASB deployment, including:

  • Data security, particularly as related to expectations of regulated data
  • Identity management of users, inclusive of privileged users and enhanced access groups
  • Mitigation of risks associated with different deployment models
  • Asset management and protection through security initiatives such as physical security and though program management (key management and incident response as examples).

Following the 25 May 2018 implementation date, the EU General Data Protection Regulation (GDPR) gives EU residents control over their personal data wherever this data may reside, standardizing regulation across the EU and the European Economic Area (EEA) as well as affecting all enterprises that process data from EU/EEA countries. The  GDPR Audit Program for Small and Medium Enterprises  offers an audit framework to assess how effectively GDPR is governed, monitored and managed. It provides guidance to:

  • Provide management with an assessment of GDPR policies and procedures and their operating effectiveness
  • Identify control weaknesses which could result in increased use of unsanctioned GDPR solutions (and higher likelihood that the solutions are not detected)
  • Evaluate the effectiveness of the organization’s practices and ongoing management of GDPR.

Blockchain Preparation Audit Program is free to members or for purchase by non-members for US $49. Both  Cloud Security Access Broker (CASB) Audit Program  and  GDPR Audit Program for Small and Medium Enterprises  are US $25 for members and US $49 for non-members.

For more information on ISACA’s audit and assurance programs, please visit  www.isaca.org/auditprograms.


Now in its  50 th  anniversary  year, ISACA ( isaca.org ) is a global association helping individuals and enterprises achieve the positive potential of technology. Today’s world is powered by information and technology, and ISACA equips professionals with the knowledge, credentials, education and community to advance their careers and transform their organizations. ISACA leverages the expertise of its 460,000 engaged professionals—including its 140,000 members—in information and cybersecurity, governance, assurance, risk and innovation, as well as its enterprise performance subsidiary,  CMMI Institute, to help advance innovation through technology. ISACA has a presence in 188 countries, including more than 220 chapters worldwide and offices in both the United States and China.

Twitter: www.twitter.com/ISACANews
LinkedIn: www.linkedin.com/company/isaca
Facebook:  www.facebook.com/ISACAHQ
Instagram: www.instagram.com/isacanews/

View source version on businesswire.com:https://www.businesswire.com/news/home/20190319005735/en/

CONTACT: Emily Van Camp, +1.847.385.7223, evcamp@isaca.org

Kristen Kessinger, +1.847.660.5512, communications@isaca.org




Copyright Business Wire 2019.

PUB: 03/19/2019 12:43 PM/DISC: 03/19/2019 12:43 PM