Current Issue: Volume 6  20 March 2019

@ISACA is a biweekly publication available from this page and delivered via email to ISACA members and subscribers. This electronic newsletter features timely industry and ISACA news, as well as features and updates relevant to our readers.

Tips From Industry Experts

Antonio Ramos Garcia
By Antonio Ramos Garcia, CISA, CRISC, CISM, Jonah

In 2018, the General Data Protection Regulation (GDPR) came into effect in the European Union, leading many organizations to continuously work to adhere to the regulation. Once internal procedures have adapted to GDPR, organizations must work with third parties and providers, known in this context as data processors, to become completely GDPR-compliant. Read More >>

Diving Into NIST Risk Management Framework Revision 2

The US National Institute of Standards and Technology (NIST) recently updated its Risk Management Framework (RMF). Revision 2 (V2) provides updates and changes to the 2014 NIST RMF that considers privacy, supply chain security, and software and system security. Read More >>

Find Talented Professionals and Employers at ISACA Online Career Fair

Finding the right match between employer and employee can be tricky. Whether you are a potential candidate or a potential employer, the ISACA Online Career Fair is for you. ISACA is hosting this member-exclusive online career fair on 3 April from 10AM – 2PM CDT (UTC -5 hours). Read More >>


In November 2018, ISACA surveyed security managers and practitioners for its global State of Cybersecurity survey. The insights and findings from this survey have helped to build this year’s State of Cybersecurity 2019 report—data and analysis intended to help cyberprofessionals manage, understand and address current cybersecurity trends. Read More >>


Based on the real day-to-day job tasks of the cybersecurity professional, ISACA has developed a new accelerated path to earning the Cybersecurity Nexus (CSX) Cybersecurity Practitioner (CSXP) credential. Anyone who currently holds an ISACA certification (Certified Information Systems Auditor [CISA], Certified in Risk and Information Systems Control [CRISC], Certified Information Systems Manager [CISM], Certified in Governance of Enterprise IT [CGEIT]), ISACA’s Cybersecurity Fundamentals Certificate or one of the following credentials is eligible for the accelerated path Read More >>

By Dirk Steuperaert, CISA, CRISC, CGEIT

It was late 1995 when Erik Guldentops, my then boss at SWIFT, relentlessly insisted that his auditor team “think about the concept ‘control objective’ and how they would define it in simple words.” Guldentops never feared giving those around him a good challenge. Little did I know that this first contact with COBIT, because that was what it ultimately would become, would be followed by many more. Read More >>