View More »

ISACA awarded Professional Body of the Year 2018


ISACA takes a stand

  • View ISACA Position Papers
  • GDPR standards and recommendations
  • Ongoing communication with major legislative bodies including, US, London and EU.
  • Working in tandem with other global industry organizations on the data policy alliance Parliamentary group.
  • Working toward refining standards and championing efforts for:
    • Gender Equality, with She Leads Tech
    • Artificial Intelligence
    • Cybersecurity
    • Creating career paths for students and recent graduates
    • Outreach to women of diversity, facilitating job training and placement.

The ISACA Advocacy team is here to help our constituent base have a presence and participation in the global IT market. We work on growing, refining and recommending best practices for the industry to advance the future of IT/IS audit, assurance, security, cybersecurity, privacy, risk and governance.



Get Involved

There is great strength in working together and sharing. ISACA collaborates with other professional non-profit and standard setting organizations to address and respond to issues of mutual importance, provide professional guidance and to offer training and professional development opportunities. Such cooperation is aimed at both a global and local level. If you are interested in exploring opportunities to collaborate with ISACA, please contact the public affairs team.



Issues Affecting You

ISACA uses subject matter experts to provide input into various regulatory and legislative issues impacting the profession and that further the mission of the organization. Our work is done on a global scale. Please contact the public affairs team if you are interested in participating or have a guidance or piece of legislation you’d like to see ISACA provide comments on as an organization.


Areas of Concentration

ISACA is focused on identifying, building and advancing institutional partnerships and relationships with a wide range of external entities that will ensure that ISACA and its partners have broader reach, impact and influence worldwide. If you are interested in exploring innovative new partnerships with ISACA, please contact Shannon Donohue, ISACA Futures.


GDPR Resources

ISACA is already acknowledged as a global thought leader in the information risk, governance and security space, providing relevant guidance and internationally recognized certifications. This, together with ISACA’s strong European presence, means that ISACA is ideally positioned to provide practical and pragmatic guidance to assist organizations to prepare for the requirements of GDPR, particularly in the areas of privacy by design, appropriate security protection and the role of the Data Protection Officer.

   • GDPR Resource Center   • US Findings from Global Survey   • Survey: Fewer Than 1 in 3 Companies Ready for May 25 GDPR Deadline   • GDPR Explained – Video   • ISACA GDPR Position Paper   • Preparing for GDPR



The SheLeadsTech program aims to increase the representation of women in technology leadership roles and the tech workforce. To learn more about the program and how you can participate, visit


Contact Us

To suggest other potential Government or Regulatory activities involving ISACA please contact:



Highlights of ISACA’s recent public affairs

Funds dedicated to public affairs heighten lawmakers’ awareness of ISACA, its members, certifications and the valuable guidance ISACA provides for IT security and audit practitioners.

United States

  • Sent letter to Senate Committee Chairman on Banking, Housing and Urban Affairs in support of Section 216 of the Economic Growth, Regulatory Relief, and Consumer Protection Act (S. 2155). “The bill directs Treasury to report on the risks of cyber threats to financial institutions and capital markets.” (S.2155)
  • ISACA’s SVP of Global Affairs served as a panelist in a GDPR discussion with the US House of Representatives Cybersecurity Caucus on Friday, 25 May 2018. Topics covered included: a general overview of GDPR; how we will know if GDPR has succeeded from a data protection perspective; top priorities for constructing a data protection law for the US; and general GDPR compliance guidance.
  • Provided awareness of the introduction and passage of the California Consumer Privacy Act of 2018 via letter and social media to ensure ISACA members in California were aware of this unprecedented privacy legislation moving through the state legislature. In addition, the Advocacy Department provided insight with respect to the potential implications of this new law.
  • Executed a grassroots letter campaign in response to proposed changes in Louisiana’s “Occupational Licensing Review Act” that had the potential to lessen the value of ISACA certifications in Louisiana. The legislation was ultimately amended to remove the objectionable language. Additionally, ISACA submitted its own letter and partnered with C3, a cybersecurity coalition to submit a letter to the bill’s author.

United Kingdom

  • ISACA joined Parliament member, Lord James Arbuthnot, in hosting an educational dinner for the UK House of Parliament (to provide education on cyber-related themes (threat landscape, skills gap, policy development). Attendees included Rt Hon the Baroness Neville-Jones, Rt Hon the Lord West of Spithead, the Lord Harris of Haringey, and representatives from the UK government, industry and academia.
  • Provided demonstrations of the CMMI Cybermaturity Platform (CCP) for government for consideration of bringing on board, Parliament and senior decision-makers from the following UK Government Offices: Department of Digital, Culture, Media and Sport; National Audit Office; Information Commissioners Office; and Patent Office of the National Cabinet Office.
  • Financial Stability Board published Cyber Lexicon consultation. ISACA is cited eight times throughout the body of work with definitions and key references thanks to ISACA’s engagement in the initial meeting to develop the lexicon. ISACA prepared consultation response as well.
  • ISACA secured four mentions in the United Kingdom’s Joint Committee on the National Security Strategy, Cyber Security Skill and the UK’s Critical National Infrastructure report based on feedback provided in consultation.

European Union

  • European Data Protection Supervisor used ISACA thought leadership in IT guidelines (enterprise engagement, COBIT). Sent letter thanking him.
  • Responded to ENISA official’s request to provide desired engagement with ENISA moving forward.
  • Implementing EU roadmap focused on cyber skills gap, which is directly tied to the Cybersecurity Act.