Description

Information Systems Security is a critical area of inquiry and scholarship in our field, yet relatively little is known about the process by which scholars and professionals become certified as security experts for purposes of assessing the quality of information security implementations. The Information Systems Audit and Control Association (ISACA.org) is the professional association that serves as a bridge between the expertise area from which auditing skills are delivered and assessed and the areas in which information systems security is developed and delivered, effectively bridging the practices of accounting and IT Security. Individuals skilled in accounting, such as graduates from combined Accounting/Information Systems departments in business schools are naturally oriented to such industry groups and certifications, but the mainstream IT practice and literature is not. This panel will serve to brief IT Security researchers interested in the process of auditing on the values and procedures of the certification process with implications for understanding corporate IT Security performance as a function of auditing expertise represented at the highest levels of organizational decision making.

Share

COinS
 
Aug 10th, 12:00 AM

The Role of Accounting and Professional Associations in IT Security Auditing

Information Systems Security is a critical area of inquiry and scholarship in our field, yet relatively little is known about the process by which scholars and professionals become certified as security experts for purposes of assessing the quality of information security implementations. The Information Systems Audit and Control Association (ISACA.org) is the professional association that serves as a bridge between the expertise area from which auditing skills are delivered and assessed and the areas in which information systems security is developed and delivered, effectively bridging the practices of accounting and IT Security. Individuals skilled in accounting, such as graduates from combined Accounting/Information Systems departments in business schools are naturally oriented to such industry groups and certifications, but the mainstream IT practice and literature is not. This panel will serve to brief IT Security researchers interested in the process of auditing on the values and procedures of the certification process with implications for understanding corporate IT Security performance as a function of auditing expertise represented at the highest levels of organizational decision making.