The Information Systems Audit and Control Association or ISACA is an international, professional association that focuses on Information Technology or IT governance. This non-profit, global, and independent association is engaged in the development, adoption and use of globally accepted knowledge and practices of the Information system. It is responsible for providing benchmarks, guidance, and governance tools for organizations that use information systems. It also hosts international conferences focusing on technical as well as managerial topics related to IS assurance, security, control, and IT governance. It coordinates the following certification programs:
- Certified Information Systems Auditor (CISA)
- Certified Information Security Manager (CISM)
- Certified in the Governance of Enterprise IT (CGEIT)
- Control Objectives for Information and Related Technology (COBIT) 2019
- Certified in Risk and Information Systems Control (CRISC)
- Certified Data Privacy Solutions Engineer (CDPSE)
- Cybersecurity Nexus Practitioner (CSX-P)
The first cybersecurity certification from ISACA, CSX-P was introduced in 2015. To obtain the certification, all candidates are required to work in a live environment with real problems. Specifically, for the exam, test takers will work in a live network where a real incident is taking place. How candidates respond to the incident and fix the problem will determine the type of score.