April 6, 2011

Understanding the ISACA Code of Professional Ethics

The Information Systems Audit and Control Association (ISACA) set forth a code governing the professional conduct and ethics of all certified IS auditors and members of the association. As a CISA, you are bound to uphold this code. The following eight points represent the true spirit and intent of this code:
  • You agree to support the implementation of appropriate policies, standards, guidelines, and procedures for information systems. You will also encourage compliance with this objective.

  • You agree to serve the interests of stakeholders in an honest and lawful manner that reflects a credible image upon your profession. The public expects and trusts auditors to conduct their work in an ethical and honest manner.

  • You promise to maintain privacy and confidentiality of information obtained during your audit except for required disclosure to legal authorities. Information you obtain during the audit will not be used for personal benefit.

  • You agree to undertake only those activities in which you are professionally competent and will strive to improve your competency. Your effectiveness in auditing depends on how evidence is gathered, analyzed, and reported.

  • You promise to disclose accurate results of all work and significant facts to the appropriate parties.

  • You agree to support ongoing professional education to help stakeholders enhance their understanding of information systems security and control.

  • The failure of a CISA to comply with this code of professional ethics may result in an investigation with possible sanctions or disciplinary measures.
Ethics statements are necessary to demonstrate the level of honesty and professionalism expected of every auditor. Overall, your profession requires you to be honest and fair in all representations you make. The goal is to build trust with clients. Your behavior should reflect a positive image on your profession. All IS auditors are depending on you to help maintain the high quality and integrity that clients expect from a CISA.
Every CISA should have a strong understanding of these objectives and how each would apply to different audit situations.


  1. This is a nice blog.its information very useful for visitor.Thanks for share it.....................

    Network Security in Andhra Pradesh

  2. Thanks for sharing such a great information, Hope you will publish more.
    I really appreciate the blog,
    Please publish more blogs like this
    To know more about CIA do visit the below mentioned Link-
    Again thanks for providing great quality blogs...

  3. Hey, It's really great post.
    CISA Training
    Thank you for sharing with us. Keep Posting.
    Good luck

  4. 100% Pass Guarantee is offered by us after Certified Information Systems Security Professional CISSP exam preparation, with Prepare4Test’s exam dumps. You can pass the CISSP exam in the first go with good marks, and it will be easy for you to attempt all CISSP questions.

  5. Download the ISC2 ISSMP Q&A PDF file easily to prepare Information Systems Security Management Professional Exam. It is particularly designed for ISC2 ISSMP exam and our ISC2 specialists have created this ISSMP Question Dumps observing the original ISSMP exam.