2007 Annual Report ISACA ® I IT Governance Institute ® LEARN EXCEL UNDERSTAND MEET GROW COMPLY DISCOVER APPLY LEARN EXCEL UNDERSTAND MEET GROW COMPLY DISCOVER APPLY LEARN EXCEL UNDERSTAND MEET GROW COMPLY DISCOVER APPLY LEARN EXCEL UNDERSTAND MEET GROW COMPLY DISCOVER APPLY serving people and the profession
32
Embed
UNDERSTAND ISACA IT Governance Institute MEET … MEET GROW COMPLY DISCOVER APPLY ... to simplify our planning and keep our eyes focused on the ultimate endgame, ... trying one …
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
2007Annual Report
ISACA® I IT Governance Institute®
LEARN
EXCEL
UNDERSTAND
MEET
GROW
COMPLY
DISCOVER
APPLY
LEARN
EXCEL
UNDERSTAND
MEET
GROW
COMPLY
DISCOVER
APPLY
LEARN
EXCEL
UNDERSTAND
MEET
GROW
COMPLY
DISCOVER
APPLY
LEARN
EXCEL
UNDERSTAND
MEET
GROW
COMPLY
DISCOVER
APPLY
servingpeople and theprofession
ISACA® (www.isaca.org) got its start in 1967, when a small group of individuals with similar jobs—auditing controls in
the computer systems that were becoming increasingly critical to the operations of their organizations—sat down to discuss
the need for a centralized source of information and guidance in the field. In 1969, the group formalized, incorporating as
the EDP Auditors Association.
The IT Governance Institute® (ITGITM) (www.itgi.org) was created in 1998 to assist enterprise leaders in their responsibility
to make IT successful in supporting the enterprise’s mission and goals. Its goals are to raise awareness and understanding
among, and provide guidance and tools to, boards of directors, executive management and CIOs to enable them to ensure
within their enterprises that IT meets and exceeds expectations, and its risks are mitigated.
Since their inception, ISACA and ITGI have become pace-setting global organizations for IT governance, security, control
and assurance professionals. Together, ISACA and ITGI lead the IT control community and serve its practitioners by providing
elements critical to professionals in an evolving industry: a code of ethics, research, a common body of knowledge,
The accompanying notes are an integral part of these statements.
A S S O C I A T I O N A N D I N S T I T U T E C O M B I N E D F I N A N C I A L S T A T E M E N T S
19
N O T E S T O C O M B I N E D F I N A N C I A L S T A T E M E N T S
Notes to Combined Financial StatementsInformation Systems Audit and Control Association Inc. and IT Governance Institute Inc.31 December 2007 and 2006
Note A—OrganizationThe “Organization” consists of the Information Systems Audit and Control Association,Inc. (the “Association”) and the IT Governance Institute, Inc. (the “Institute”). TheAssociation’s and Institute’s financial statements are presented on a combined basis.The Association has an economic interest in the Institute due to the inter-relationship ofeducation and research activities. The Organization operates on a global basis, with themajority of revenues and net assets attributable to the Association, the predominantentity within the Organization. The Organization maintains its books and records at itsheadquarters building located in Rolling Meadows, Illinois.
The Association was incorporated in 1969 under the name of the Electronic DataProcessing Auditors Association. The name of the Association, as approved at theannual general membership meeting held 26 July 1993, was changed to InformationSystems Audit and Control Association, Inc. The Association was organized to providecontinuing professional education and development in information systems audittechniques and standards to its members. The Association is an internationalorganization that includes 177 international chapters (the “Chapters”) with more than82,000 members. The Association also has responsibility for the Certified InformationSystems Auditor (“CISA”) and Certified Information Security Manager (“CISM”)Certification Programs, with more than 43,100 and 7,200 individuals, respectively,currently certified as of 31 December 2007.
The Institute was incorporated under the name of the Electronic Data ProcessingAuditors Foundation, a California not-for-profit corporation. The Board of Trustees ofthe Institute formally approved a change of the name of the Institute to the InformationSystems Audit and Control Foundation, Inc. at the 5 February 1994 Board of Trusteesmeeting and, subsequently, to the IT Governance Institute, Inc. at the 3-4 May 2003Board of Trustees meeting. The Institute was organized for the purpose of providingprofessional education and research in information systems audit and controltechniques and standards. The objectives of the Institute are to conduct research andpublish authoritative information on information systems auditing and control.
Note B—Summary of Significant Accounting PoliciesBasis of PresentationThe combined financial statements include the assets, liabilities, net assets andfinancial activities of the Organization. Significant intercompany balances have beeneliminated. The Chapters are not fiscally accountable to the Organization and,accordingly, have not been included in the accompanying combined financialstatements.
Cash and Cash EquivalentsCash and cash equivalents consist primarily of interest-bearing deposits to be used foroperating purposes. These deposits are carried at fair value, which approximates cost.
InvestmentsInvestments are carried at fair value based on quoted market prices. Managementconsiders all realized and unrealized gains and losses as non-operating activities.Interest income and dividends are considered operating revenue. Gains and losses oninvestments include net realized and unrealized gains and losses.
Concentration of Credit RiskThe Organization maintains cash balances at several financial institutions, which areinsured by the Federal Deposit Insurance Corporation up to $100,000. Uninsuredbalances totaled $8,061,933 and $6,930,728 at 31 December 2007 and 2006,respectively. The Organization has not experienced any losses in such accounts, andbelieves that it is not exposed to any significant credit risk on cash and cashequivalents.
Accounts ReceivableAccounts receivable are due within 30 days and are stated at amounts due fromcustomers net of an allowance for doubtful accounts. Accounts outstanding longerthan the contractual payment terms are considered past due. The Organizationdetermines its allowance for doubtful accounts by considering a number of factors,including the length of time trade accounts receivable are past due, the Organization’sprevious loss history, the customer’s current ability to pay its obligation to theOrganization and the condition of the general economy and the industry as a whole.The Organization writes off accounts receivable when they become uncollectible, andpayments subsequently received on such receivables are credited to the allowance fordoubtful accounts.
InventoryInventory consists solely of study aids and other publications printed for theOrganization for sale to its members and interested outside parties. Inventory is valuedat the lower of cost or market, and cost is determined by the average cost method.Provisions for obsolete items are based on estimated future usage as related toquantities of stock on hand.
Fixed AssetsFixed assets are carried at cost. Depreciation on furniture, fixtures, equipment and thecomputer system is computed using the straight-line method. The estimated usefullives of the related assets range from 2 to 10 years. Leasehold improvements areamortized using a straight-line basis over the shorter of the lease terms or theirestimated useful lives. Depreciation expense totaled $455,983 and $418,896 for 2007and 2006, respectively.
Net AssetsThe net assets, revenues, expenses, gains and losses are classified based on theexistence or absence of donor-imposed restrictions, using the following classifications:
• Unrestricted - Represents unrestricted resources available for support of daily operations and contributions received for which no donor restriction has been put on their use. The Board may designate certain net assets for a particular function or activity.
20
N O T E S T O C O M B I N E D F I N A N C I A L S T A T E M E N T S
The components of investment income for the years ended December 31, 2007 and2006, are as follows:
2007 2006Interest and dividends $ 1,681,150 $ 1,383,128Net realized and unrealized gainon marketable securities 54,196 841,412
$ 1,735,346 $ 2,224,540
Note D—Related-Party TransactionsAs a service to the Chapters, the Organization includes the amount of individual chapterdues with its annual billing and, on a monthly basis, remits to the Chapters amountscollected on their behalf. The balances of $1,276,434 and $899,396 at 31 December2007 and 2006, respectively, are reflected in accounts payable and represent theunremitted portion of dues collected for local chapters.
Note E—Income TaxesThe Association and the Institute have received favorable determination letters from theInternal Revenue Service stating that they are exempt from Federal income taxes underSection 501(a) of the Internal Revenue Code, as organizations described in Sections501(c)(6) and 501(c)(3), respectively. However, unrelated business income is subjectto taxation. In 2007 and 2006, the Association did not incur a tax liability resultingfrom unrelated business activities.
Note F—Leases During 2003, the Organization entered into an office facilities operating lease that wasscheduled to expire in December 2007 and required monthly payments comprised ofrent, property taxes, pro rata share of common operating expenses and insurance.Subsequent to entering into the original lease, the Organization signed variousamendments to the original lease for additional space. In September 2007, theOrganization signed an amendment that extended the term of the lease through 31January 2018, expanded the total space leased, and provided for the relinquishment ofpreviously leased space four months after construction of the new space has beencompleted. In February 2008, the agreement was further amended to take on twoadditional blocks of space to be remodeled and made available within the year.
The Organization also rents office equipment under three non-cancelable leases withterms in excess of one year.
As of 31 December 2007, the minimum future rentals payable under these non-cancelable operating lease commitments were as follows:
Years ending Office31 December equipment Facilities Total
Rent expense under these leases for the years ended 31 December 2007 and 2006, was$395,028 and $346,856, respectively.
• Temporarily Restricted - Represents resources whose use has been temporarily restricted by the contributor. When a donor restriction has been satisfied by incurring expenses consistent with the designated purpose, temporarily restricted net assets are reclassified to unrestricted net assets for reporting of related expenses.
• Permanently Restricted - Represents resources that are subject to restrictions of gift instruments requiring that the principal be invested and maintained in perpetuity. The income generated from these funds is classified based on the terms of the gift instruments.
Revenue RecognitionRevenues received by the Organization consist primarily of annual membership duesand new member fees, CISA and CISM examination and annual maintenance fees,attendance fees for educational conferences, the sale of advertising space inperiodicals, charges for various publications, sponsorships and contributions, andlicense fees. Membership dues, and annual maintenance fees for both CISA and CISMare recognized as revenue in the applicable membership period. New member fees arerecorded in the period that the membership application is processed, with theapplicable chapter membership dues collected by the Association recorded as a liabilityuntil remitted to the Chapters. The Organization recognizes unrestricted, restricted andendowment contributions in accordance with donor restrictions in the period that thecommitment for support is obtained, with other revenues recognized over the periodthat the goods or services are provided. Unearned dues, fees and subscriptions areclassified as deferred revenue.
Foreign Currency TranslationTranslation of foreign currencies is performed at current exchange rates, and translationdifferences are included as other gains and losses on the statements of activities.
Use of EstimatesThe preparation of financial statements in conformity with accounting principlesgenerally accepted in the United States of America requires management to makeestimates and assumptions that affect the reported amounts of assets and liabilities andthe disclosure of contingent assets and liabilities at the date of the financial statements,as well as the reported amounts of revenues and expenses during the reporting period.Actual results could differ from those estimates.
Note C—InvestmentsInvestments as of 31 December consisted of the following:
N O T E S T O C O M B I N E D F I N A N C I A L S T A T E M E N T S
Note G—Board-Designated Net AssetsThe ISACA/ITGI Board of Directors/Trustees designates a portion of the Organization’sunrestricted net assets for contingency purposes in order to protect the Organizationagainst unforeseen global events and economic downturn. The designated amount,calculated based on annual operating expenses, totals $25,054,353 as of 31 December2007. Additional funds totaling $15,780 have been designated by the ISACA/ITGIBoard of Directors for various research projects. These funds, while designated for thepurposes noted above, are categorized within the Organization’s financial statements asunrestricted net assets.
Note H—Restricted Net AssetsTemporarily restricted net assets at 31 December have been designated by the donorsfor the following purposes:
Permanently restricted net assets at 31 December have been designated by the donorsas an endowment to the Organization. The earnings on these funds have norestrictions.
Note I—Net Assets Released from RestrictionsDuring 2007 and 2006, net assets were released from restriction to satisfy the followingpurposes:
2007 2006General research $ - $ 1,000COBIT 10,000 14,700
$ 10,000 $ 15,700
Note J—Employee Benefit PlanThe Association maintains the IT Governance Institute, Inc./Information Systems Auditand Control Association Defined Contribution (Money Purchase) Retirement Plan (the“Plan”). The Plan is funded through individually owned annuities issued by theTeachers Insurance and Annuity Association and the College Retirement Equities Fund.Employees who have completed at least six months and 720 hours of service in a yearare eligible to participate in the Plan. Employees may make pretax contributions to thePlan, of which the Association will match the first 5% contributed by the employee. TheAssociation’s contributions to the Plan for the years ended 31 December 2007 and2006, were $335,560 and $304,632, respectively.
Note K—Accounts ReceivableAccounts receivable consist of the following at 31 December:
Changes in the Association’s allowance for doubtful accounts are as follows for theyears ended 31 December:
2007 2006Beginning balance $ 103,656 $ 55,040Bad debt expense 48,016 51,068Accounts written off (41,990) (2,452)Ending balance $ 109,682 $ 103,656
22
A U D I T C O M M I T T E E C H A I R ’ S L E T T E R
The Audit Committee of the Board of Directors/Trustees (the Board) of theInformation Systems Audit and Control Association/IT Governance Institute (theOrganization) oversees the Organization’s financial reporting process on behalfof the Board, and is composed of five independent members. In fulfilling itsresponsibility, the committee recommended to the Board the selection of theOrganization’s independent certified public accountants.
The committee discussed with the independent certified public accountantsthe overall scope and specific plans for their audit. The committee alsodiscussed the Organization’s combined financial statements and the adequacyof its internal controls.
The committee met with the Organization’s independent certified publicaccountants, without management present, to discuss the results of theirexamination, their evaluation of the Organization’s internal controls, and theoverall quality of the Organization’s financial reporting.
Kevin B. Weston, CISA, CPAChairAudit Committee
The management of the Information Systems Audit and Control Association/ITGovernance Institute (the Organization) has the responsibility for thepreparation, integrity and fair presentation of the accompanying financialstatements. The statements were prepared in accordance with generally acceptedaccounting principles applied on a consistent basis and are not affected bymaterial fraud or error. The financial statements include amounts that are basedon management’s best estimates and judgments. Management also prepared theother information in the annual report and is responsible for its accuracy andconsistency with the financial statements.
The Organization’s financial statements for 2007 have been audited by GrantThornton LLP, independent certified public accountants, elected by the Board ofDirectors/Trustees (the Board). Management has made available to GrantThornton LLP all of the Organization’s financial records and related data, as wellas the minutes of the Board’s meetings. Management believes that allrepresentations made to Grant Thornton LLP during its audit were valid andappropriate.
The Organization maintains a system of internal control, which is designed toprovide reasonable assurance to management and to the Board regarding thepreparation and publication of reliable and accurate financial statements, theeffectiveness and efficiency of operations, and compliance with applicable lawsand regulations. The system includes a documented organizational structure anddivision of responsibility, established policies and procedures that arecommunicated throughout the Organization, and the careful selection, trainingand development of our personnel. Management also recognizes itsresponsibility for fostering a strong ethical climate so that the Organization’saffairs are conducted according to the highest standards of personal andcorporate conduct.
As part of its audit of the Organization’s financial statements, Grant ThorntonLLP assessed the Organization’s internal accounting controls structure to
establish a basis for reliance thereon in determining the nature, timing and extentof audit tests to be applied. Management and Grant Thornton LLP have reviewedthe internal control assessment with the Audit Committee as part of thecommittee’s acceptance of the financial statements. The Board, operatingthrough its Audit Committee, which is composed entirely of members who arenot officers or employees of the Organization, provide oversight to the financialreporting process.
There are inherent limitations in the effectiveness of any system of internal control,including the possibility of human error and the circumvention or overriding ofcontrols. Accordingly, even an effective internal control system can provide onlyreasonable assurance with respect to financial statement preparation.
The Organization assessed its internal control system as of 31 December 2007in relation to criteria for effective internal control over financial reportingdescribed in Internal Control—Integrated Framework, issued by the Committeeof Sponsoring Organizations of the Treadway Commission. Based on thisassessment, the Organization believes that, as of 31 December 2007, its systemof internal control over financial reporting met those criteria.
Susan M. CaldwellChief Executive Officer
Scott R. Artman, CPAChief Financial Officer
M A N A G E M E N T R E P O R T O N R E S P O N S I B I L I T Y F O R F I N A N C I A L R E P O R T I N G
23
“I am grateful to my fellow members of the ISACA Board of Directors and the ITGI Board of
Trustees for their thoughtful leadership, and to all thevolunteers who help make all of this activity happen.”
Robert D. Johnson, CISA, CISM, CISSPConferences and Education BoardUSA
Anjay R. Agarwal, CISA, CFE, CA, ACSGovernmental and Regulatory Agencies BoardIndia
Tony HayesIT Governance Committee Australia
Stephen L. Thorsted, CISA, CPAMembership BoardUSA
Emil G. D’Angelo, CISA, CISMSecurity Management CommitteeUSA
Ravi Muthukrishnan, CISA, CISM, FCA, ISCAStandards BoardIndia
Archie G. Watt, CISA, CISM, CAFinance BoardUK
25
Frank Yam, CISA, FHKIoD, FHKCS,CIA, CFE, CCP, CFSA, FFAVice PresidentHong Kong
Howard Nicholson, CISAVice President/ISACA TreasurerAustralia
Tony HayesITGI TrusteeAustralia
M E M B E R S
PlatinumSunil Bhaskar BakshiJohn Warner BeveridgeSusan CaldwellCharles M. CribaroMarios Damianides*John A. KuyersJohn W. Lainhart*Lynn C. LawtonAkira MatsuoRonald W. RibaRobert S. RousseyRonald SaullLily M. Shue*Patrick StachtchenkoMarc A.L.J. Vael
GoldGirish BabuRobert F. FrelingerStacey J. HamakerEverett C. JohnsonMichael E. KnightThomas C. LammCharles Cheong LiangDiane NelsonAnthony P. NobleRobert G. Parker*Jane SeagoSalvatore Philip SerraShital M. ShahKiyoshi ShiinaPaul A. WilliamsMichael H. Wittmer
SilverAbdul Hamid AbdullahScott R. ArtmanAugustono BasukiVinod Velji BavaraVipan BijWayne M. BrissonFernando CalvilloWai Lee Fredarine ChanDouglas M. ChildesArt A. ChristoffersonGuy A. ClarkeKunle CokerReynaldo J. de la FuenteMark A. DouglasAndre N. ErtlJames John FinnRon HaleStephen Wesley HeadChi John HoShankar V. IyerJoanna B. KarczewskaTina KayRoberto Lopez EscaleraRia T. LucasFlemming LundgrenRobert J. MayMicky Lee McCullochDouglas MelvilleGilbert NanemaFrancis J. NemiaVan Quang NguyenAlexander PapanastassiouHugh Henning Penri-WilliamsMartín Pérez SánchezSteve PhelanDaniel Fernando RamosSree Krishna RaoRicardo RendonJose M. SaucedoDiane L. SchulteBrian SelbyKeiko ShimizuRui Fernando Simoes GomesSudarshan Rao SingeethamJoann Skiba
Edward Joseph SlusarskiPeter D. SmithsonRoger W. SouthgateJohn SpangenbergHeather L. StebbingsVáclav StverkaRamnathan N. SubramanianScott R. TompkinsTerry TrsarConstantin VasiliuVatsaraman VenkatakrishnanArchie G. WattDaniel A. Wiechec
DonorKhaled Mostafa A. SamadAli Abbasnejad KonjinRobert M. AbislaIsnaeni AchdiatJoan L. AckermanBryan Keith AdamsAyodeji Abiodun AdelakunAnthony Oluwole AdeosunJayson AgagnierMazhar Bashir AhmadMd. Mushtaque AhmedKosei AkatsukaDana Raluca AlbuLozina Metodieva AlexievaCaroline L. AllinsonOmar Saud AlomarAli Fathi M. Al-Sheikh AhmedHenry Amoako-KenaNofri Defri AndaMichael E. AndersonFoteini AndriaFrancis AnthonyHoracio E. Antonelli MattersonKeith R. AntonidesRoberto ApollonioRenato Aquilino-PujolMahary A. AraiaHenri S. V. ArendsenSam E. ArthurAkintayo Emmanuel AshaMichael AustinYasir Awad BabikerMohammed BachiriAbiodun Oluremi BadaChernor Sulaiman BahKirk C. BaileyAndrew Samuel BakerPaula M. BakerGintautas BalciunaitisSunday Ben BamideleKiyotaka BandoTed BarilaChristopher BarkerGary A. BassettRobert BastienAndrew J. BeardIvonne BeauboeufMark BeavanJose A. BellonCharles R. BennettPaul L. BerkebileGayle BerkeleyThomas S. BerkeyGlauco BertocchiTomas BezouskaSuresh U. BhattDaljit Singh BilkhuLaszlo Miklos BiroCian J. BlackwellShari BleyJean BlochJohn A. BloxhamRudy W. BodewesYves BodiouRobert W. BoereKhaled A.R. BohsaliJohn BombakosHenk BoutDerrick Lennox BraddickJohn BradyRodney Braithwaite
Ricardo J. BriaRobert Andrew BricePeter B. BroadGilbert R. BrooksDaniel BrunnerNadeem BukhariPhil Joseph Patrick BurnsHarijs BussChester J. ButkiewiczAbdulrahman Moulay BziouiFelix M. CaceresSriram Narayanan CadambiClaude CalbryMarta CalderonCynthia F. CannadayJorge L. CarballeiraRaymond E. CatoeHerve CaveyRuben Dario Chacon AlvaradoWilliam Gerard ChampVictor Sze-Tin ChanEvan ChanCecilia Tak Wai ChanSriraman Vijayaraghava ChariMihir ChatterjeeChun-Hung ChengAnthony Charles ChestnutJames A. W. CheyneColin ChildesSusanna Lai Kuen ChiuChi Ming ChowRajeev Ramchand ChughBan Heng ChungHenny J. ClaessensRobert ClarkeJames D. CobbArlene ColemanPaul C. ConradieFrançois CorminboeufP J CorumBrian J. CoutancheJohn Allen CurranAbelardo Francisco CurrasGordon M. CurtisBernard CzajaBernard CzajaKarl E. DahlbergBarbara Angela DanielClive DavidsWilliam Z. DavidsonR.J.R. DavidszThon A. de BlokWerner De BruinOhna De BruinJosé De La Peña-SánchezDonna P. DegenhartAshok Kumar DesaiSydney Morgan DiamondAmiel Abary DiazTony DjajanaTom DoddsCharles A. DormannZea Du PreezSocrates R. Duenas MonteroLucian Bogdan DumitriuAndrew DunnStéphane DupontHans-Rudolf EgliMichael J. EisenbergJustus Ihechikara EkeigweLarry ElderDavid T. EmpeyKiyoshi EndohPatricia A. EnfantoJames Enin-OkutKoji EnjoMary A. ErlangerAndreas EschbachJames E. EtheridgeFrazier D. EvansJoseph O. EwegbejeDieter FabritiusBarry R. FawthropTao FengConcepcion C. FerminLuis S. Ferreira
Cherrie Mae Arciaga Ferreria ChiomentoLuis A. FigueroaGuy W. FilomenaMoshe FinkelshteinBrian Alexander FisackerlyKenneth Glenn FitzpatrickGregory J. FouquetJames E. FranceJames O.B. FrancisCarlos M. FraticelliGerd FrenzenHannes FuchsbergerMutsuhiro FujiiHirofumi FukuraEdmund Nigel GallFredrik GaltungRea Lea Galyon-CampbellJohn Calston GambleJorge Antonio GarciaLuis Enrique García de ParedesJohn GarrettWilhelmus GeijtenbeekJohn J. GenerelliNiklas GerdinSteve GerickPhilip Andrew GesnerShankha GhoshDavid Alwyn GittensIan GloverJohn Cameron GloverTimothy GloverArvind Shivram GodboleJulio C. GolcherMartin Gomez HernandezAjit Vasant GoreJay Randall GottschalkManoharan GovindarajArturo J. Gradoli SandemetrioFranklin W. GramEardley Patrick GrantThomas GraumannAdam W. GrayGlen L. GrayHoward Laurence GreenblattKevin J. GreenfieldRoger Scott GreenwellStefan GrossKlaus-Peter GrosserBaiju K. GujarathiJose P. GumbauRamana V. GurazadaOlivier HaasFiras S. HaddadKoichi HagaMartyn Jack HammondLars B. HansenAshok N. HarinarayanLaura HarrisonRawle D. HasmataliMasahiko HayakawaMarkus HeinenSteven M. HelwigKenneth R. HenryJohan HermansErnest David HernandezFrank L. HernandezJacqueline HerzigMark HindsScott C. HippensteelDonald L. HoffmanAdrian David HoweRicardo HuelinThomas HungerbuehlerRoberta J. HunterJuHwan HwangZsolt IllésiGanesh InguvaHadyn A. InnissMassimo InnocentiManabu IsogaiRosemary O. IsunuoyaAlbert A. IturreySeethalakshmi K.P. IyerAbdulai G. JallohOsama A.Latif JanahiSabira M. Jawad
Robert JendryAlan Glyn Lloyd JenkinsYoung-Ha JeonMayowa Anthony JimohPanshi JinThomas R. JoergerAnil K. JoganiChristopher J. JohnArlene E. JohnsonJulio Rogelio Jolly MooreGuy W. JordanPierre Blocher JosephKeshav Madhukar JoshiGhassan A.N. KabbaraMasato KagotaniDusan Ljubomir KalanjKanaka-Rao V. KalimikondaOkechukwu KaluAsouma KamagateShinichi KamikawaIlan Shmuel KamilQuaye E. KandakaiNoriko KanedaNiraj K. KapasiRay KaplanParikshat KapurShari A. KasugaKenichi KatoRich M. KeeseckerJeffrey A. KendigPeter J. KerrRobert F. KettellAsad Zaman KhanHiroshi KiireJae Hak KimYoshihiro KitsutakaTerje KleppAart S. KnoopChin Guan KohYoshio KoideRodger T. KraftUnni C. KrishnanRobert G. KroesBruno KuengWalter KuketzBhalchandra KulkarniMathew KuriakoseKeryl Lynn KurtzVladimir KuznetsovStefan LaagerJason C. LachanceShirley Celestino LacsonTaoheed LagudaRay Hsing-Tung LaiJenny LamRussell A. LamosekAjith Dhammika LanerolleStephen O. LantripIlga LapsaRichard A. LarsonRobin LasradoTak Wa LauKai Hing LauLee Frederick LaubachTon LaumenColm Noel LawlorPatricia Liechty LayfieldEmmanuel E. LazidisSylvain LeclairElsa K. LeeChang Hee LeeV.V. LeeladharJean-Marc Alexandre LegrandPeter W. LeitchJaroslaw LejkoDavid A. LessPeter LeynsAluca LindstromVincent LiuJoe W. LivingstonRobert J. LluisPeter LoosJose Maria Lopez SanchezJohn LorzGregory John LotzeFrancis W. Lucas
Contributors
26
Holger LudwigRogelio Enrique Luna MuñozChristopher LuseHelen Woon-Yee MaEllen MachNeil MackrellStephen William MaddisonPaul Jay MalyszNicholas Dimitrios MandilarasSrinivasulu Chetty MandyamJagannadha Rao ManguPaul Williams ManningCharles-Robert ManterfieldPeter R. ManzoClifford R. MaraschinoPaul MarchSteven A. MarcoFabiana Leticia MargesLarry MarksRobert Bamber Marshall JrRichard S. MarshoWayne S. MartinDavid M. MartinezSergey MartinovRoss W. MartynClaxton H. MartyrAtsushi MasakiKyriakos MatheouEiichi MatsubaraRobin Charles MattadeenCatherine Demes MaydewChristian Michael MayerAdrian M. MayersJohn E. MayorJohn J. McDonoughJames R. McIntoshAlisdair John McKenzieSirak MedhaneYahya MehdizadehIhab Adel Ahmed MekkyAlfonso MendezJohn MensahLawrence MigglerMartin J. MillerThomas F. MillerAnna Marie MinorMasami MitsuboriHisafumi MitsushioHideo MiuraTokujiro MizutaniEmmanuel Lundere MkusaWillem Ewoud ModdermanM. P. MohanZoltán MohosPule D. MoiloaGerard MolinesAlexis Joseph MonacoArmanda L. MooreMichael MooreAdel Ilyas MoubarakLucy Nyanjugu MuchiriJames MurenYusufali F. MusajiMargaret Shannon MyersJacques H. Nack NgueKazuhiko NagaiVidyapathy Nagar AndalNirmala R. NagarajanNatarajan NagarajanDai NakayamaSudha NallamothuJohn Downy Solomon NallathambiChandramohan NarayanBalasubramanian NarayananMats Kristerviking NarstromUmesha NayakJohn Edward NewsteadEphrem Yiannis NikitasMarino G. NjalssonFranc Njoku-EbereTakeshi NojimaStephen NorkunasJovita Tchi NsohHazel NyathiKathleen O`Hare*John Tanko Ogazuma
Justus Babatope OguntuaseJakpoloho A. OhwobeteElijah Adebayo OladosuAlbert OlafssonTaiwo OlalereOlusola Pius OlasehindeRobert John OliverDerek J. OliverMitsuhiro OritoNeil R. PackardLaura L. PadgettTrudy Anne PageFaith PagePetros G. PanagiotidisJohn M. ParkerHugh A. ParkesIla S. PatelBhagyashree PatilJoseph E. PatrickRoberto PavesiCarl M. PearceTimothy John PearsonFrederic Patrick PetersEdmund Xavier PetersFrank Anthony PhillipsonAlan J. PilgrimWallace Chesterfield PittJoseph PonnolyLeo R. PonsaaHorace H.C. PoonMarlene PortalatinPiero PortalupiTimothy J. PorterAndreas PostlMarjan PotocnikRen PowersDouglas L. PriceVitor Spinola PriscaGayle ProsperRonald A. ProulxWagner Roberto PuglieseRajesh Kantesh PurohitAlberto QuezadaRuth C. QuezadaKishor RabiDiane G. RadostiEmil J. RagonesChristian RagotMaliki Julian Hendrawan RakhmantoRamkumar RamachandranFrancisco Vicente Ramon-MiraAntonio Ramos GarciaJohann Ludwig RampfN. RamuPeter G. RandallJoseph RandollaVenkataraman Ranganathan RanganathanK.B. Ravi-ShankarErvin P. ReevesKostja ReimDavid George ReinholdJoshua ReismanGerardo RenzettiSalvador Reyes QuirozSalomon RicoKees RiemensKim J. RiesSuerte Alexander RigonanSuzanne Chrystal Adrienne RoachRex Merritt RobertsDror-John RoecherSteven H. RoesingFacundo Rojo GilMichael P. RoseDavid P. RossDenes RothPatricia Aneta Rowe-SealePatrick A. RozarioVijayakumar S.R.Noam SaboMaritza Salinas GutierrezAlexander SamarinMilton Eric SambolinJesús Sanchez-AguileraJosue Santana FernandezAnthony A. Saranchak
Martin SchlaeppiJoshua James SchmidtNiels SchneckerBrigitte Schnyder von MorischJanice SchoberJohn F. SchofieldEkkehard ScholzTed SchuytRobert SchwindVirgilio Jamito SeballeChristodoulos C. SeferisDaniel SeiderToni SerraJorge A. SerranoRobert L. SettlesKetan Vinodchandra ShahMaxwell J. ShanahanJulie SharekMauri C. ShawAhsan I. SheikhMakoto ShibataKi Jun ShimBrent V. ShirleyTakashi ShitamichiPete ShomadeCraig Anthony ShorterHarinder SidhuBramwel Kibet SigowoPablo A. SilberfichRichard A. SimpsonWilliam Lee SimpsonDominic SinghThomas R. SinnottMartins SitcsRobert Brian SkadowskiPer B. SkovDavid A. SmithGlenda J. SpencerThomas Heaton SpittersSrikanth SreedharanPatrick R. StevensDariya Inozemtseva StevesLeRoy StewartAndreas StorkSubbaramaiah SubbakrishnaDudung SuryanaHartono Ari SusetyoMark F. SutnikLeonard L. SuttonRadim SvejdaMary Clare SwabonChandra Sekaran T. SwaminathanChing Kwong SzeIchiro TabataSugako TaketomiAdedoyin Abiodun TalabiDaniel O. TalbotKeng Yong TanNobuyuki TanabeKishor P. TannaCassandra D. TatumKenneth W. TaylorTeruo TazakiDaniel TeijidoJeri Teller-KanzlerHiroshi TeraiMladen TerceljAjit ThankappanConstantinos TheodoropoulosIra D. ThompsonKerry L. ThorneCarl Robert ThorpNatalia Gracia TjandraShunji TobaToshimitsu TohChiew Beng TohTatsuya TominagaSenol Mahmut ToygarCraig TrailDuyen Nha TranMichael S. TriauCassandra L. TriggsFrank James TrombleyEduardo Ng TsangHitoko TsumuraFreddie Tully
Luis M. UriaBoudewijn van der WoerdMarcel M.M.J.A. van DijkPaul F.H. van DomburgKaren Serena Van HorneBartholomeus M. van LodensteijnDavid VarasHuib G. VellekoopChris VerdonckKjeld VerhoevenDavid A. VerkestGagan VermaRobert C. VickroyRonald Allan VieraJuan Guillermo VillaRosemarie VillarS. VilvanathanJason Edward James ViolaManuel Jose ViscasillasSatya VithalaMichael A. VlachakisWendell Lawrence VossC. Elizabeth VotroubekSlavomir VricanIchiro WakitaPaul Chung-Wei WangHoyt M. WarrenJesse H. WebbRaymond Tee Meng WeeCharles W. WehkingWinston Washington WeirKennet B. WestbyNeil R. S. WhiteWilliam B. WilkersonGregory K. WilliamsDennis Edward WohrerMatthew A. WolfeP.J. WolteringWilliam Wai Lam WongOliver Lam WongHow Kee WongYeunDae WooScott J. WrightDaniel WynigerGanapathy YadavalliHiroshi YamamotoAnn Marie Jeanine YamamotoLi-Jen Lyaw YangSarkis Aram YaralianA. YingFong Siang YongBobby YoungKam K. YuenMichael Wai-Kee YungBashir Olalere Akanji YusufXavier ZequeiraDouglas E. ZiegenfussDiane V. ZobreChristopher ZoladzPaul A. ZonneveldPeter Zuong
C H A P T E R S
PlatinumAustin Chapter Central Florida Chapter Central Maryland Chapter Central Ohio Chapter Charlotte Chapter Chicago Chapter Cincinnati Chapter Detroit Chapter Kansas City Chapter London Chapter Los Angeles Chapter Middle Tennessee Chapter Milano Chapter Minnesota Chapter National Capital Area Chapter New Jersey Chapter
New York Metropolitan Chapter North Texas Chapter Northern Alabama Chapter Ottawa Valley Chapter Philadelphia Chapter Puget Sound Chapter Quebec City Chapter San Francisco Chapter Silicon Valley Chapter South Africa Chapter Toronto Chapter Victoria Chapter West Florida Chapter Winnipeg Chapter
GoldTaiwan Chapter SilverManila Chapter Omaha Chapter Donor CircleNew England Chapter Sri Lanka Chapter
C O R P O R AT E D O N O R S A N D S P O N S O R S
ACL ServicesALC Training Pty LtdAldion Consulting PTE LtdALESTRAAnalytixBWise B.V.CA, Inc.Consult2ComplyDeloitteErnst & YoungHewlett-Packard CompanyIBM CorporationIFUA Horvath & Partner ITpreneurs Nederlands BVJefferson WellsKaseyaKPMGLogLogic, Inc.Newport Promotional Services, Incorporated OraclePhoenix Business & Systems Process, Inc.PricewaterhouseCoopersProjectRx, Inc.ProtivitiSymantec CorporationTargetTruArx, Inc.Wolcott GroupWollongong University World Pass IT Solutions
A F F I L I AT E S
ITGI gratefully acknowledges itsaffiliates, nonprofit organizationsthat support ITGI's mission.AICPAASIS InternationalCenter for Internet SecurityCommwealth Association for CorporateGovernance Inc (CACG)FIDA InformInformation Security ForumInformation Systems Security AssociationInstitut de la Gouvernance des Systemesd'InformationInstitute of Management Accountants, Inc.ISACAISACA ChaptersITGI JapanSocitm Performance Management GroupSolvay Business SchoolUniversity of Antwerp Management School
* Denotes Wasserman Award winner
27
AsiaHong KongSingaporeTokyoMacaoMalaysiaChennaiOsakaKoreaBangkokNagoyaIndonesiaManilaBangaloreNew DelhiSri LankaTaiwanMumbaiKarachiUnited Arab EmiratesRiyadh, Saudi Arabia CoimbatoreLahore, PakistanPuneHyderabadKolkataJeddahMuscat, OmanCochinLebanon
Central and South AmericaMexicoCosta RicaMonterreyPuerto RicoPanamaMerida, YucatanVenezuelaBuenos AiresBogota, ColombiaMontevideo, UruguaySantiago de ChileMendozaLima, PeruSao Paulo, BrasilLa Paz, BoliviaQuito, EcuadorAsuncion
North AmericaCanadaTorontoVancouverOttawa ValleyMontrealWinnipegQuebecVictoriaNova ScotiaCalgaryEdmonton
IslandsTrinidad & TobagoBermuda
Midwestern United StatesChicagoGreater CincinnatiMinnesotaDetroitOmahaNortheast OhioCentral OhioKentuckianaWestern MichiganCentral IndianaKettle Moraine
IlliniIowaMichianaQuad CitiesNorthwest Ohio
Northeastern United StatesNational Capital AreaPhiladelphiaNew York MetropolitanPittsburghNew EnglandCentral MarylandGreater HartfordCentral New YorkNew JerseyHarrisburgRhode Island Western New YorkHudson Valley