Strategic Aspiration By 2022, ISACA should become the foremost global organization on the topic of trust in and value from information and information systems, providing constituents with distinctive new knowledge and services. ISACA must also provide an expanded set of offerings to help constituents and others enhance the governance and management of information and information systems assets in order to enhance trust in and capture optimal value from IS investments. 3
The Initiatives 1.Expanding products for our current constituents 2.Creating new products for new constituents 3.Targeting industries and building enterprise relationships 4.Strengthening our operating model 4 2012 2013 2014 2015 2016 2017 2018 2019 2020 2021 2022 Horizon 1Horizon 2Horizon 3
5 Market Validation 1.Expanding products for our current constituents 2.Creating new products for new constituents 3.Targeting industries and building enterprise relationships 4.Strengthening our operating model Low Medium High 3 High 2 High 1
Series 1 Initiatives Expanding products for current constituents 1A. Continue to provide knowledge offerings that address cloud or outsourced computing services as they relate to current constituents. 1B. Expand knowledge offerings for governance activity roles to provide more practical guidance in areas of implementation and value capture. 6
77 Series 1 Initiatives Expanding products for current constituents 1C. Expand knowledge offerings on privacy targeted at current constituents. 7 Implementation guidance, good practices and processes for managers and practitioners Aimed at wider audience interested in privacy issues H1
8 Series 1 Initiatives Expanding products for current constituents 1D. Develop an approach to scanning for relevant megatrends and determining ISACA’s response to them.
99 Series 2 Initiatives Creating new products for new constituents 2A. Pragmatic knowledge and other offerings targeted at information systems security practitioners 9 Pragmatic, nontechnical implementation guidance and good practices on security management Audiences: Junior security practitioners; security managers and practitioners; senior professionals with a security interest H2
10 Series 2 Initiatives Creating new products for new constituents 10 2B. Offerings for IT demand and delivery professionals to develop, implement and run systems using best practices that address risk, security, assurance and value considerations of their enterprise IT solution designers IT operations H3
11 Series 2 Initiatives Creating new products for new constituents 11 2C. Offerings for business buyers (e.g., IT vendor managers), purchase influencers, and business end users on how to evaluate information systems solutions and ascertain information systems provider trust L
12 Series 2 Initiatives Creating new products for new constituents 12 2D. Offerings targeted toward enterprise risk professionals (in addition to IT) such as operational risk professionals and financial risk professionals Cross-silo IT risk management framework for multiple audiences Guidance on risk governance and oversight for senior audiences M
13 Series 2 Initiatives Creating new products for new constituents 13 2E. Offerings for new data-centric roles within enterprises (e.g., chief data officer) that explain how to build data governance and management mechanisms (e.g., how to describe decision rights around data) L
14 Series 2 Initiatives Creating new products for new constituents 14 2F. Practical guidance around privacy targeted at operational roles (e.g., privacy officer) and possibly regulatory roles M Refinement: Link to 1C
15 Series 3 Initiatives Targeting industries and building enterprise relationships 3A. Create an enterprise assessment program to enable third- party assessment bodies to assess the level of trust in third-party technology provider services and level of COBIT maturity. 15 Possibly, enterprise assessment of maturity level, using industry benchmarks H2
16 Series 3 Initiatives Targeting industries and building enterprise relationships 3B. Create a new enterprise membership program to enable a previously untapped group of individuals to benefit from ISACA frameworks and guidance by offering a differentiated value proposition vs. individual membership. 16 Enterprises that would benefit from broad adoption of COBIT Enterprises seeking simpler billing Enterprises that embed ISACA IP H1
17 Series 3 Initiatives Targeting industries and building enterprise relationships 3C. Introduce industry-specific extensions of core offerings in risk, security and assurance for traditional IS constituents. 17 Guidance and good practices in implementing COBIT in specific industries, mapped to industry regulations H3
HR, technology Relationships General 18 Series 4 Initiatives Strengthening operational model
19 Series 4 Initiatives Strengthening operational model—HR, Technology 4A. Enhance marketing capabilities in support of S22 initiatives. 4I. Ensure program management capabilities exist to facilitate ongoing execution and reporting on progress of strategic initiatives. 4H. Ensure business analytics exist to consistently provide the information and analysis necessary for ISACA’s decision making and reporting needs. 4L. Ensure appropriate reflection of strategic objectives in the skills and experience of volunteer and staff leadership.
20 Series 4 Initiatives Strengthening operational model—Relationships 4B. Expand government outreach activities to increase ISACA’s continued relevance. 4C. Develop an approach to key account management to accelerate knowledge offering uptake and individual membership growth among enterprises. 4F. Develop key strategic partnerships with critical organizations. 4D. Bolster uptake of online communities. 4G. Assist chapters in understanding the new ISACA initiatives and their important role in local networking and educational opportunities while also allow for leadership development. 4J. Develop and begin execution of a plan to build relationships with enterprises in priority geographies and sectors.
21 Series 4 Initiatives Strengthening operational model—General 4E. Enhance knowledge development and distribution processes. 4K. Manage the risk associated with S22.
Ensure key stakeholders are fully informed and briefed on S22 Finalize a consistent approach to using COBIT 5 for each initiative. Ensure that the volunteer structure is aligned with the strategic objectives. Monitor those items on the lower end of the priority range. Finalize a high-level, yet comprehensive, reporting system. 22 Next Steps