ONE 2015 ANNUAL REPORT
ISACA® ANNUAL REPORT 2015
Letter from Chair of the Board and CEO About ISACA Annual Member Metrics: 2015 Membership and Academic Relations Chapters Volunteerism Strategic Partnerships Cybersecurity Nexus (CSX) Career Management Certification Conferences, Education and Training COBIT
CONTENTS
3 5 6 7 8 9 10 11 12 13 14 15 16 17 18
Research Bookstore and Translations 2015 Financial Statements ISACA® ANNUAL REPORT 2015
LETTER FROM CHAIR OF THE BOARD AND CEO Dear Friends, The ISACA Board of Directors recently approved new core values for ISACA. The first of those values is that we are ONE—ONE global community of technology professionals and stakeholders working together to inspire confidence to enable innovation through technology. In 2015, ISACA launched innovative programs to fuels its growth and expand its influence and impact worldwide. With the cybersecurity threat landscape having grasped global mindshare, ISACA enhanced its Cybersecurity Nexus (CSX) program. We launched a first-of-its-kind performance-based certification to assess the capabilities of cybersecurity professionals. Using a unique skills-based, hands-on training and testing environment in a cyber range, enterprises can be assured that their frontline defenders can effectively protect the organization’s systems and data from attack. We debuted our first CSX conference in North America, and based on its overwhelming attendance and success, we firmed up plans to hold two more of these events in Europe and Asia next year. ISACA has also initiated new local engagement programs in India, China and on the African continent to build on our core areas of audit, information security, risk, and IT governance. Our credentialing programs continue to experience double-digit growth. The activities of our 213 local
Christos K. Dimitriadis
chapters remind us that the experiences, cultures and expertise of our members and volunteers in more than 180 countries are a key asset to the association. They enhance ISACA’s ability to deliver value to organizations that improves their overall performance, while making sense of a rapidly changing technology landscape and an increasingly competitive business climate. Enabled by a strong community of technology professionals and stakeholders operating as ONE, ISACA is a globally recognized and highly respected voice that continues to make a difference. Thank you for a great year. With sincere appreciation,
Christos K. Dimitriadis, Ph.D., CISA, CISM, CRISC Chair, Board of Directors ISACA and the IT Governance Institute
Matthew S. Loeb, CGEIT, CAE, FASAE Chief Executive Officer
Matthew S. Loeb
ISACA® ANNUAL REPORT 2015
3
BOARD OF DIRECTORS Christos K. Dimitriadis
Zubin Chagpar
Chair
Director
Greece
UK
Rosemary M. Amato
R.V. Raghu
Director
Director
The Netherlands
India
Garry Barnes
Jo Stewart-Rattray
Ph.D., CISA, CISM, CRISC
CISA, CMA, CPA
CISA, CISM, CGEIT, CRISC, MAICD Director Australia
CISA, CISM, PMP
CISA, CRISC
CISA, CISM, CGEIT, CRISC, FACS CP Director Australia
Robert Clyde
Robert E. Stroud
Director
Past Chair
USA
USA
Theresa M. Grafenstine
Tony Hayes
Director
Past Chair
USA
Australia
CISM
CISA, CGEIT, CRISC, CGAP, CGMA, CIA, CPA
CGEIT, CRISC
CGEIT, AFCHSE, CHE, FACS, FCPA, FIIA
Leonard Ong
CISA, CISM, CGEIT, CRISC, COBIT 5 Implementer and Assessor, CFE, CIPM, CIPT, CISSP ISSMP-ISSAP, CITBCM, CPP, CSSLP, GCFA, GCIA, GCIH, GSNA, PMP Director
Greg Grocholski CISA
Past Chair USA
Singapore
Andre Pitkowski
CGEIT, CRISC, COBIT 5 Foundation Trainer, CRMA, ISO27kLA, ISO31kLA, OCTAVE Director Brazil
Matthew S. Loeb CGEIT, CAE, FSAE Director and CEO USA
Eddie Schwartz
CISA, CISM, CISSP-ISSEP, PMP Director USA
ISACA® ANNUAL REPORT 2015
4
ABOUT ISACA ISACA is the voice of the information systems assurance, cybersecurity, governance and risk professions. For nearly 50 years, ISACA has helped enterprises develop strong IT workforces by inspiring and equipping individuals to be more capable, valuable and successful in the fastchanging world of information technology and business. In 1969, a small, visionary group of professionals incorporated as the EDP Auditors Association (EDPAA). This name was changed to Information Systems Audit and Control Association (ISACA) in 1994. In 2006, ISACA dropped the use of the full name and has since gone by its acronym only, to reflect the broad range of professionals it serves. The solid foundation the group created for the organization 46 years ago included foresight and strategic vision that has paved the way for ISACA’s growth ever since. Today, ISACA continues to be poised for the future, carrying forth our purpose. In the right hands, technology can provide innumerable benefits. To help people understand and apply technology to positively impact their enterprises and the world, ISACA serves, trains, nurtures and engages professionals and students around the world. As a result, ISACA helps individuals and organizations leverage technology to drive innovation and positive momentum.
46 YEARS 140,000+ Professionals
213
Chapters
187
Countries
=
ONE ISACA
3701 Algonquin Road, Suite 1010 Rolling Meadows, IL 60008 USA
Affiliated with ISACA, the IT Governance Institute (ITGI) was created in 1998 as a nonprofit, independent research entity that provides guidance for the global business community on issues related to the Governance of Enterprise IT (GEIT).
ISACA PHONE: +1.847.253.1545 FAX: +1.847.253.1443
[email protected] www.isaca.org ITGI PHONE: +1.847.660.5700
[email protected] ISACA® ANNUAL REPORT 2015
5
ANNUAL MEMBER METRICS:
85%
of members are very satisfied or satisfied with their ISACA membership.
87%
would recommend ISACA to their colleagues.
80%
of members indicate that they joined because of one of ISACA certifications programs.
85%
of members want to learn more about cybersecurity.
57%
of members indicated that cybersecurity is a primary job responsibility.
2015
Each year, ISACA surveys its membership to gather feedback on the products and services that ISACA provides to ensure relevance, value and strategic growth. The 2015 survey revealed: Compared to other associations to which ISACA members belong, ISACA is rated as having the best overall membership experience, the best professional research, the best networking opportunities, and the best professional standards and guidance.
2015 Member Needs Survey: Conducted in Q3 2015, this survey is based on a random sampling of 120,000 ISACA members globally and has a +/- 1.5% margin of error at a 95% level of confidence. Research was conducted by Directions Research, Inc., an independent global research agency. ISACA® ANNUAL REPORT 2015
6
MEMBERSHIP New membership grew by 3% over 2014. More than 28,000 new members joined ISACA in 2015
28,148
The Member Get a Member campaign brought in 1,297 new members, an increase of 3% over 2014.
ISACA’s total membership reached 124,357 by year’s end, a 2% growth over 2014. ISACA now has members in 187 countries.
124,357
1,297
new members
new members
by year’s end
ISACA discontinued provisional membership for nonmember exam passers in 2015.
ACADEMIC RELATIONS
ISACA’s student and academic programs continued to grow. By year’s end, there were
2,081 student members
11%
75
ISACA student groups
32% Silvia Chinchilla Sáenz, CISA, CGEIT, CRISC IT Governance Consultant As an ISACA member, I have received the necessary support to develop myself throughout my professional career. As a teacher and consultant, ISACA provides me with the resources, network of knowledge and highquality standards to cover different specialties using the best practices of the audit industry for different sectors such as government, financial and trade. ISACA® ANNUAL REPORT 2015
7
ISACA CHAPTERS
ISACA grew to 213 chapters in 90 countries in 2015, widening ISACA’s global footprint and increasing opportunities for local networking, training and education, and community. Six new ISACA chapters were formed this year:
+
+
Tucson (Arizona, USA)
+
+
Fayetteville, Arkansas (USA) Kingston (Jamaica)
+
Port Harcourt (Nigeria)
San Salvador (El Salvador)
Number of countries with ISACA chapters at year-end:
+
Belgrade (Serbia)
90
Number of chapters at year-end:
+
Indicates a new ISACA chapter formed in 2015
213
Bjørn R. Watne, CISM, CRISC, CISSP-ISSMP Chief Security Officer, Banking & Insurance, Norway Always looking to improve my understanding of cross-border collaboration in a digital world, I have found ISACA’s global network a valuable resource. By choosing to actively partake in both my local chapter and the international community, I have earned a substantial widespread and competent, professional network—and a few good friends, to boot!
ISACA® ANNUAL REPORT 2015
8
VOLUNTEERISM
Substantial enhancements to ISACA’s volunteer program occurred in 2015. What was previously a volunteer structure (consisting of task forces, subcommittees, committees and oversight boards formed for annual terms) was transformed into a volunteer engagement model (www.isaca.org/volunteer), which allows ISACA to offer more flexible opportunities to better meet volunteer interests and schedules. Volunteer opportunities may now be as short as a few hours or weeks, or might be year-long engagements— volunteers can choose to apply for opportunities that fit their availability. Additionally, groups are now formed throughout the year, instead of during a limited-time window, allowing volunteers to be engaged as their schedules allow. In addition to the large number of volunteers who give their time and talents within the chapters around the world, more than 1,000 volunteers were engaged in international service to ISACA during 2015.
Sandeep Narayan Godbole, CISA, CISM, CGEIT General Manager, Information Security, Syntel, India ISACA has been a part of my life for more than a decade and a half, as a great source of learning and strength for me. Volunteering for ISACA has given me immense satisfaction and a platform to contribute and excel.
ISACA® ANNUAL REPORT 2015
9
STRATEGIC PARTNERSHIPS ISACA strengthened and expanded its global impact and influence with an increased investment in public affairs and advocacy. The move helped broaden its reach among decision makers, stakeholders, and relevant audiences that support and advance the professions ISACA serves. ISACA also launched a special initiative, the Future of Local Engagement, to strengthen its presence in its communities around the world. As part of public affairs activities, ISACA hosted an evening information session— “Cybersecurity, Public Safety and Economic Security”—with members of the European Parliament and cybersecurity stakeholders based in Brussels, Belgium. ISACA also contributed to the development of the National Institute of Standards and Technology (NIST) Framework for Improving Critical Infrastructure Cybersecurity. The framework was developed in response to US President Obama’s Executive Order 13636: Improving Critical Infrastructure Cybersecurity. ISACA also solidified its commitment to building a global advocacy effort focused on advancing the issues critical to the future of the professional communities it supports.
As a first step, ISACA increased its investment in external partnerships with organizations around the world, including: • Participating in the Committee of Sponsoring Organizations of the Treadway Commission (COSO) and assisting the COSO Board on the update of the Enterprise Risk Management Framework • Supporting the International Organization for Standardization (ISO) Standard and Good Practice developments • Participating in the International Organization of Supreme Audit Institutions (INTOSAI) IT Audit Working Group • Participating in the ENISA-sponsored Privacy Forum in Luxembourg • Conducting cybersecurity awareness needs analysis in China, Nigeria, Mauritius, Kenya and Uganda, meeting with government officials and leading members of industry • Participating in the International Conference on CyberLaw, CyberCrime and Cybersecurity in New Delhi, India
Hildah Waithira Nduati, CISA, CISM Director, IT Advisory, Ernst & Young (EY), Kenya, Africa I believe in ISACA’s vision and mission to serve information systems audit, assurance, security and governance professionals in organizations globally. While there has been significant growth in Africa, there is still a lot of effort required, and I believe that this gap can be filled through ISACA’s work in this area and the supporting efforts of ISACA volunteers.
ISACA® ANNUAL REPORT 2015
10
CYBERSECURITY NEXUS (CSX)
ISACA continued to build its Cybersecurity Nexus (CSX™), a holistic resource that was launched in 2014 to help address the global cybersecurity skills shortage. This year, expanded offerings within CSX included a new pioneering cybersecurity certification with training courses, and materials, a new conference dedicated solely to cybersecurity, a career tool, industry surveys, infographics, webinars, and a virtual conference. Additional CSX activities included: • ISACA created the Cybersecurity Legislation Watch center and developed its first CSX Special Report. • ISACA CEO Matthew S. Loeb was invited to attend the White House Summit for Cybersecurity and Consumer Protection at Stanford University. • ISACA participated in three Twitter chats with Stay Safe Online, and the ISACA Now blog featured a series of cybersecurity-related blog posts.
ISACA® ANNUAL REPORT 2015
11
CAREER MANAGEMENT
ISACA developed the Cybersecurity Career Pathway infographic to show the holistic journey of a cybersecurity professional. As another first, ISACA launched and developed women’s programming at CSX North America and EuroCACS conferences. Events included networking and information sessions, which were very well-received and well-attended, paving the way for expansion in 2016.
ISACA® ANNUAL REPORT 2015
12
CERTIFICATION 6.1%
11.7%
7.1%
6.8%
Number of certification holders by year’s end
more than
more than
more than
more than
New 2015 certification holders
nearly
more than
more than
more than
Growth of certified professionals
Recognitions and news
Languages in which exam was available
121,000 19,000
30,000 6,500
• Selected as a finalist in the SC Magazine Awards for Best Professional Certification Program for the fifth year in a row
• Selected as the finalist in the SC Magazine Awards for Best Professional Certification Program for the fifth year in a row
• Among the highest-paying IT certifications in Foote Partners IT Skills and Certification Pay IndexTM (ITSCPI), Certification Magazine’s Jobs and Salary Annual Salary Survey and Global Knowledge’s 2015 IT Skills and Salary Survey
• Among the highest-paying IT certifications in Foote Partners IT Skills and Certification Pay IndexTM (ITSCPI), Certification Magazine’s Jobs and Salary Annual Salary Survey and Global Knowledge’s 2015 IT Skills and Salary Survey
11
4
6,700 900
• Among the highest-paying IT certifications in Foote Partners IT Skills and Certification Pay Index™ (ITSCPI) • CIO Magazine listed CGEIT as number two of the top-rated governance, risk and compliance (GRC) certifications that are worth the time, cost and effort • Among the highest-paying IT certifications in CIO Magazine’s IT Certification Hot List 2015
1
19,500 3,300
• CIO Magazine listed CRISC as number one of the top-rated governance, risk and compliance (GRC) certifications that are worth the time, cost and effort • First Spanish-translated CRISC exam offered during June 2015 administration • Among the highest-paying IT certifications in Foote Partners IT Skills and Certification Pay IndexTM (ITSCPI), Certification Magazine’s Jobs and Salary Annual Salary Survey and Global Knowledge’s 2015 IT Skills and Salary Survey
2
ISACA launched the CSX Practitioner (CSXP) certification, which includes training courses and practice labs. CSXP is the first vendor-neutral, performance-based cybersecurity certification and demonstrates the certification holder’s ability to serve as a first responder to a cybersecurity incident. Training and skills verification takes place in an adaptive, performance-based cyberlaboratory environment using real-world cyber security scenarios. Wai Ki Keren Leung, CISA Manager at an International Audit Firm, Hong Kong When I was a fresh university graduate, I obtained advice from an ISACA volunteer, who took time to explain how the association can help me build my professional expertise, how to obtain a professional certification and what my next steps should be. That volunteer’s valuable guidance helped me earn the CISA credential.
ISACA® ANNUAL REPORT 2015
13
CONFERENCES, EDUCATION AND TRAINING ISACA provides many opportunities for professionals to advance their expertise, skills and knowledge. An expansive global offering of in-person and online events allows professionals to choose specific topics, experience levels and methods of learning that best suit their needs. 2015 achievements included:
ISACA launched its first cybersecurity conference, CSX North America 2015, which sold out, paving the way for future expansion. The conference featured 70 sessions and five keynote speakers, and included ECCouncil’s Global CyberLympics World Finals, an international cybersecurity competition of ethical hacking.
90% overall satisfaction
Growth continued for ISACA’s online events, including 43 webinars on timely topics, which attracted more than 37,000 attendees. Two virtual conferences were attended by more than 6,000 participants.
15 Training Weeks
Serving the needs of enterprises worldwide, ISACA provided 65 on-site training programs, an increase of more than 15% over the previous year, and generated an increase of more than 43% in revenue.
ISACA’s CSX North America, North America CACS, Euro CACS and Latin America CACS conferences all received a 90% overall satisfaction rating on average in post-conference surveys.
43 37K 6K webinars
webinars attendees
virtual conference participants
The Training Week program featured advanced topic events presented in partnership with Deloitte, LLP, including two virtual instructor-led training courses.
65
on-site training programs
43%
increase in revenue
ISACA launched the Cybersecurity Fundamentals online course to help students, recent graduates or those changing careers prepare for the Cybersecurity Fundamentals Certificate exam.
ISACA® ANNUAL REPORT 2015
14
COBIT
To further assist COBIT users, ISACA held the first COBIT conferences in North America and Europe and released the COBIT 5 Poster Series to provide a reference for key COBIT concepts. ISACA also released a research project, Benchmarking and Business Value Assessment of COBIT 5, with results supporting a correlation between achieving IT goals and business goals. This publication helps practitioners build internal support for COBIT 5 implementation and demonstrates return on investment for COBIT adoption.
Working with APMG, a global certification accreditation body, ISACA expanded the program of Accredited Training Organizations:
108
COBIT Certified Assessor certificates since inception
COBIT 5 accredited training organizations
49
27,233
COBIT 5 accredited training individuals COBIT 5 was downloaded more than
27,000 times in 2015.
ISACA saw more than
131
COBIT 5 Foundation certificates since inception
145,000
visits to COBIT Online this year, with more than a half million page views.
PERIODICALS
ISACA created a monthly e-newsletter, The Nexus: Cyber News Converged, to provide the latest cybersecurity news. Launched in May, more than 7,000 professionals had subscribed by year-end, and reader engagement was strong.
Redesigns of the ISACA® Journal web pages and ISACA Journal Author Blog launched in January. ISACA Journal circulation at year-end was 124,000.
Open rate
40%
Members reported reading the Journal
99%
Click-through
50%
Shared their copies with colleagues
65%
ISACA® ANNUAL REPORT 2015
15
RESEARCH
ISACA published and released 18 white papers and four books on topics ranging from cybersecurity, cloud computing and IT governance to Internet of Things, auditing and COBIT 5. The research deliverables included the DevOps Practitioner Considerations, Innovation Insights series of impactful business and technology trends, and Getting Started With GEIT guidance outlining simple steps to begin implementing governance of enterprise IT (GEIT) within an organization.
Joanne T. De Vito De Palma, CISM Executive Director, Information Security, IT Risk and Compliance, The Ardent Group, USA
FPO
ISACA provides the most concise, comprehensive products and services easily used by any organization in pursuit of protection and governance of information and technology. I share ISACA’s passion for ensuring that information, IT and business processes are managed and protected optimally. ISACA provides practical approaches and tools to achieve these requirements.
ISACA® ANNUAL REPORT 2015
16
ISACA BOOKSTORE Nearly 500 titles and 200 downloadable items were available in the ISACA Bookstore.
Other new titles included:
CISA, CISM and CRISC review manuals continued to be best-selling ISACApublished items. Interest in COBIT 5, the CSX Cybersecurity Fundamentals Study Guide and Implementing the NIST Cybersecurity Framework was high.
• A Practical Guide to the Payment Card Industry Data Security Standard (PCI DSS) • Cybersecurity Guidance for Small and Medium-Sized Enterprises • Implementing Cybersecurity Guidance for Small and Medium-sized Enterprises • Security, Audit and Control Features SAP ERP, 4th Edition
200
Nearly
500 titles
downloadable items
TRANSLATIONS
To serve global constituents, ISACA continued to expand the number of translated resources.
330
items and publications were translated into
Arabic
Bosnian
Chinese Simplified
Chinese Traditional Dutch
French
German Hebrew
Hungarian
22
non-English languages.
Materials translated include certification exams, study aids, ISACA® Journal articles, COBIT Focus articles and COBIT 5.
Russian
Italian
Slovenian
Japanese
Spanish
Korean
Thai
Lithuanian
Turkish
Polish
Ukrainian
There are now 70 translated versions of COBIT 5-related publications in 17 languages.
Portuguese Romanian ISACA® ANNUAL REPORT 2015
17
FINANCE 2015 2015 was a year of investment for ISACA. During the year, ISACA invested nearly US $5 million in strategic programs designed to offer even greater benefits to its members and other constituencies it serves now and in the future. Even with that investment, ISACA saw an increase in its excess (contribution) from operations in 2015 compared to the prior year. However, due to volatility in the financial markets, ISACA incurred a realized/ unrealized loss of just under US $5 million, which resulted in a reduction in net assets for the year. ISACA’s strong operational performance continued to be driven by a solid member retention rate, ongoing market support for its professional certifications and continued effective management of its operating costs. Following a change in its target allocations between its short- and long-term portfolios, ISACA received increased dividends and capital gains from its investments. These increases helped to offset most of the impact of the aforementioned realized/unrealized loss in the portfolio. The investment portfolio continues
to allow ISACA to position itself for operational sustainability and capitalize on strategic growth opportunities moving forward. As a leading global organization, ISACA continues to manage its reserves for operating and strategic purposes. ISACA increased its targeted operational reserve to US $38,801,138 to cover 10 months of average operating expenses for the last three fiscal years. ISACA also maintains a strategic reserve that is used to invest in strategic growth and other member benefit opportunities. Following the aforementioned investments in strategic programs as well as the increased allocation to the operational reserve, the strategic reserves had a balance of US $31,270,551 at the end of the year. The 2015 audited financial statements for the organization are presented within this annual report. Looking ahead, management will continue to monitor key business drivers and economic conditions and their related impact on operations and constituents in 2016 and beyond.
ISACA® ANNUAL REPORT 2015
18
COMBINED FINANCIAL STATEMENTS
All monetary amounts included in the financial statements are in US dollars.
ISACA/ITGI HISTORICAL REVENUES
(in millions of US dollars)
60
2015 OPERATING REVENUES
Certification 39% 50
Relations (including Membership) 27% Education 16% Publications 10% Interest, dividends and other 7% Contributions and sponsorships 1%
40
2015 OPERATING EXPENSES 30
Certification 24%
20
Relations (including Membership) 19% Education 19% Research 14%
20
Supporting services and administration 16% Publications 8%
2015
2014
2013
2012
2011
0
ISACA® ANNUAL REPORT 2015
19
INDEPENDENT AUDITOR’S REPORT Board of Directors ISACA, Inc. Board of Trustees IT Governance Institute, Inc. Report on Financial Statements
We have audited the accompanying combined financial statements of ISACA, Inc. and IT Governance Institute, Inc. (collectively, the “Organization”), which comprise the combined statements of financial position as of 31 December 2015 and 2014, and the related combined statements of activities and cash flows for the years then ended, and the related notes to the combined financial statements.
Management’s Responsibility for the Financial Statements
Management is responsible for the preparation and fair presentation of these combined financial statements in accordance with accounting principles generally accepted in the United States of America; this includes the design, implementation, and maintenance of internal control relevant to the preparation and fair presentation of combined financial statements that are free from material misstatement, whether due to fraud or error.
Auditor’s Responsibility
Our responsibility is to express an opinion on these combined financial statements based on our audits. We conducted our audits in accordance with auditing standards generally accepted in the United States of America. Those standards require that we plan and perform the audits to obtain reasonable assurance about whether the combined financial statements are free from material misstatement.
An audit involves performing procedures to obtain audit evidence about the amounts and disclosures in the combined financial statements. The procedures selected depend on the auditor’s judgment, including the assessment of the risks of material misstatement of the combined financial statements, whether due to fraud or error. In making those risk assessments, the auditor considers internal control relevant to the entity’s preparation and fair presentation of the combined financial statements in order to design audit procedures that are appropriate in the circumstances, but not for the purpose of expressing an opinion on the effectiveness of the entity’s internal control. Accordingly, we express no such opinion. An audit also includes evaluating the appropriateness of accounting policies used and the reasonableness of significant accounting estimates made by management, as well as evaluating the overall presentation of the combined financial statements. We believe that the audit evidence we have obtained is sufficient and appropriate to provide a basis for our audit opinion.
Opinion
In our opinion, the combined financial statements referred to above present fairly, in all material respects, the financial position of ISACA, Inc. and IT Governance Institute, Inc. as of 31 December 2015 and 2014, and the changes in their net assets and their cash flows for the years then ended in accordance with accounting principles generally accepted in the United States of America.
Chicago, Illinois 22 April 2016
ISACA® ANNUAL REPORT 2015
20
ISACA, Inc. and IT Governance Institute, Inc.
COMBINED STATEMENTS OF FINANCIAL POSITION
31 December 2015 and 2014 ASSETS 31 DECEMBER
2015
2014
CURRENT ASSETS $
Cash and cash equivalents
6,346,245
$
8,160,014
77,440,083
77,939,578
Accounts receivable, net
1,510,894
1,064,247
Prepaid expenses
3,094,873
2,198,780
432,416
593,174
Investments
Inventory, net Other current assets Total current assets
52,944
45,492
88,877,455
90,001,285
907,155
831,217
1,123,535
895,944
FIXED ASSETS Leasehold improvements Furniture and fixtures Office equipment
131,411
247,567
Computer system
9,181,364
10,241,209
11,343,465
12,215,937
(6,628,803)
(7,379,989)
4,714,662
4,835,948
Less accumulated depreciation Net fixed assets TOTAL ASSETS
$
93,592,117
$
9,038,430
$
94,837,233
LIABILITIES AND NET ASSETS CURRENT LIABILITIES Accounts payable
$
8,128,157
14,034,992
13,158,347
405,322
596,740
23,478,744
21,883,244
-
-
Board designated
38,801,138
34,922,480
Undesignated
31,270,551
37,989,825
Total unrestricted
70,071,689
72,912,305
573
573
41,111
41,111
70,113,373
72,953,989
Deferred revenues Other liabilities Total current liabilities COMMITMENTS AND CONTINGENCIES NET ASSETS Unrestricted
Temporarily restricted Permanently restricted Total net assets TOTAL LIABILITIES AND NET ASSETS
$
93,592,117
$
94,837,233
ISACA® ANNUAL REPORT 2015
21
ISACA, Inc. and IT Governance Institute, Inc.
COMBINED STATEMENTS OF ACTIVITIES Year Ended 31 December 2015 31 DECEMBER
2015 PERMANENTLY RESTRICTED
TEMPORARILY RESTRICTED
UNRESTRICTED
TOTAL
OPERATING REVENUES Relations (including Membership)
$
15,131,337
$
-
$
-
$
15,131,337
21,664,719
-
-
21,664,719
Education
9,105,044
-
-
9,105,044
Publications
5,472,052
-
-
5,472,052
155,508
29,041
-
184,549
4,322,082
9
-
4,322,091
-
-
Certification
Contributions and sponsorships Interest, dividends and other
29,050
Net assets released from restrictions
(29,050)
55,879,792
-
-
55,879,792
Relations (including Membership)
10,230,370
-
-
10,230,370
Certification
12,955,248
-
-
12,955,248
Education
10,314,058
-
-
10,314,058
Publications
4,257,731
-
-
4,257,731
Research
7,658,030
-
-
7,658,030
45,415,437
-
-
45,415,437
Board and administrative
8,663,559
-
-
8,663,559
Total supporting services
8,663,559
-
-
8,663,559
Total operating expenses
54,078,996
-
-
54,078,996
Excess from operations
1,800,796
-
-
1,800,796
(4,641,412)
-
-
(4,641,412)
Change in net assets
(2,840,616)
-
-
(2,840,616)
Net assets, beginning of year
72,912,305
573
41,111
Total operating revenues OPERATING EXPENSES Program services
Total program services Supporting services
OTHER LOSSES Net realized and unrealized losses on investments
Net assets, end of year
$
70,071,689
$
573
$
41,111
72,953,989 $
70,113,373
ISACA® ANNUAL REPORT 2015
22
ISACA, Inc. and IT Governance Institute, Inc.
COMBINED STATEMENTS OF ACTIVITIES Year Ended 31 December 2014 31 DECEMBER
2014 PERMANENTLY RESTRICTED
TEMPORARILY RESTRICTED
UNRESTRICTED
TOTAL
OPERATING REVENUES Relations (including Membership)
$
14,393,209
$
-
$
-
$
14,393,209
19,708,390
-
-
19,708,390
Education
8,548,542
-
-
8,548,542
Publications
4,487,118
-
-
4,487,118
163,597
14,000
-
177,597
3,120,730
9
-
3,120,739
-
-
Certification
Contributions and sponsorships Interest, dividends and other
14,009
Net assets released from restrictions
(14,009)
50,435,595
-
-
50,435,595
9,153,664
-
-
9,153,664
10,441,677
-
-
10,441,677
Education
9,141,723
-
-
9,141,723
Publications
4,265,026
-
-
4,265,026
Research
8,763,082
-
-
8,763,082
41,765,172
-
-
41,765,172
7,340,452
-
-
7,340,452
7,340,452
-
-
7,340,452
49,105,624
-
-
49,105,624
1,329,971
-
-
1,329,971
(358,331)
-
-
(358,331)
971,640
-
-
971,640
573
41,111
71,982,349
Total operating revenues OPERATING EXPENSES Program services Relations (including Membership) Certification
Total program services Supporting services Board and administrative
Total supporting services Total operating expenses
Excess from operations OTHER LOSSES Net realized and unrealized losses on investments Change in net assets Net assets, beginning of year
71,940,665
Net assets, end of year
$
72,912,305
$
573
$
41,111
$
72,953,989
ISACA® ANNUAL REPORT 2015
23
ISACA, Inc. and IT Governance Institute, Inc.
COMBINED STATEMENTS OF CASH FLOWS CASH FLOW FROM OPERATING ACTIVITIES YEAR ENDED 31 DECEMBER Change in net assets
2015 $
2014
(2,840,616)
$
971,640
Adjustments to reconcile change in net assets to net cash provided by operating activities 2,162,461
1,721,068
(1,948)
43,203
140,402
-
4,641,412
358,331
Accounts receivable, net
(444,699)
(282,917)
Prepaid expenses and other current assets
(903,545)
(603,976)
Inventory, net
160,758
(195,796)
Accounts payable
910,273
1,081,957
Deferred revenues
876,645
1,436,502
(191,418)
42,449
4,509,725
4,572,461
Acquisition of fixed assets
(2,181,577)
(2,811,069)
Proceeds from the sale of investments
17,400,924
19,805,310
(21,542,841)
(22,866,176)
Net cash used in investing activities
(6,323,494)
(5,871,935)
Net change in cash and cash equivalents
(1,813,769)
(1,299,474)
8,160,014
9,459,488
Depreciation Bad debt (recovery) expense Loss on disposal of equipment Net realized and unrealized losses on investments Changes in assets and liabilities
Other liabilities Net cash provided by operating activities Cash flows from investing activities
Purchase of investments
Cash and cash equivalents, beginning of year Cash and cash equivalents, end of year
$
6,346,245
$
8,160,014
ISACA® ANNUAL REPORT 2015
24
ISACA, Inc. and IT Governance Institute, Inc.
NOTES TO FINANCIAL STATEMENTS Year Ended 31 December 2015 NOTE 1 - Organization The Organization consists of ISACA, Inc. (the “Association” or “ISACA”) and the IT Governance Institute, Inc. (the “Institute” or “ITGI”). The Association’s and the Institute’s financial statements are presented on a combined basis due to a majority of Board members serving both entities. The Organization operates on a global basis, with the majority of revenues and net assets attributable to the Association, the predominant entity within the Organization. The Organization maintains its books and records at its headquarters building located in Rolling Meadows, Illinois, USA. The Association was incorporated in 1969 under the name Electronic Data Processing Auditors Association, a California (USA) not-for-profit corporation. In 1993, to reflect the evolving state of technology, as well as the Association’s expanding constituency base, the name was changed to Information Systems Audit and Control Association, Inc. The Association now presents itself by its acronym, ISACA. With more than 140,000 constituents (ISACA members and certification holders) in more than 180 countries at year-end 2015, ISACA is a leading global provider of knowledge, certifications, community, advocacy and education on information systems (“IS”) assurance and security, enterprise governance and management of IT, and IT-related risk and compliance. ISACA hosts international conferences, publishes the ISACA® Journal, and develops international IS auditing and control standards. ISACA also administers the globally respected Certified Information Systems Auditor (“CISA”), Certified Information Security Manager (“CISM”), Certified in the Governance of Enterprise IT (“CGEIT”), Certified in Risk and Information Systems Control (“CRISC”) and Cybersecurity Practitioner (“CSXP”) designations.
The Institute was incorporated in 1976 under the name Electronic Data Processing Auditors Foundation, a California (USA) not-for-profit corporation. In 1994, its name was changed to Information Systems Audit and Control Foundation, to align with the changed name of the Association, and was changed again in 2003 to IT Governance Institute, Inc. In 2013, ITGI was granted a Type II Supporting Organization status by the IRS, and is a Supporting Organization of the Association. The Institute’s role in the mission it shares with ISACA focuses on provision of knowledge on IT governance and related topics. Through its collaborative development model, the Institute brings global perspectives to critical issues facing enterprise leaders and practitioners in its IT governance responsibilities.
NOTE 2 - Summary of significant accounting policies Basis of presentation The combined financial statements include the assets, liabilities, net assets and financial activities of the Organization. Significant intercompany balances have been eliminated in combining the two entities. The Organization has a relationship with ISACA chapters located throughout the world; however, the chapters are not fiscally accountable to the Organization, and accordingly, have not been included in the accompanying combined financial statements.
Cash and cash equivalents Cash and cash equivalents consist primarily of noninterest-bearing deposits with maturity dates of three months or less at the time of purchase to be used for operating purposes. These deposits are carried at cost, which approximates fair value.
The Association supports development, update and education activities related to COBIT 5, a globally adopted business framework for governing and managing enterprise IT. ISACA® ANNUAL REPORT 2015
25
Investments Investments, other than money market funds and interest-bearing deposits, are reflected in the accompanying combined financial statements at fair value according to generally accepted accounting principles (“GAAP”). GAAP has established a framework for measuring fair value, as well as a fair value hierarchy based on the inputs used to measure fair value. A financial instrument’s level within the fair value hierarchy is based on the lowest level of any input that is significant to the fair value measurement; however, the determination of what constitutes observable requires significant judgment. The fair value hierarchy is broken down into three levels based on the transparency of inputs as follows: Level 1 - Quoted prices (unadjusted) in active markets for identical assets or liabilities. Level 2 - Quoted prices, other than quoted prices included in Level 1, that are observable for the assets or liabilities, either directly or indirectly. Level 3 - Inputs that are unobservable for the assets or liabilities. Investment gains and losses include net realized and unrealized gains and losses and are reflected in the accompanying combined financial statements as nonoperating activities, while interest income and dividends are considered operating revenue.
Concentration of credit risk Certain financial instruments, primarily cash, cash equivalents and investments, subject the Organization to credit risk. The Organization maintained cash balances (noninterest-bearing) in 2015 and 2014 at a financial institution in excess of the federally insured limit; however, the Organization has not experienced any losses in such accounts and believes that it is not exposed to any significant credit risk on cash and cash equivalents. With respect to investments, concentration is limited through the diversification of the portfolio. As of 31 December 2015 and 2014, the Organization maintained 18% and 23%, respectively, of its investment balance in one mutual fund, which invests primarily in high-quality money market instruments and short-term fixed income securities, diversified across more than 1,300 individual holdings. The fund may also invest in a wide range of non-money market securities, which tend to be less liquid, more volatile and carry greater risk than money market securities, and its
investment objective can best be described as conservative income.
Accounts receivable Accounts receivable are due within 30 days and are stated at amounts due from customers net of an allowance for doubtful accounts. Accounts outstanding longer than the contractual payment terms are considered past due. The Organization determines its allowance for doubtful accounts by considering a number of factors, including the length of time that trade accounts receivable are past due, the Organization’s loss history, the customer’s current ability to pay its obligation to the Organization, and the condition of the general economy and the industry as a whole. The Organization writes off accounts receivable when they become uncollectible, and payments subsequently received on such receivables are credited to the allowance for doubtful accounts.
Inventory Inventory consists solely of study aids and other publications printed for the Organization for sale to its members and interested outside parties. Inventory is valued at the lower of cost or market, with cost determined by the average cost method. Provisions for obsolete items are based on estimated future usage as related to quantities of stock on hand.
Fixed assets Fixed assets are carried at cost. Depreciation is computed using the straight-line method. The estimated useful lives of the related assets range from two to ten years. Leasehold improvements are amortized using the straight-line method over the shorter of the lease terms or their estimated useful lives. Depreciation expense totaled $2,162,461 and $1,721,068 for the years ended 31 December 2015 and 2014, respectively.
Net assets Net assets, revenues, expenses, gains and losses are classified based on the existence or absence of donor-imposed restrictions using the following classifications: Unrestricted - Represents unrestricted resources available for support of daily operations and contributions received with no donor restriction. The Board may designate certain net assets for a particular function or activity. ISACA® ANNUAL REPORT 2015
26
Temporarily restricted - Represents resources for which use has been temporarily restricted by the contributor. When a donor restriction has been satisfied by incurred expenses consistent with the designated purpose, temporarily restricted net assets are reclassified to unrestricted net assets for reporting of related expenses. Permanently restricted - Represents resources that are subject to restrictions of gift instruments requiring that the principal be invested and maintained in perpetuity. The income generated from these funds is classified based on the terms of the gift instruments.
Revenue recognition Revenues received by the Organization consist primarily of annual membership dues and new member fees; examination, annual maintenance fees and other fees for CISA, CISM, CGEIT, CRISC and CSXP programs; attendance fees for educational conferences; the sale of advertising space; charges for various publications; sponsorships and contributions; and license fees. Membership dues and annual maintenance fees for CISA, CISM, CGEIT and CRISC are recognized as revenue in the applicable period. New member fees are recorded in the period in which the membership application is processed, with chapter membership dues collected by the Association recorded as a liability until remitted to the chapters. The Organization recognizes unrestricted, restricted and endowment contributions in accordance with donor restrictions in the period in which the commitment for support is obtained, with other revenues being recognized in the period in which the goods or services are provided. Unearned dues, fees and subscriptions are classified as deferred revenues.
Promotion and advertising costs Promotion and advertising costs are expensed as incurred. Total promotion and advertising costs were $5,269,363 and $4,528,259 for the years ended 31 December 2015 and 2014, respectively.
Use of estimates The preparation of the combined financial statements in conformity with accounting principles generally accepted in the United States of America requires management to make estimates and assumptions that affect the reported amounts of assets and liabilities and the disclosure of contingent assets and liabilities at the date of the combined financial statements, as well as the reported amounts of revenues and expenses during the reporting period. Actual results could differ from those estimates.
Reclassifications Certain classifications from 2014 have been changed to conform to the 2015 presentation.
NOTE 3 - Investments The following table presents information about the Organization’s investments. Money market funds and interest-bearing deposits are stated at cost. Investments, which are based on quoted market prices in active markets and therefore classified as Level 1, include actively listed mutual funds and exchange-traded funds. Investments at 31 December 2015 and 2014 consisted of the following: 2015
2014
MUTUAL FUNDS Large cap
$
7,878,526
$
6,815,810
Mid cap
1,296,748
1,286,855
Small cap
1,357,033
1,566,458
International
8,469,209
4,827,518
Fixed income
30,679,116
36,809,961
Alternatives
4,448,705
3,305,995
Tactical allocation
2,705,461
2,233,883
REIT
3,840,745
1,926,923
Money market
6,840,994
12,123,950
67,516,537
70,897,353
5,069,647
3,984,397
443,313
418,440
Total mutual funds EXCHANGE-TRADED FUNDS Large cap Mid cap Small cap International Total exchange-traded funds Total Investments
414,869
528,259
3,995,717
2,111,129
9,923,546
7,042,225
$ 77,440,083
$
77,939,578
ISACA® ANNUAL REPORT 2015
27
The components of investment return for the years ended 31 December 2015 and 2014 are as follows: 2015 Interest and dividends
$
Net realized and unrealized losses on investments Total investment (loss) return
3,528,917
2014 $
2,541,552
(4,641,412) $ (1,112,495)
(358,331) $
2,183,221
NOTE 4 - Accounts receivable Accounts receivable consist of the following at 31 December 2015 and 2014: 2015 Trade receivables
$
Less allowance for doubtful accounts Accounts receivable, net
1,524,694
2014 $
1,510,894
(35,467) $
1,064,247
Changes in the Organization’s allowance for doubtful accounts are as follows for the years ended 31 December 2015 and 2014: 2015 Beginning balance
$
Bad debt (recovery) expense Accounts written off Ending balance
$
35,467
2014 $
16,015
(1,948)
43,203
(19,719)
( 23,751)
13,800
Temporarily restricted net assets at 31 December 2015 and 2014 have been restricted by donors for the following purposes: 2015
$
35,467
NOTE 5 - Board-designated net assets The Association’s Board of Directors and the Institute’s Board of Trustees designate a portion of the Organization’s unrestricted net assets for contingency purposes in order to protect the Organization against unforeseen global events and economic downturn. The designated amount based on a three-year average of operating expenses, totals $38,801,138 as of 31 December 2015. As of 31 December 2014, the designated amount was $34,922,480. These funds, while designated for the purposes noted above, are categorized within the Organization’s combined financial statements as unrestricted net assets.
2014
Research
$
573
$
573
Total
$
573
$
573
NOTE 7 - Net assets released from restrictions During 2015 and 2014, net assets were released from restrictions to satisfy the following purposes: 2015
1,099,714
(13,800) $
NOTE 6 - Temporarily restricted net assets
$
Research
2014
1,500
$
500
COBIT
10,000
13,500
Cybersecurity
17,541
-
9
9
Endowment appropriation for expenditure Total
$
29,050
$
14,009
NOTE 8 - Permanently restricted net assets Permanently restricted net assets are restricted as investments in perpetuity. The Organization’s endowment consists only of donor-restricted endowment funds. Net assets associated with the Organization’s endowment funds are classified and reported based on the existence of donor-imposed restrictions. There are no donor restrictions on the earnings of the Organization’s endowment funds. The Organization accounts for endowment net assets by preserving the fair value of the original gift as of the gift date of the donor-restricted endowment fund absent explicit donor stipulations to the contrary. As a result, the Organization classifies the original value of the gifts donated to the permanent endowment as permanently restricted net assets. All earnings on the endowment funds are temporarily restricted until appropriated for current-year operating expenses as allowed by the donor.
ISACA® ANNUAL REPORT 2015
28
As of 31 December 2015 and 2014, endowment assets include only those assets of donor-restricted funds that the Organization must hold in perpetuity. The Organization does not have any Board-designated endowment funds. The Organization’s Finance Committee meets on a regular basis to ensure that the objectives of the Organization’s investment policy are being met, and that the investment approach used to meet the objectives is in accordance with the investment policy approved by the Board of Directors. Under this policy, the endowment assets are invested in a manner that is intended to provide adequate liquidity and maximize returns on funds invested. Interest and dividends earned on endowment funds are appropriated for current-year operating expenses. During 2015 and 2014, the Organization had the following endowment-related activities: Temporarily Restricted Endowment Funds Endowment net assets, 1 January 2014
$
-
Permanently Restricted Endowment Funds $
41,111
Total Endowment Funds $
41,111
Interest and dividends
9
-
9
Appropriation of endowment assets for expenditure
(9)
-
(9)
Total change in endowment net assets
-
-
-
Endowment net assets, 31 December 2014
$
-
$
41,111
$
41,111
Interests and dividends
9
-
9
Appropriation of endowment assets for expenditure
(9)
-
(9)
Total change in endowment net assets
-
-
-
Endowment net assets, 31 December 2015
$
-
$
41,111
$
41,111
NOTE 9 - Related-party transactions As a service to the chapters, the Organization includes the amount of individual chapter dues with its annual billing and remits to the chapters amounts collected on their behalf. The balances of $2,375,412 and $2,122,839 at 31 December 2015 and 2014, respectively, are reflected in accounts payable and represent the unremitted portion of dues collected for individual chapters. During 2015, chapter dues collected and remitted totaled $4,233,262 and $3,980,689, respectively. During 2014, dues collected and remitted totaled $4,011,301 and $4,108,609, respectively.
NOTE 10 - Leases The Organization has an office facility operating lease, which requires monthly payments comprised of rent, property taxes, pro rata share of common operating expenses and insurance. On 21 July 2014, the Organization signed an amendment to the lease agreement, which went into effect on 1 April 2015. The lease term, which was set to expire on 31 July 2018, has been extended through 30 November 2022. The Organization also rents office equipment under two non-cancelable capital leases with initial lease terms in excess of one year. As of 31 December 2015, the minimum future rentals payable for the next five years and thereafter under these non-cancelable lease commitments are as follows: Years ending 31 December 2016
Office Equipment $
22,300
Facility $
634,400
Total $
656,700
2017
10,400
646,900
657,300
2018
-
438,300
438,300
2019
-
671,900
671,900
2020
-
684,400
684,400
Thereafter
-
1,347,100
1,347,100
32,700
$ 4,423,000
$ 4,455,700
$
Rent expenses under these leases for the years ended 31 December 2015 and 2014, were $668,395 and $506,497, respectively.
ISACA® ANNUAL REPORT 2015
29
NOTE 11 - Income taxes
NOTE 13 - Subsequent events
The Association and the Institute have received favorable determination letters from the Internal Revenue Service stating that they are exempt from federal income taxes under Section 501(a) of the Internal Revenue Code of 1986 (“IRC”), as organizations described in Sections 501(c) (6) and 501(c)(3), respectively, except for income taxes pertaining to unrelated business income. The Financial Accounting Standards Board issued guidance that requires tax effects from uncertain tax positions to be recognized in the financial statements only if the position is more likely than not to be sustained if the position were to be challenged by a taxing authority. Management has determined that there are no material uncertain positions that require recognition in the financial statements. Additionally, no provision for income taxes is reflected in these financial statements, and there is no interest or penalties recognized in the statement of activities or statement of financial position. The tax years ended 2012, 2013, 2014 and 2015 are still open to audit for both federal and state purposes.
The Organization evaluated subsequent events through 22 April 2016, the date that the combined financial statements were available to be issued. The Organization is not aware of any subsequent events, other than described below, that would require recognition or disclosure in the combined financial statements. On 1 March 2016, the Association acquired 100% of the interest in Clearmodel LLC (doing business as “CMMI Institute”), a for-profit subsidiary of Carnegie Mellon University, for the purpose of integrating the entity’s globally adopted capability improvement framework. The entity was acquired for $8 million in cash, and was financed through the proceeds from the sale of investments. As of the date of the report, the Association is undergoing a fair value analysis of the assets acquired and liabilities assumed.
NOTE 12 - Employee benefit plan The Association maintains a defined contribution retirement plan for qualified employees. Participation in the plan is optional. The Association will match the first 5% contributed by the employee. The Association’s contributions to the plan for the years ended 31 December 2015 and 2014 were $779,149 and $727,150, respectively.
ISACA® ANNUAL REPORT 2015
30
AUDIT COMMITTEE CHAIR’S LETTER The Audit Committee of the Board of Directors/ Trustees (the Board) of ISACA/IT Governance Institute (the Organization) oversees the Organization’s financial reporting process on behalf of the Board, and is composed of five independent members. In fulfilling its responsibility, the committee recommended to the Board the selection of the Organization’s independent certified public accountants. The committee discussed with the independent certified public accountants the overall scope and specific plans for their audit. The committee also discussed the Organization’s combined financial statements and the adequacy of its internal controls. The committee met with the Organization’s independent certified public accountants, without management present, to discuss the results of their examination, their evaluation of the Organization’s internal controls and the overall quality of the Organization’s financial reporting.
Theresa M. Grafenstine, CISA, CGEIT, CRISC, CGAP, CGMA, CIA, CPA Chair, Audit Committee
ISACA® ANNUAL REPORT 2015
31
MANAGEMENT REPORT ON RESPONSIBILITY FOR FINANCIAL REPORTING The management of ISACA/IT Governance Institute (the “Organization”) has the responsibility for the preparation, integrity and fair presentation of the accompanying financial statements. The statements were prepared in accordance with generally accepted accounting principles applied on a consistent basis and, as such, include amounts that are based on management’s best estimates and judgments. Management also prepared the other information in the annual report and is responsible for its accuracy and consistency with the financial statements. The Organization’s financial statements for 2015 have been audited by CohnReznick LLP, independent certified public accountants, elected by the Board of Directors/Trustees (the Board). Management has made available to CohnReznick LLP all of the Organization’s financial records and related data, as well as the minutes of the Board’s meetings. Management believes that all representations made to CohnReznick LLP during its audit were valid and appropriate. The Organization maintains a system of internal control that is designed to provide reasonable assurance to management and to the Board regarding the preparation and publication of reliable and accurate financial statements, the effectiveness and efficiency of operations, and compliance with applicable laws and regulations. The system includes a documented organizational structure and division of responsibility, established policies and procedures that are communicated throughout the Organization, and the careful selection, training and development of personnel. Management also recognizes its responsibility for fostering a strong ethical climate so that the Organization’s affairs are conducted according to the highest standards of personal and corporate conduct.
There are inherent limitations in the effectiveness of any system of internal control, including the possibility of human error and the circumvention or overriding of controls. Accordingly, even an effective internal control system can provide only reasonable assurance with respect to financial statement preparation. The Organization evaluates its internal control system in relation to criteria for effective internal control over financial reporting described in Internal Control—Integrated Framework, issued by the Committee of Sponsoring Organizations of the Treadway Commission, and as of 31 December 2015 the Organization believes that its system of internal control over financial reporting met those criteria. As part of its audit of the Organization’s financial statements, CohnReznick LLP assessed the Organization’s internal accounting controls structure to establish a basis for reliance thereon in determining the nature, timing and extent of audit tests to be applied. Management and CohnReznick LLP have reviewed the internal control assessment with the Audit Committee as part of the committee’s acceptance of the financial statements. The Board, operating through its Audit Committee, which is composed entirely of members who are not officers or employees of the Organization, provides oversight to the financial reporting process.
Matthew S. Loeb Chief Executive Officer
Robert A. Micek Chief Financial Officer ISACA® ANNUAL REPORT 2015
32
DONORS Individuals Platinum
Agu Ets
Tajjud-deen Phillipps
Isnaeni Achdiat
Enrique Barroso
Marios Damianides
Gregory Oluremilekun
Andre Pitkowski
Afzal Ahad
Maria Cristina Bausa-
William Price
Asaf Zaki Ahmad
Rosa
Daniel Fernando Ramos
Azubike Edward
Alvin Bedgood
Lynn Lawton Debbie Lew Akira Matsuo Robert A. Micek Leonard Ong Daniel Wiechec
Gold
Falowo
Concepcion Fermin Pamela Susan Fusco Axel Gierbolini Ron Hale Mary Hall Masahiko Hayakawa Shankar Iyer
Merve Sarac Jose Saucedo Hiroharu Sawada Martin Schlaeppi Mark Stanley Conrad Stanton
Jose Boyol
Stanley Robert Jarocki
Jeffrey Patubo
Michael Jimenez
Kenneth Vander Wal
Vijay Karayi
Silver
Vijaykumar Kasaram
Jo Stewart-Rattray
Tina Kay
Sean Stringer
Rabia Khanfir
Stig Jarle Sunde
Himi Kim
Fumiaki Suzuki
Robert Thomas Klein
Bernard Chee Kian Tang
Emiko Kurihara
Martin Tapia
Fung Chun Leonard
Alexandru Tasca
Adesina Kabir Ajina David Applebaum Renato Aquilino-Pujol Jim Arnold Garry James Barnes Earl Charles Begley Robin Bell Sixten Björklund Krag Brotby Eric Caldwell Fernando Calvillo Christopher Tsz Chan Richard Chia Peter Albert
Christiaans
Nancy Cohen Kim Cohen Bernard Czaja Helene Demoulin Koke Diarra Gert Thomas Du Preez
Lam
Jenny Lam Stephen Lantrip Demetrios Lazarikos Patricia Lewis
Dirk Steuperaert Hamilton Michael Stewart
Rod Troutman Paul van Domburg Stanley Velando Vatsaraman
Venkatakrishnan
Ahubelem
Hidetsugu Aiko
Carlos Beltran Perdomo
Mark Owen Aldrich
Douglas Bencomo
Lozina Metodieva
Ahmed Bengrina
Alexieva
Paul Berkebile
Faisal Al-Homodi
Moira Berman
Saad Abdul-Mohsen
Damien Bertero
Al-Khalfan
Mohammed Ali Alshehri Brian David Andersen Barry William Anderson Ngozi Nwamaka AnigboguNwankwo
Kannan Annaswamy Mahary Araia
Henri Arendsen
Bryan McAtee
James Wiechers
Robert Arnold
Robert Mcfarland
Virginia Yue
Luis Adrián Arroyo
Yasushi Miyamoto
Carlos Zamora
Sam Arthur
Glib Pakharenko
Roman Zillek
Mohammed Bachiri
Zoran Abraham
Dexter Taylor Blackstock
Waseem Al-Otaibi
Shinichi Watanabe
Williams
Stuart Birkett
Ahmed AlMunawes
Martin Malmqvist
Paul Rudolph Aaron
Suresh Bhatt
Wayne Dennis Allums
Jian Qiang Wang
Hugh Henning Penri-
Glauco Bertocchi
Beverly Allen
Eric John Malmgren
Donor
Belloise
Said Hassan Al-Balushi
Sylvain Viau
James Patterson
Michael Anthony
Taisei Akutsu
Min Chee Liew
Sean Pascoe
Christina Marie Belding
Luis Geraldo Segadas Araujo
Juliana Bako Antony
Balasubramanian
Federico Blasiotti Khaled Bohsali Benjamin Boi-Doku Charan Kumar
Bommireddipalli
David Brachio Diana Bradshaw Hester Vasile Claudiu Brandas Moises Brito Douglas Brown Daniel Brunner Richard Brunner Beverly Burch Phil Joseph Patrick Burns
Mark Alexander Butzke Jose Campos Cynthia Cannaday
ISACA® ANNUAL REPORT 2015
33
Donor
Donna Degenhart
Mario Carbajal
John Joseph DeMauro
Homero De Almeida
Ashok Raja Devaraj
Guy Filomena
James Wayne DeVaul
Elke Benita Änne
Carreiro
Paul Casey
Paulo Ramiro Diaz
Massimo Castelli
Larry Keith Dinsmore
Anthony Chalker
Dean Diongson
Victor Sze-Tin Chan
Ruedi Doebeli
Steve Chazan
Satyavan Domb
Sarat Chandrakumar Chegu
Melanie Cheong James Cheyne Susanna Lai Kuen Chiu Adnan Khaliq Chughtai Robert Clarke Patrick John Collins Joseph Combs Kevin Gerald Conlon Mark Connelly Francois Corminboeuf Brian Coutanche Mihai Cristalov John Crump
Bohdan Dombchewskyj Richard Donahue James Donnelly
Francesc Xavier
Fernandez Cuesta
Fischel-Bergmann
Urs Fischer Kenneth Glenn Fitzpatrick
Robert Flast Paul Fordiani Joji Fortin Barbara-Ann Fox Winner
Kieran Doorley
Celestino Francisco
Michael Dorn
George Freitas
Sally Dovitz
Dan French
Bao Duong
Finn Frisch
Michael Dwyer
John Frisken
Hugh Dyar
Norihisa Fujita
Alan Egge
Thomas Peter Gagliardi
Ahmed El Gillani
Andre Gagnon
Islam Kamal El-Din El-
Ramses Gallego
Mallah
Newman Hugo Emeanaa
Fredrik Galtung Mary Ellen Gamache John Calston Gamble
Szabolcs Csontos
David Empey
Gordon Curtis
John English
Dominic Cuscuna
Koji Enjo
John Joseph
Enyingwa Kingson
Dinesh Merwin D’Souza
Tomoyasu Eto
Deborah Dahlin
John Kenji Eto
Ashit Dalal
Stephen Craig Evans
Kishor Jagannath
Margaret Ann Everroad
John Generelli
Dieter Fabritius
Frank Gerber
Mark DAndrea
David Fairman
William Gessner
Sabyasachi Dash
Ahmad Mohammad
Mukesh Chandra
Czaplewski
Dandeker
William Davidson Rodney Owain Davies
Ubochi
Faqieh
Tao Feng
Nelson Gibbs
Aris Budiman Hartono
Khristian Gibson
Prachit Hawat
Anthony John Gilli
Shawn Heeley
Paul Danlami Gimsay
Marinus Hendriksen
William Henderson Ging Johan Hermans Jean-Marc Goeders
Jose Francisco Herrera
Fernando Gomez
Mark Hinds
Alfonso
Jennifer Hong
Jason Gonzales
Jeffrey John Horning
David Goodwin
Stefanie Horvath
Thomas Goss
Adrian Howe
Ludo Goubert
Michael John Hughes
Kumararaj
Janette Shaheen
Govindaswamy
Hussain
Roger Scott Greenwell
Michael Onyemordi Igbo
Wayne Evan Greer
Jason Ingalls
Michael John Grimes
Ganesh Inguva
Stefan Gross
Florin Inte
Marisol Guasca
Jose Isebia
Barragan
Yasuhiro Ito
Jorge Guevara Lopez
S. Rohit Iyer
Francisco Santana
Ayman Helal Jaber
Guimaraes
Caryn Jackson
Jose Pascual Gumbau
Babatunde Jaji
Mezquita
Thomas Gunawan
Brusse Alan James
Tod Gene Gunther
Barbara James
John Garms
Michael Robert Guthrie
Ashwameth Ravilla
Anthony Christopher
Barry George Hadfield
Eduardo Garcia Martinez
Gaskin
Guangdong Ge Robert Graham Gemmell
Ghildiyal
Ashok Ghosh
Olivier Jarrar
Michael Hadlock
Allan Jagath Monesh
Aftab Faizy Haider
Jinadasa
Walid Halik
Edward Eric Johnson
Franz Hall Husni Loutfi Hammoud Harpal Singh Hanspal Ashok Nallashivam Harinarayan
James Griffith Harries
Janakiraman
Mark Keith Johnson Guy Jordan Geogy George Joseph Rohini Joshi Carlos Justiniano
ISACA® ANNUAL REPORT 2015
34
Donor
Natalie Jeannine Lake
Eiichi Matsubara
Kevin Kiambi Mworia
Elena Ouklonskaia
Ghassan A.N. Kabbara
Chandrasekar Lakshmi
Tsutomu Matsushita
Sudeep Nair
Kwabena Owusu-
John Mayor
Praveen Nair
Hendrik Jan Land
Timothy Patrick McAliley
John Downy Solomon
Carmen Ozores
Deepak Kamalasanan
Tak Wa Lau
Jacqueline McCaulley
Quaye Kandakai
Jacinthia Lawson
Vickie LaVern McCray
Mahender Narala
Marie-Grace
Ramzi Kanso
Peter Leitch
Cecelia McFadden
Chandramohan Narayan
Jacqueline Kapres
Katherine Lidgard
Malcolm David
George Nawara
Parikshat Kapur
Albert Lima
McKeating
Shuko Ndhlovu
Junaid Yusuf Kara
Anna Maria Lindstrom
Nick James McLelland
Peter Lee Newing
Spiros Karasavvidis
Steven Lines
Sean McPoland
Howard Nicholson
Prasanthi Lushani
Kathi Hughes Loftus
Rudy Meert
Gertjan Nickolson
Clovis Inacio Lopes
Richard Metzer
Takahiro Nishimura
James Meyer
Stephen Norkunas
Helen Meyer
Massimo Noro
Michael Meyer
Georges Noun
Martin Miller
Nwokedi Obiageli
Sasidhar Reddy Kallamadi
Karunaratne
Yasushi Kasahara Eugene N’da Kassi Ravi Shankar
Balakrishnan Kavaseri
Varahan
Pereira
Jose Maria Lopez Sanchez
Gregory John Lotze David Luck
Tomohide Kawawaki
Christina MacGregor
Romana Kerec Osrajnik
Bob Madderra
Shivakumar Manohar
George Kenneth Madzy
Keskar
Nada Khatib
Lambert Ora-a
Manansala
Joseph Kinder
Kevin Rex Manderson
Terje Klepp
Charles-Robert
Petr Knize Praseth Kong Kentaro Kono
Manterfield
Massimo Vito Angelo Manzari
Jean Milzi
Hugh Parkes Simon Martyn
Parkinson
Max Ronald David
Lawretta
Parmer
Martin Andrew O’Neal
Vicente Peirats
Thomas Josef Moellers
Charles Paul Oakes
Nail Pekgor
Clifton Leander Moffitt
John Tanko Ogazuma
Anthony Kamara
Elizabeth Moorhead
Shogo Oka
Charlie Moraza
Albert Olafsson
Robert Walter Peterson
Rick Moreno
Kehinde Peter
Carl Phillips
Modderman
Rodger Kraft
Christopher Marshall
Adel Ilyas Moubarak
Nathan Ladin
Xenia Ley Parker
Jose Maria Pedro
Jeffrey Moskowitz
Chi Choi Kuok
Paranjape
Rachel O´Brien
Chris Marti
Unni Krishnan
Pramod Shashikant
Willem Ewoud
Kounga Taptue
Claxton Martyr
Dionisio Paolella
MohanRaj Patmanathan
Chris Moschovitis
Murali Krishnan
David Paolantonio
Ben Simiyu Nyongesa
Joseph James Marqua
Martin
Juang P. Panjaitan
Thomas Mockbee
Yuji Morita
Denis Krauss
Sudha Sri Paladugu
Keyur Patel
Larry Marks
Yannick Rostand
Pagdanganan
Hazel Nyathi
Jose Moreno Andrades
Ivo Koppelmaa
Fernandes
Nallathambi
Masami Mitsubori
Peter Manzo
Evangelos Kopanakis
Mensah
Mario Fernando
Mourino Diaz
Pepeno
Olofinmoyin
Susan Elaine Phillips
Ekundayo Oludare
Kirsten Pielstrom
Olukemi
Joseph Ponnoly
Adedayo Adeyinka
Sorin Alexandru Popa
Olukoya
Mihaela Popescu
Chanroutie Omadath-
Ifeoluwa Tobi Popoola
Heetai
Marlene Portalatin
Samuel Christopher
Hassanreza Masjedi
Peter Wambua Mumo
Alfonso Mateluna
Mythili Murali
Nosa Omoma
Marin Prisacaru
Alison Murray
Ayoade Oluseye Oriade
Wagner Roberto
Farit Muzipov
Marcelino Eiji Oshima
Concha
Trpimir Matjan
Omoikhunu
Andreas Postl
Pugliese
ISACA® ANNUAL REPORT 2015
35
Donor
Sanchez
Robert John Puppa
Alexander Samarin
Rajesh Kantesh Purohit
Milton Eric Sambolin
Kashif Qadir
Zacarias Sanchez
Gurpreet Singh Thomas Sinnott Edward Joseph Slusarski
Oladotun Omololu
Yosef Saraka
Kishor Rabi
Anthony Saranchak
Annetta Smith
Nobuyuki Tetsuka
R.V. Raghu
Taishi Sasahara
Reginald Smith
Ajit Thankappan
Susheel Dinkar Raje
Mugdha Satish Satarkar
Peter Smithson
Tina Thompson
Rafael Ricardo Ramirez
Martin Schiefer
Rebecca Ann Snevel
Peter Timmermans
Francisco Vicente
Anton Schleibinger
Juliann Snyder
Esa Toivonen
Joshua James Schmidt
Henry Paul Solomon
Scott Tompkins
Brigitte Schnyder von
Ahmed Mohd Soomro
Lisa Toro
Beatrice Thomas
Janet Torres
N. Ramu Sree Krishna Rao
Morisch
Stewart Redfield
Ekkehard Scholz
Springfield
Stephen Schroeder
Thomas Gerard Totton
Robert Schwind
Ivan Stanchin
Derek Truesdell
Paul Byron Scott
Philip Staniforth
Eduardo Ng Tsang
Jack Riegel
Nicola Sebastiani
Jaroslaw Stawiany
Haruhiko Tsukamoto
Kees Riemens
Christodoulos Seferis
Ian Gregoire Stewart
Giancarlo Turati
Daniel Seider
Richard George Stohner
Martin Unterberger
Lakshminarayanan
Igor Stolbikov
Luis Uria
Charles Stuart
Fumio Utsumi
Jonathan Mohammad
Michiel Van Hulsteijn
Jorge Ricardo Rendon Joseph Reuter
Kim Ries Steve Riess Suzanne Roach Royce Robbins Kathy Lee Robertson Marie Ghislaine Robinson
Oscar Robledo
Ramaswamy
Sekharipuram Jorge Serrano
Rodriguez
AbdulGhaffar
Mohammad Setareh
Michael Romano
Alexander Setiadji
William Leroy Roston
Benny Setyadi
Patricia Aneta Rowe-
Harald Seyfried
Seale
Jose Ruiz Timothy Patrick Ruland
Makoto Shibata Mitsuhiro Shigematsu Mahito Shimomura
Roland Sabourin
Brent Shirley
Babatunde Muhammed
Craig Anthony Shorter
Tajudeen Sadiku
Julio Saiz Stella Alexandra Salas
Anand Singh Bindu Kamlesh Singh
Summer
Hartono Ari Susetyo Leonard Sutton Mark Svenson Chandra Sekaran
Swaminathan
Andrew Watson Ian Lawrence Webster Paul Wells Marcellinus Wendra Stefan Andreas Wenzel Dan Wilder Edward Williams Paul Wilton Trevor Andre Wood Gary Woods Shou-Hsin Mark Wu Jens Wudick Takumi Yabuki Li-Jen Lyaw Yang Sarkis Aram Yaralian Stephen Michael Yarton Hajime Yoshitake Clarence Earle Younger Jason Chee-Mun Yuen
Marc Van Kralingen
Muhammad Naveed
Claude Van Orden
Zakarya
Enrique Vasquez
Gustavo Mariath Zeidan
Granados
Zachary Andrew
Chandra Morgan
Zemenick
Velautham
Ching Kwong Sze
Huib Vellekoop
Dai Takahashi
Jason Edward James
Koichiro Takino
John Korvah Wangolo
Eric Tostenrud
Harry Staley
David George Reinhold
Liang Wang
Hiroshi Terai Nikola Terziev
Ramon-Mira
Larry Gordon Walmsley
Choon Meng Teo
Robert Sheridan Smith
Henny Raadschilders
Michael Walker
Temowo
Michael Zeppelzauer Manef Zidi Guenter Zimmek
Viola
Hideyuki Tanaka
Manuel Jose Viscasillas
Yoshito Tashiro
Sooraj Viswanath
Keith Edward Tayloe
Robert Vitali
Jeffrey Durand Taylor
Oliver Von Salis
Teruo Tazaki
James Muresia Wafula
Jeremy Tedes
Julian Wakim
Dan Zitting Christopher Zoladz
ISACA® ANNUAL REPORT 2015
36
DONORS Chapters Platinum
Gold
Silver
Donor
Chicago Chapter
Denver Chapter
Greater Cincinnati
Central Maryland
Greater Houston
Detroit Chapter Greater Kansas City
Greater Hartford
Illowa Chapter
North Texas Chapter
Middle Tennessee
Chapter
Los Angeles Chapter National Capital Area Chapter
New York Metropolitan Chapter
Chapter
San Francisco Chapter Silicon Valley Chapter Tulsa Chapter Virginia Chapter
Chapter Chapter Chapter
New England Chapter Ottawa Valley Chapter Philadelphia Chapter Quebec City Chapter
Chapter
Jacksonville Chapter Minnesota Chapter New Jersey Chapter Rhode Island Chapter Sacramento Chapter Saint Louis Chapter
South Africa Chapter South Carolina Midlands Chapter
Toronto Chapter Utah Chapter Vancouver Chapter Western Michigan Chapter
ISACA® ANNUAL REPORT 2015
37
JOIN THE CONVERSATION! Follow ISACA on Twitter https://twitter.com/ISACANews
Follow ISACA on LinkedIn http://linkd.in/ISACAOfficial
Follow ISACA on Facebook www.facebook.com/ISACAHQ
ISACA® ANNUAL REPORT 2015