ISACA Podcast

Technology is transforming how organizations operate — and IT audit and assurance must evolve alongside it. In this episode, Paul Phillips sits down with Mary Carmichael, contributor to the newly updated IT Audit and Assurance Framework (ITAF 5), to discuss how audit professionals can adapt to today’s increasingly complex digital enterprise.

 

Together, they explore the major shifts shaping modern audit, including AI governance, digital ecosystems, automation, evolving risk landscapes, cloud environments, and the growing need for stronger data literacy within audit teams. Mary also shares practical guidance on how organizations can begin modernizing their audit approach without overhauling everything overnight.

 

Key discussion topics include:

The evolution from traditional control testing to outcome-based assurance

Why audit teams need stronger technology and data capabilities

AI governance, automation, and digital risk considerations

Building practical audit modernization strategies

How ITAF 5 supports governance, credibility, and audit relevance in modern enterprises

 

Whether you're an auditor, governance professional, cybersecurity leader, or risk practitioner, this conversation provides valuable insight into the future of audit and assurance in a technology-driven world.

 

Related Resources & Stay Connected

Download ITAF 5: https://www.isaca.org/resources/itaf-is-a-framework

 

Explore More ISACA Podcast Episodes: Dive deeper into cybersecurity, governance, risk, and emerging tech insights. https://www.isaca.org/resources/news-and-trends/isaca-podcast-library

 

▶️Subscribe to ISACA on YouTube: Stay ahead with expert interviews, industry analysis, and cybersecurity leadership insights. https://www.youtube.com/@IsacaHq

 

🔔 Don’t forget to like, comment, and subscribe for more conversations shaping the future of IT audit, governance, risk, and cybersecurity.

 

#ITAudit #ITAF5 #AuditAndAssurance #Cybersecurity #Governance #RiskManagement #AI #ISACA #DigitalTransformation #InternalAudit

In today’s evolving cybersecurity landscape, strong leadership is the foundation of an effective security posture. Yet many agencies struggle when a “compliance mentality” takes hold, where meeting minimum requirements overshadows proactive risk management.

In this ISACA Podcast episode, Lisa Cook, ISACA's Principal Research Analyst, sits down with Patrick Bevill, Chief Information Security Officer (CISO) at the Federal Retirement Thrift Investment Board, to explore how agency leaders can establish a strong tone at the top and foster a culture that prioritizes security resilience over check-the-box compliance.​

Related Resources & Stay Connected

Learn more about Williams Adley: Discover how Williams Adley helps organizations navigate audit, assurance, cybersecurity, risk, and advisory services with a focus on integrity and innovation. https://www.williamsadley.com/

Explore More ISACA Podcast Episodes: Dive deeper into cybersecurity, governance, risk, and emerging tech insights. https://www.isaca.org/resources/news-and-trends/isaca-podcast-library 

Subscribe to ISACA on YouTube: Stay ahead with expert interviews, industry analysis, and cybersecurity leadership insights. https://www.youtube.com/@IsacaHq 

 

Don’t forget to like, comment, and subscribe for more conversations shaping the future of IT and cybersecurity.

Compliance does not have to be a stressful, last-minute scramble. In this episode, we explore how AI-driven control and automation transforms identity security from a costly headache into an audit-ready powerhouse. We break down the steps to simplify your regulatory processes, reduce operational costs, and enhance security by effectively managing human and non-human identities.

You will learn why gaining centralized visibility is your crucial first step, how to instantly spot and remediate risky orphan accounts, and the secret to running seamless, automated access certifications. Join our identity security experts as they share practical strategies to strengthen your defenses without draining your IT resources. Expect actionable tips that will help you build a sustainable, AI-powered compliance process tailored to your organization.

Related Resources & Stay Connected

Learn more about SailPoint:
Explore how SailPoint is helping organizations modernize identity security, strengthen governance, and simplify compliance in an AI-driven world.
https://www.sailpoint.com/

Explore More ISACA Podcast Episodes:
Dive deeper into cybersecurity, governance, risk, and emerging tech insights.
https://www.isaca.org/resources/news-and-trends/isaca-podcast-library

Subscribe to ISACA on YouTube:
Stay ahead with expert interviews, industry analysis, and cybersecurity leadership insights.
https://www.youtube.com/@IsacaHq

Don’t forget to like, comment, and subscribe for more conversations shaping the future of IT and cybersecurity.

Women in cybersecurity leaders share their stories and career advice in this SheLeadsTech fireside chat celebrating International Women’s Day.

In celebration of International Women’s Day and Women’s History Month, ISACA’s SheLeadsTech initiative brings together three inspiring leaders in cybersecurity for a special fireside conversation.

Join Debbie Lew and Jo Stewart-Rattray, both ISACA Hall of Fame inductees and recipients of the Eugene Frank Founders Award, as they sit down with Gail Coury, who will be inducted into the ISACA Hall of Fame in 2026.

In this warm and engaging discussion, they reflect on their journeys into cybersecurity, the evolving role of women in technology, and the power of mentorship, leadership, and community in shaping the future of the profession.

In this episode, they discuss:
• Their personal paths into cybersecurity and IT
• How opportunities for women in tech have evolved over time
• Lessons learned from leadership and service within the ISACA community
• Advice for the next generation of women entering the field

The conversation wraps up with a fun rapid-fire round that offers a glimpse into the personalities behind these accomplished careers.

Whether you're an experienced professional or just beginning your journey in technology, this fireside chat offers inspiration, insight, and encouragement from women helping shape the future of cybersecurity.

🔗 Learn more about ISACA’s SheLeadsTech initiative:
https://www.isaca.org/membership/sheleadstech

🎧 Explore more ISACA Podcasts:
https://www.isaca.org/resources/news-and-trends/isaca-podcast-library

📺 Subscribe to ISACA on YouTube:
https://www.youtube.com/@IsacaHq

#WomenInCybersecurity
#SheLeadsTech
#WomenInTech

On this episode of the ISACA Podcast, host Chris McGowan is joined by Amit Patel, Senior Vice President at Consulting Solutions, to explore one of the most underestimated threats in cybersecurity: the human element. From accidental errors to insider breaches, they discuss why employee behavior is at the heart of most security incidents—and what organizations can do about it.
 
Amit shares insights on how ongoing training, strong policies, and AI-powered tools like behavior analytics can help bridge the gap between tech and human responsibility. Whether you're a cybersecurity leader or simply navigating today’s digital landscape, this episode offers practical strategies to strengthen your organization’s human-centric security posture.

📚 Related Resources & Stay Connected
📖 Read the full article:
Humans Are IT Security’s Weakest Link
https://www.isaca.org/resources/news-and-trends/industry-news/2024/humans-are-it-securitys-weakest-link

🎙 Explore More ISACA Podcast Episodes:
Dive deeper into cybersecurity, governance, risk, and emerging tech insights.
https://www.isaca.org/resources/news-and-trends/isaca-podcast-library

▶️ Subscribe to ISACA on YouTube:
Stay ahead with expert interviews, industry analysis, and cybersecurity leadership insights.
https://www.youtube.com/@IsacaHq

🔔 Don’t forget to like, comment, and subscribe for more conversations shaping the future of IT and cybersecurity.