Ron Hale is acting CEO of ISACA, as well as the association’s chief knowledge officer. Hale has more than 20 years of experience in the security field. Prior to joining ISACA, he was manager of security services for Northrop Corporation Defense Systems Division and a research manager for the Bank Administration Institute. He has also provided consulting services as a practice director in the Enterprise Risk Management division within Deloitte & Touche. He has a master’s degree in criminal justice from the University of Illinois and a doctorate in public policy from the Walden University School of Public Policy and Administration. In recognition of his accomplishments at ISACA, Hale was named to the NACD’s 2013 Directorship 100, a distinction given to 100 individuals who exemplify knowledge, leadership and excellence in corporate governance.
What changes have you seen in IT audit in the past few years and what changes do you anticipate going forward?
The IT audit profession has experienced a significant transition in the last years. First and most important, the concept of IT audit has been replaced by information systems (IS) audit due to the expanding nature of information systems within the enterprise and the critical reliance on information as a business enabler. Technology is no longer the primary focus. The work of auditors proficient in computing and communications technologies – as well as how these technologies are implemented and managed and integrated into business processes – is an essential part of providing assurance that risks are identified and effectively managed and that business processes involving technology solutions and processes are in compliance with enterprise policies.