ISACA’s 1973-4 president: Nearly four decades later, some things remain the same


Howard “Bud” FriedmanMy recent visit to ISACA’s international headquarters was just a month after the release of COBIT 5. It brought back some fond memories. COBIT 5 actually has roots that extend more than 40 years back to a group of 25 professionals who met in Los Angeles, California, USA, for the first time in January 1972 and reorganized the EDP (Electronic Data Processing) Auditors Association (EDPAA), now known as ISACA. The association had previously been incorporated in 1969, but operated in an informal manner. Meetings were held irregularly, were partly social, and provided little if any formal professional activities such as training, publications or research.

In the January 1972 meeting we elected a slate of officers (Gene Frank as president and myself as executive vice president) and established regular meetings, dues and a formalized organizational process. Soon after, we developed the first issue of The EDP Auditor Journal (which is now known as ISACA Journal).

The EDP Auditor JournalDuring 1972 and 1973 we discussed how our new organization could contribute to the newly emerging profession of EDP auditing. Voila! Why not a set of standards? Better yet, a set of control objectives; something that would not say how to do it, but rather outline from an organizational perspective what system of controls should be established and what should be included.

As one of my first acts as president in 1973, I established a Standards Committee to begin formal work on a document called Control Objectives. Our first meeting was held in November in Los Angeles, and we decided to present an outline of Control Objectives at the 2nd National Conference in Chicago, Illinois in June 1974. We did just that.

Just as COBIT 5 has expanded the purpose and direction from the original Control Objectives, ISACA too has come a long way. But its driving force is still the same:  it provides guidance that helps professionals address real, practical issues and challenges. As before, imagination, patience and intelligence are key ingredients to doing well at our jobs.

Many comments that I made in my 8 June 1973 speech when accepting the position of president of EDPAA still ring true. I tried to impress upon attendees that there is no uniform measure of risk—risk acceptable in one company might be intolerable in another. In addition, risk assessment is not our only function—we have to be able to apprise management of opportunities to improve systems, thereby maximizing the company’s return on its investment in EDP.

When I emerged from the elevator at the international headquarters recently, my remarks from nearly four decades ago were reaffirmed. On the wall across from me were words that echo my 1973 speech: ISACA’s current tagline—Trust in, and value from, information systems.

If I were to give a similar speech today, my closing comments from 39 years ago would remain unchanged—except for the name of the association, of course:

I believe that the EDP Auditors Association has something to offer—to ourselves, both individually and collectively—to our respective companies, to the jobs we have and the work we perform, and to other professional groups that are genuinely interested in improving our business and professional community.

The rewards for our efforts? Henry Ward Beecher said, ‘There never was a person who did anything worth doing who did not receive more than he gave.’

And so, I invite you to join me in continuing to build our association.

Howard “Bud” Friedman
Past International President, ISACA, 1973-1974

We welcome your comments! Please log in using the Sign In link at the top right of this page and then leave your comment in the box at the end of the post.
To view all blog posts, please click on the ISACA Now link in the blue box on the left.

Published: 5/21/2012 3:04 PM

View full post on ISACA Now: Posts