Chapter Privacy Policy

Privacy Policy

In order to provide an open forum for the exchange of ideas related to IT auditing, the Chapter may publish various articles, training opportunities, advertisements, and other IT/audit-related information through the Chapter website. All statements and opinions included in these publications are those of the author and not necessarily those of the Chapter, unless otherwise explicitly stated.

This site may also provide links to 3rd party sites relevant to the IT audit community. The Chapter assumes no responsibility for the privacy policies, practices, or content of these linked sites. All effort has been made to provide as complete and accurate a site possible, but no warranty or suitability is implied. The Chapter will not be held responsible for any misstatements made by reference to the contents of the website which may or may not result in litigation. The Chapter and its web service providers shall have no liability or responsibility to any person or entity with respect to any losses or damages arising from the information contained on the Chapter's website.

The Chapter is committed to protecting the privacy of the membership and other individuals who may utilize the Chapter website. To that end, the Chapter website will not collect personally identifiable information through the use of "cookies" or other tracking mechanisms. Information communicated to the Chapter, such as monthly meeting reservations and seminar requests, is sent via e-mail through the website and not stored on the site itself.

The Chapter will not sell or otherwise transfer or disclose personally identifiable information to 3rd parties without prior consent (except as may be required by law).

Code of Ethics

ISACA sets forth this Code of Professional Ethics to guide the professional and personal conduct of members of the association and/or its certification holders.Members and ISACA certification holders shall:

  1. Support the implementation of, and encourage compliance with, appropriate standards, procedures and controls for information systems.
  2. Perform their duties with objectivity, due diligence and professional care, in accordance with professional standards and best practices.
  3. Serve in the interest of stakeholders in a lawful and honest manner, while maintaining high standards of conduct and character, and not engage in acts discreditable to the profession.
  4. Maintain the privacy and confidentiality of information obtained in the course of their duties unless disclosure is required by legal authority. Such information shall not be used for personal benefit or released to inappropriate parties.
  5. Maintain competency in their respective fields and agree to undertake only those activities, which they can reasonably expect to complete with professional competence.
  6. Inform appropriate parties of the results of work performed; revealing all significant facts known to them.
  7. Support the professional education of stakeholders in enhancing their understanding of information systems security and control.

Failure to comply with this Code of Professional Ethics can result in an investigation into a member's, and/or certification holder's conduct and, ultimately, in disciplinary measures.

See Code of Professional Ethics FAQs concerning the complaint handling process.