Is the only business framework for the governance and management of enterprise IT. It is the product of a global task force and development team from ISACA, a nonprofit, independent association of more than 140,000 governance, security, risk and assurance professionals in 187 countries