ISACA Kampala Chapter

ISACA Kampala Chapter Welcome to the ISACA Kampala Chapter

Our Vision: "Trust in, and Value from Information systems"

ISACA ( Information Systems Audit and Controls Association) is a world wide association of IS governance professionals. The association currently focuses on assurance, security, and governance and provides globally recognised certification in assurance (Certified Information Systems Auditor"CISA"), security (Certified Information Security Manager "CISM"), and governance (Certified in the Governance of Enterprise IT "CGEIT"). The association is one of individual members, often the sole practitioner of information systems auditing, security, and/or governance in his or her company. The membership of the ISACA reflects a multiplicity of backgrounds and skills that make the information systems governance field challenging and dynamic

🔥 Fireside Chat: Prudential Edition is happening this Friday (27th March) at Fairway Hotel — 6:00PM EAT🎤 Meet our speake...
23/03/2026

🔥 Fireside Chat: Prudential Edition is happening this Friday (27th March) at Fairway Hotel — 6:00PM EAT

🎤 Meet our speakers:
✨ Josephine Olok (Featured lead) — Director, LumJo Consultants Ltd
✨ Ritah Karungi Butime (Guest speaker) — Manager, National Financial Inclusion Strategy Coordination & Monitoring, Bank of Uganda

Expect real talk on leadership, growth, and navigating careers in tech, risk & cybersecurity.

🤝 Powered by Prudential — come ready to learn and connect.

📍 Save your seat: https://forms.gle/1JrZdGkPat6Tt7hy8

A control can exist on paper… and still do nothing in real life.✅ Control existence = “We have a policy / procedure / to...
23/03/2026

A control can exist on paper… and still do nothing in real life.

✅ Control existence = “We have a policy / procedure / tool.”
✅ Control effectiveness = “It actually reduces risk—consistently, under pressure.”

Here’s the difference in one line:

📌 Existence is documentation. Effectiveness is outcomes.

Quick self-check (ask for evidence, not promises):

🧾 Is it operating? Show the last 3 ex*****ons (not the policy).
📈 Is it working? What risk metric moved (incidents, exceptions, loss, downtime)?
👥 Is it owned? Named owner + clear accountability + escalation path.
⏱️ Is it timely? Runs at the right frequency, not “when we remember.”
🧪 Is it tested? Drills, sampling, or walkthroughs that catch failures.
📝 Is it provable? Logs, tickets, approvals, alerts, and follow-ups.

⚠️ Red flag: “The control is in place” with no operating evidence.
🎯 Goal: Fewer “paper controls,” more risk reduction you can prove.

💬 What’s the most common “exists-but-not-effective” control you’ve seen in audits or operations?

📌
21/03/2026

📌

Eid Mubarak to the ISACA community! 🌙✨May this Eid bring you peace, renewed strength, and abundant blessings—at home, at...
20/03/2026

Eid Mubarak to the ISACA community! 🌙✨

May this Eid bring you peace, renewed strength, and abundant blessings—at home, at work, and in all you do. Wishing you and your loved ones a joyful celebration and a prosperous season ahead. 🤍

📌 Date Change Notice (SheLeadsTech Fireside Chat)We’re excited to share that our SheLeadsTech Fireside Chat (Prudential ...
18/03/2026

📌 Date Change Notice (SheLeadsTech Fireside Chat)

We’re excited to share that our SheLeadsTech Fireside Chat (Prudential Edition) has been moved to next Friday, 27th March 2026.

🔥 Same vibe. Same powerful conversations. More time to bring a friend.

🗓️ Fri, 27th March 2026
🕕 6:00 PM EAT
📍 Fairway Hotel
🎟️ FREE ENTRY
🤝 Powered by Prudential ()

✅ Save the date — who’s joining us?

🎉👏 Congratulations to Justine Nantaba on excelling in the Certified Information Systems Auditor (CISA) certification!🌟 P...
16/03/2026

🎉👏 Congratulations to Justine Nantaba on excelling in the Certified Information Systems Auditor (CISA) certification!

🌟 Proud to celebrate your milestone, Justine—may this be the start of even bigger wins!

🗄️ “Keep forever” sounds safe… until it becomes your biggest liability.The longer you hold data, the bigger the blast ra...
13/03/2026

🗄️ “Keep forever” sounds safe… until it becomes your biggest liability.

The longer you hold data, the bigger the blast radius when something goes wrong. And in East Africa—where teams juggle cloud tools, shared devices, WhatsApp workflows, and fast-moving operations—data sprawl happens quietly.

What “keep forever” really creates:

🔓 More breach impact (more records exposed)
💸 Higher storage + eDiscovery costs
🧩 Messy audits (too much noise, not enough signal)
🧾 Compliance headaches (retaining what you’re not allowed to keep)
🧠 Risky “unknown data” sitting in old inboxes, drives, and backups

What good retention looks like:

📌 Keep what you need (legal + business value)
⏳ Delete what you don’t (on schedule, not by luck)
🔐 Classify data + apply access controls
🧹 Automate deletion + prove it with logs
🧑‍⚖️ Use legal holds when necessary—not “forever” for everything

💬 Quick check: Does your organization have a clear retention schedule… or is the default still “save it, just in case”?

ISACA Kampala, Rwanda & Kenya are teaming up for a special International Women’s Day webinar—because when we give to gai...
12/03/2026

ISACA Kampala, Rwanda & Kenya are teaming up for a special International Women’s Day webinar—because when we give to gain, we multiply impact and accelerate her rise. 💜✨

🗓️ Today | 12th March 2026
⏰ 6:00 PM – 8:00 PM (EAT)
🎓 FREE Webinar | Earn 2 CPE Hours

🎤 Featuring: Mrs. Noella M. Mupole, Eng. Suzanne Kyaruzi (CISM, CDPSE) & Ramona Ratiu

📲 Register via the link/QR on the graphics

💬 Drop a 💜 in the comments if you’re joining—and tag a woman in tech who should be in the room.

📚 More policies can feel like more control… but in practice, it often creates more risk.The “policy library problem” loo...
12/03/2026

📚 More policies can feel like more control… but in practice, it often creates more risk.

The “policy library problem” looks like this:

🧩 Too many documents → nobody knows which one applies
⏳ Outdated versions → teams follow the wrong guidance
🔁 Duplicates + contradictions → exceptions become the norm
🧑‍💻 Busy staff → shortcuts replace compliance
🕵️‍♀️ Audits + incidents → “show me the policy” becomes “show me it’s used”

What works better:

🎯 Fewer, clearer “golden policies” (the ones that matter most)
🧭 Simple playbooks & checklists for day-to-day ex*****on
🔄 Ownership + review cadence (with version control)
📌 Proof of adoption: training, attestations, and evidence of use

💬 Quick question: In your organization, do people actually use the policies… or just store them?

Address

Uganda Institute Of/Communication And Information Technology (UICT), Plot 19-21 PortBell Road, Nakawa, Sat-Com Block 2
Kampala
256

Opening Hours

Monday 09:00 - 17:00
Tuesday 09:00 - 17:00
Wednesday 09:00 - 17:00
Thursday 09:00 - 17:00
Friday 09:00 - 17:00

Telephone

+256392893965 and +256 787467646

Website

https://www.isaca.org/

Alerts

Be the first to know and let us send you an email when ISACA Kampala Chapter posts news and promotions. Your email address will not be used for any other purpose, and you can unsubscribe at any time.

Contact The Practice

Send a message to ISACA Kampala Chapter:

Shortcuts

Share

Share on Facebook Share on Twitter Share on LinkedIn
Share on Pinterest Share on Reddit Share via Email
Share on WhatsApp Share on Instagram Share on Telegram