Blockchain has many enterprise applications that go beyond cryptocurrency, including smart contracts, supply chain, and healthcare records. To help tech professionals get a stronger grasp on the important technology and how to leverage it within their own organizations, ISACA has released two new resources: Blockchain Framework and Guidance and Blockchain: An Executive View.
Blockchain Framework and Guidance offers a comprehensive blockchain reference, including overview, history, information about types and their benefits and features, as well as use cases and a framework for enterprise adoption. The framework goes into depth into key considerations—like stakeholder management, implementation considerations, interoperability concerns, governance model and management guidelines, and digital asset/token requirements. It also provides a complete set of high-level blockchain control objectives that include key questions that enterprises need to answer, including:
- Do the proposed blockchain control objective domains adequately cover risk vectors and business process objectives for the organization transacting in this space?
- Have we identified the relevant stakeholders of blockchain control objectives?
- Do we understand our engagement with the larger blockchain ecosystem in evaluating risk and control objectives?
Offering another primer on blockchain, the paper Blockchain: An Executive View explains blockchain technology in clear business language and explores the opportunities and challenges that enterprises may face when using blockchain. It shares use cases, outlines the enterprise benefits and risks, provides a guide to getting started with blockchain, and shares security, privacy and legal considerations, including offering security mitigation methods such as:
- Use standardized and tested libraries and interfaces.
- Conduct internal or peer code reviews.
- Leverage bug bounty programs to crowdsource other testing perspectives.
“Enterprises considering the implementation of blockchain technology should first do their due diligence and take some key steps—including asking themselves strategic questions, exploring enterprise risks, and assessing how blockchain adoption would map to their existing technologies, both now and in the future,” says Ron Quaranta, chairman and CEO of the Wall Street Blockchain Alliance, member of ISACA Emerging Technology Advisory Group, and lead author of the Blockchain Framework and Guidance. “The benefits of this technology can be powerful, provided that enterprises have strong governance, controls and security protocols in place. This framework is an important step in understanding blockchain technology and realizing those benefits.”
Adds Nader Qaimari, ISACA chief product officer, “The use of blockchain solutions is increasingly becoming a strategic priority for enterprises across sectors, and whether someone is hands-on in implementing blockchain or making a business case for it at the C-Suite level, education is key. Through these new resources, professionals have the foundational knowledge and tools to take the next steps in effectively adopting this unique technology.”
Part of a set of ISACA resources on emerging technology that will continue to launch through the next year, Blockchain Framework and Guidance PDF electronic version is free and is available to download at https://www.isaca.org/bookstore/bookstore-misc-ebook/wbfg. Also complimentary, Blockchain: An Executive View can be accessed at https://www.isaca.org/bookstore/bookstore-misc-digital/wbfeg. For additional resources, including the Blockchain Preparation Audit Program, visit www.isaca.org/resources/insights-and-expertise.
For more than 50 years, ISACA® (www.isaca.org) has equipped individuals with knowledge, credentials, education and community to progress their careers and transform their organizations and enables enterprises to train and build quality teams. ISACA is a global professional association and learning organization that leverages the expertise of its 145,000 members who work in information security, governance, assurance, risk and privacy to drive innovation through technology. It has a presence in 188 countries, including 223 chapters worldwide.