A non-profit organization that started in 1967, for information governance, audit, control and security professionals. It provides guidance and standardized benchmarks for organizations using information systems to maintain the integrity and security of stored and transmitted data.