ISO 27001, CISA and COBIT

Answer:
I am sorry but you cannot implement CISA in a company because it is only a certification for people. Regarding COBIT, this standard is focused on IT governance, which also includes the information security, but has a different objective.

So, if you need to manage the information security, the best standard from my point of view is ISO 27001, because is specifically developed for this, while COBIT is developed for IT governance.

This article can show you the benefits of ISO 27001 “Four key benefits of ISO 27001 implementation” : https://advisera.com/27001academy/knowledgebase/four-key-benefits-of-iso-27001-implementation/

And also this free webinar “ISO 27001 benefits: How to obtain management support” : https://advisera.com/27001academy/webinar/iso-27001-benefits-how-to-get-management-buy-in-free-webinar-on-demand/

Finally, these materials will help you to know more about the benefits of ISO 27001:
- free online training ISO 27001 Foundations Course https://training.advisera. com/course/iso-27001-foundations-course/
- book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/