IT Governance, Risk, and Compliance:

December, 2009

1

December 30, 2009  7:03 PM

IT Audit Verification Planning: Resolving Technique Selection – Part IV

Robert Davis Robert Davis Profile: Robert Davis

Auditing IT configurations involves performing compliance and substantive tests on a selected

December 28, 2009  9:08 PM

IT Audit Verification Planning: Resolving Technique Selection – Part III

Robert Davis Robert Davis Profile: Robert Davis

Auditing electronically encoded programs can also involve compliance and substantive testing. Compliance testing usually involves testing programs for controls. Techniques for auditing programs are primarily oriented toward...


December 23, 2009  8:11 PM

IT Audit Verification Planning: Resolving Technique Selection – Part II

Robert Davis Robert Davis Profile: Robert Davis

Compliance testing is the primary method employed to verify stated controls are operating effectively, while substantive testing is the primary method utilized to increase audit assurance. For instance, an IT auditor may reperform compliance testing, documented by an entity’s


December 21, 2009  7:59 PM

IT Audit Verification Planning: Resolving Technique Selection – Part I

Robert Davis Robert Davis Profile: Robert Davis

There are a variety of techniques available to the IT auditor for compliance and substantive testing when performing assurance engagements. ...


December 17, 2009  7:32 PM

An Ounce of Disaster Prevention is Worth a Pound of Disaster Remediation – Part IV

Robert Davis Robert Davis Profile: Robert Davis

Business volatility includes unexpected IT demand, merger and acquisition activities, as well as economic or government events. Whereby, government volatility can reflect a political event. Theoretically, adequate


December 14, 2009  7:29 PM

An Ounce of Disaster Prevention is Worth a Pound of Disaster Remediation – Part III

Robert Davis Robert Davis Profile: Robert Davis

Business continuity and disaster recovery plans should follow suggested best practices for development to ensure adequate incident handling. Commonly, the primary goals of the incident management...


December 10, 2009  8:49 PM

An Ounce of Disaster Prevention is Worth a Pound of Disaster Remediation – Part II

Robert Davis Robert Davis Profile: Robert Davis

Organizational resilience imposes proactive preparation for potential incidents in order to avoid suspension of critical operations and services, or if operations and services are disrupted, resuming processing as rapidly as required for those who...


December 7, 2009  7:01 PM

An Ounce of Disaster Prevention is Worth a Pound of Disaster Remediation – Part I

Robert Davis Robert Davis Profile: Robert Davis

"Attention all personnel! Attention all personnel! We are now experiencing an emergency code red condition. This requires following current crisis management procedures. Please, immediately proceed to your designated evacuation area and await further...


December 3, 2009  9:07 PM

Safeguarding Assets is an IT Project Management Issue – Part IV

Robert Davis Robert Davis Profile: Robert Davis

Systems and infrastructure design effects the controls relied on by an entity’s management, therefore, effecting control processes. Because systems and infrastructure are critical to an entity’s success, control processes should be designed...


1

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: