IT Governance, Risk, and Compliance:

March, 2010

1

March 29, 2010  6:00 PM

IT Audit Follow-up: Assessing Recommendation Resolution – Part VI

Robert Davis Robert Davis Profile: Robert Davis

Control follow-up are activities pursued when an exception condition is identified and reported as presenting a risk to the entity. As a part of the follow-up activities, the...

March 25, 2010  8:25 PM

IT Audit Follow-up: Assessing Recommendation Resolution – Part V

Robert Davis Robert Davis Profile: Robert Davis

IT audit area follow-up takes into account the materiality of reported findings and the impact if corrective action is not taken. As particulars, follow-up nature, timing and extent are dependent on


March 22, 2010  6:29 PM

IT Audit Follow-up: Assessing Recommendation Resolution – Part IV

Robert Davis Robert Davis Profile: Robert Davis

Depending on the ambit and terms of the engagement,...


March 18, 2010  5:33 PM

IT Audit Follow-up: Assessing Recommendation Resolution – Part III

Robert Davis Robert Davis Profile: Robert Davis

IT auditor follow-up activities has been defined "as a process by which they determine the adequacy, effectiveness and timeliness of actions taken by management on reported engagement observations and recommendations, including...


March 15, 2010  4:40 PM

IT Audit Follow-up: Assessing Recommendation Resolution – Part II

Robert Davis Robert Davis Profile: Robert Davis

If management’s proposed actions to implement or otherwise address reported recommendations have been discussed with, or provided to, an IT auditor;...


March 11, 2010  7:41 PM

IT Audit Follow-up: Assessing Recommendation Resolution – Part I

Robert Davis Robert Davis Profile: Robert Davis

While management is responsible for addressing assurance engagement findings and recommendations as well as tracking resolution status; audit is responsible for establishing policies, procedures, standards and rules for follow-up to determine whether


March 8, 2010  9:40 PM

IT Audit Reporting: Communicating Results – Part VIII

Robert Davis Robert Davis Profile: Robert Davis

IT auditors, like all auditors, are responsible for ‘communicating results to interested individuals.’ Interested individuals can include other members of the audit team, who must integrate the IT auditor’s findings with other aspects of the audit, as well as the client. ...


March 4, 2010  6:48 PM

IT Audit Reporting: Communicating Results – Part VII

Robert Davis Robert Davis Profile: Robert Davis

Upon acknowledgement of final audit report delivery to identified recipients, the IT auditor should await responses from key audit area personnel, as stipulated in the entity’s


March 1, 2010  6:41 PM

IT Audit Reporting: Communicating Results – Part VI

Robert Davis Robert Davis Profile: Robert Davis

The final audit report should clearly identify ‘gaps’ in controls and the source of the vulnerabilities. Of the potential vulnerabilities documented in the audit report, it is importance to identify any significant, or material, risks. It must also include recommendations to...


1

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: