IT Governance, Risk, and Compliance

Jul 1 2013   2:02AM GMT

Government-Audit Convergence Part VII



Posted by: Robert Davis
Tags:
Accountability
Administrative Control
Audit Oversight Committee
Compliance Management
Control Evaluation
Due Care
Due Diligence
Fiduciary Responsibility
Framework
Governance
Government Agencies
Illegal Acts
Information Assets Protection
Laws and Regulations
Management
Safeguarding

Technology deployment and associated management information systems can provide a competitive advantage as well as increased control requirements. Legal noncompliance risks are an irrefutable fact, where consequences range from significant financial penalties to the threat of damage to an entity’s reputation. IT auditors are indirectly, if not directly, an entity control mechanism assuring mandated compliance expectations are adequately addressed by management. In one form or another, ensuring legal compliance serves as a significant information security audit objective for most entities. Amplifying information security criticality is the number of IAP related laws and regulations impacting compliance expectations.

Source:

Bakman, Alex. “If Compliance Is So Critical, Why Are We Still Failing Audits? How to Minimize Failure and Make the Audit Process Easier.” Information Systems Control Journal, vol. 5 (2007).

Generally Accepted Information Security Principles Committee. GAISP V3.0. N.p.: Information Systems Security Association, 2004.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: