IT Governance, Risk, and Compliance

Apr 3 2012   10:01PM GMT

Irregularities and Illegal Acts Agreed-Upon Procedures Assessments – Part VIII



Posted by: Robert Davis
Tags:
Certified Information Systems Auditor
Certified Information Technology Professional
Certified Internal Auditor
Certified Internal Controls Auditor
Certified Public Accountant
Computer Forensics
External Audit
Fraud
GCC
ICS
Internal Audit
IT Audit
ITAC
ITGC
SOD
SOF

Jointly, physical and logical security can significantly reduce the risk of irregular and illegal acts. Within this context, superior IT physical security is a major larceny deterrent for certain hardware. For example, bolting a personal computer to a fortified mount minimizes the threat of thief. Whereas, deploying general logical security practices usually requires adequate administration to reduce the risk of blackmail based on malware threats. Specifically; anti-virus software, firewalls as well as intrusion detection systems and/or intrusion prevention systems should be installed and monitored to assist in minimizing the risk of compromising the entity’s IT architecture.

Given the greater potential for an IT software related irregular or illegal act, an IT auditor should pursue understanding the backdoors and trapdoors in the entity’s computer processing environment and evaluate whether adequate preventive and detective controls are deployed. Furthermore, when performing irregular or illegal act agreed-upon procedures assessments, an IT auditor should determine if management designed adequate encryption requirements for sensitive data.

View Part I of the Irregularities and Illegal Acts Agreed-Upon Procedures Assessments series here

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: