Applications archives - IT Governance, Risk, and Compliance Page 2

December 28, 2009 9:08 PM

IT Audit Verification Planning: Resolving Technique Selection – Part III

Posted by: Robert Davis

AA, Applications, Audit Assurance, CI, CICA, CISA, CITP, Compliance Testing, Configuration Item, Files, Information Asset, Information Technology, Infrastructure, IT, IT Audit, PM, Program, Project Management, Risk Management, Substantive Testing, Testing Techniques

Auditing electronically encoded programs can also involve compliance and substantive testing. Compliance testing usually involves testing programs for controls. Techniques for auditing programs are primarily oriented toward...

0 Comments

RSS Feed

Email a friend

December 23, 2009 8:11 PM

IT Audit Verification Planning: Resolving Technique Selection – Part II

Posted by: Robert Davis

AA, Applications, Assurance Service, Audit Assurance, CI, CICA, CISA, CITP, Compliance Testing, Configuration Item, Files, Information Asset, Information Technology, Infrastructure, IT, IT Audit, PM, Program, Project Management, Risk Management, Substantive Testing, Testing Techniques

Compliance testing is the primary method employed to verify stated controls are operating effectively, while substantive testing is the primary method utilized to increase audit assurance. For instance, an IT auditor may reperform compliance testing, documented by an entity’s

0 Comments

RSS Feed

Email a friend

December 21, 2009 7:59 PM

IT Audit Verification Planning: Resolving Technique Selection – Part I

Posted by: Robert Davis

AA, Applications, Assurance Service, Audit Assurance, CI, Compliance Testing, Configuration Item, Files, Information Asset, Information Technology, Infrastructure, IT, IT Audit, PM, Program, Project Management, Risk Management, Substantive Testing, Testing Techniques

There are a variety of techniques available to the IT auditor for compliance and substantive testing when performing assurance engagements. ...

0 Comments

RSS Feed

Email a friend

December 3, 2009 9:07 PM

Safeguarding Assets is an IT Project Management Issue – Part IV

Posted by: Robert Davis

Applications, Asset, Implementation, Information Technology, Infrastructure, IT, Project Management, Risk Management, SDLC, System Development Life Cycle, Systems Analysis, Systems Design, Value Delivery

Systems and infrastructure design effects the controls relied on by an entity’s management, therefore, effecting control processes. Because systems and infrastructure are critical to an entity’s success, control processes should be designed...

0 Comments

RSS Feed

Email a friend

November 30, 2009 7:22 PM

Safeguarding Assets is an IT Project Management Issue – Part III

Posted by: Robert Davis

Applications, Asset, IDLC, Implementation, Information Technology, Infrastructure, Infrastructure Development Life Cycle, IT, Project Management, Risk Management, SDLC, System Development Life Cycle, Systems Analysis, Systems Design, Value Delivery

An adequate IT infrastructure permits the continuance and growth of technology-based systems. Considering the Control Objectives for Information and related Technology (

0 Comments

RSS Feed

Email a friend

November 25, 2009 7:59 PM

Safeguarding Assets is an IT Project Management Issue – Part II

Posted by: Robert Davis

Applications, Asset, Implementation, Information System, Information Technology, Infrastructure, IT, Project Management, Risk Management, SDLC, System Development Life Cycle, Systems Analysis, Systems Design, Value Delivery

As a foundational definition; a system is an assembly of procedures, processes, methods, and/or techniques united by regulated interaction conventions to form an organized whole in support of the entity’s objectives. A key term to this definition is “

0 Comments

RSS Feed

Email a friend

November 23, 2009 6:26 PM

Safeguarding Assets is an IT Project Management Issue – Part I

Posted by: Robert Davis

Applications, Asset, Implementation, Information Technology, Infrastructure, IT, Project Management, Risk Management

Technology-based systems and infrastructure do not occur accidentally. They come into being only after appropriate planning, comprehensive...

0 Comments

RSS Feed

Email a friend

June 22, 2009 8:41 PM

Application Protection – Part IV

Posted by: Robert Davis

Accounting, Applications, COE, Council of Europe, FCPA, Financial, Foreign Corrupt Practices Act, Information Technology, IT, Laws and Regulations, OAS, OECD, Organisation for Economic Co-operation and Development, Organization of American States, Sarbanes Oxley Act, SOX

The FCPA impacts IT control requirements of U.S. publicly held enterprises. Section 78m (b), in particular, documents the legislative rules and compliance requirements of internal control evaluation reporting with regard to management's assessment of internal controls. Section 78m (b) (2) through...

0 Comments

RSS Feed

Email a friend

June 19, 2009 1:09 PM

Application Protection – Part III

Posted by: Robert Davis

FCPA control measures for an adequate system of internal accounting controls include maintaining appropriate segregation of duties, allowing only authorized transaction execution, controlling access to assets, and reconciling documented assets to actual assets regularly. Completeness, accuracy,...

0 Comments

RSS Feed

Email a friend

IT Governance, Risk, and Compliance:

Applications

IT Audit Verification Planning: Resolving Technique Selection – Part IV

IT Audit Verification Planning: Resolving Technique Selection – Part III

IT Audit Verification Planning: Resolving Technique Selection – Part II

IT Audit Verification Planning: Resolving Technique Selection – Part I

Safeguarding Assets is an IT Project Management Issue – Part IV

Safeguarding Assets is an IT Project Management Issue – Part III

Safeguarding Assets is an IT Project Management Issue – Part II

Safeguarding Assets is an IT Project Management Issue – Part I

Application Protection – Part IV

Application Protection – Part III

About This Blog

Browse This Blog’s Tags

Archives

Blog Roll

Subscribe to Alerts