IT Governance, Risk, and Compliance:

Applications


December 30, 2009  7:03 PM

IT Audit Verification Planning: Resolving Technique Selection – Part IV



Posted by: Robert Davis
AA, Applications, Assurance Service, Audit Assurance, CI, CIA, CICA, CISA, CITP, Compliance Testing, Configuration Item, Files, Information Asset, Information Technology, Infrastructure, IT, IT Audit, PM, Program, Project Management, Risk Management, Substantive Testing, Testing Techniques

Auditing IT configurations involves performing compliance and substantive tests on a selected

December 28, 2009  9:08 PM

IT Audit Verification Planning: Resolving Technique Selection – Part III



Posted by: Robert Davis
AA, Applications, Audit Assurance, CI, CICA, CISA, CITP, Compliance Testing, Configuration Item, Files, Information Asset, Information Technology, Infrastructure, IT, IT Audit, PM, Program, Project Management, Risk Management, Substantive Testing, Testing Techniques

Auditing electronically encoded programs can also involve compliance and substantive testing. Compliance testing usually involves testing programs for controls. Techniques for auditing programs are primarily oriented toward...


December 23, 2009  8:11 PM

IT Audit Verification Planning: Resolving Technique Selection – Part II



Posted by: Robert Davis
AA, Applications, Assurance Service, Audit Assurance, CI, CICA, CISA, CITP, Compliance Testing, Configuration Item, Files, Information Asset, Information Technology, Infrastructure, IT, IT Audit, PM, Program, Project Management, Risk Management, Substantive Testing, Testing Techniques

Compliance testing is the primary method employed to verify stated controls are operating effectively, while substantive testing is the primary method utilized to increase audit assurance. For instance, an IT auditor may reperform compliance testing, documented by an entity’s


December 21, 2009  7:59 PM

IT Audit Verification Planning: Resolving Technique Selection – Part I



Posted by: Robert Davis
AA, Applications, Assurance Service, Audit Assurance, CI, Compliance Testing, Configuration Item, Files, Information Asset, Information Technology, Infrastructure, IT, IT Audit, PM, Program, Project Management, Risk Management, Substantive Testing, Testing Techniques

There are a variety of techniques available to the IT auditor for compliance and substantive testing when performing assurance engagements. ...


December 3, 2009  9:07 PM

Safeguarding Assets is an IT Project Management Issue – Part IV



Posted by: Robert Davis
Applications, Asset, Implementation, Information Technology, Infrastructure, IT, Project Management, Risk Management, SDLC, System Development Life Cycle, Systems Analysis, Systems Design, Value Delivery

Systems and infrastructure design effects the controls relied on by an entity’s management, therefore, effecting control processes. Because systems and infrastructure are critical to an entity’s success, control processes should be designed...


November 30, 2009  7:22 PM

Safeguarding Assets is an IT Project Management Issue – Part III



Posted by: Robert Davis
Applications, Asset, IDLC, Implementation, Information Technology, Infrastructure, Infrastructure Development Life Cycle, IT, Project Management, Risk Management, SDLC, System Development Life Cycle, Systems Analysis, Systems Design, Value Delivery

An adequate IT infrastructure permits the continuance and growth of technology-based systems. Considering the Control Objectives for Information and related Technology (


November 25, 2009  7:59 PM

Safeguarding Assets is an IT Project Management Issue – Part II



Posted by: Robert Davis
Applications, Asset, Implementation, Information System, Information Technology, Infrastructure, IT, Project Management, Risk Management, SDLC, System Development Life Cycle, Systems Analysis, Systems Design, Value Delivery

As a foundational definition; a system is an assembly of procedures, processes, methods, and/or techniques united by regulated interaction conventions to form an organized whole in support of the entity’s objectives. A key term to this definition is “


November 23, 2009  6:26 PM

Safeguarding Assets is an IT Project Management Issue – Part I



Posted by: Robert Davis
Applications, Asset, Implementation, Information Technology, Infrastructure, IT, Project Management, Risk Management

Technology-based systems and infrastructure do not occur accidentally. They come into being only after appropriate planning, comprehensive...


June 22, 2009  8:41 PM

Application Protection – Part IV



Posted by: Robert Davis
Accounting, Applications, COE, Council of Europe, FCPA, Financial, Foreign Corrupt Practices Act, Information Technology, IT, Laws and Regulations, OAS, OECD, Organisation for Economic Co-operation and Development, Organization of American States, Sarbanes Oxley Act, SOX

The FCPA impacts IT control requirements of U.S. publicly held enterprises. Section 78m (b), in particular, documents the legislative rules and compliance requirements of internal control evaluation reporting with regard to management's assessment of internal controls. Section 78m (b) (2) through...


June 19, 2009  1:09 PM

Application Protection – Part III



Posted by: Robert Davis
Accounting, Applications, COE, Council of Europe, FCPA, Financial, Foreign Corrupt Practices Act, Information Technology, IT, Laws and Regulations, OAS, OECD, Organisation for Economic Co-operation and Development, Organization of American States, Sarbanes Oxley Act, SOX

FCPA control measures for an adequate system of internal accounting controls include maintaining appropriate segregation of duties, allowing only authorized transaction execution, controlling access to assets, and reconciling documented assets to actual assets regularly. Completeness, accuracy,...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: