February 28, 2012 8:47 PM
Posted by: Robert Davis
Certified Information Systems Auditor,
Certified Information Technology Professional,
Certified Internal Auditor,
Certified Internal Controls Auditor,
Certified Public Accountant,
External Audit,
Internal Audit,
IT Audit,
ITG,
Performance Measurement,
Resource Management,
Risk Management,
Strategic Alignment,
Value DeliveryInterpretively, an entity’s information systems represent the infrastructure to collect data, process transactions, and communicate operational results. In other words, an entity's MIS represents the aggregation of personnel, computer hardware and software, with associated policies and...
February 24, 2012 8:57 PM
Posted by: Robert Davis
Certified Information Systems Auditor,
Certified Information Technology Professional,
Certified Internal Auditor,
Certified Internal Controls Auditor,
Certified Public Accountant,
External Audit,
Internal Audit,
IT Audit,
ITG,
Performance Measurement,
Resource Management,
Risk Management,
Strategic Alignment,
Value DeliveryPrimary drivers for IT governance audit planning are verifying governance existence, adequacy, and risk management. However, as with standard IT audits, a general control environment, information systems, and control procedures understanding...
February 21, 2012 9:28 PM
Posted by: Robert Davis
Certified Information Systems Auditor,
Certified Information Technology Professional,
Certified Internal Auditor,
Certified Internal Controls Auditor,
Certified Public Accountant,
External Audit,
Internal Audit,
IT Audit,
ITG,
Performance Measurement,
Resource Management,
Risk Management,
Strategic Alignment,
Value DeliveryIT governance audits normally have an organizational focus. ‘Organizational-based’ IT governance audits examine deployed frameworks, managerial issues, and departmental activities. However, if during...
February 17, 2012 8:50 PM
Posted by: Robert Davis
Certified Information Systems Auditor,
Certified Information Technology Professional,
Certified Internal Auditor,
Certified Internal Controls Auditor,
Certified Public Accountant,
External Audit,
Internal Audit,
IT Audit,
ITG,
Performance Measurement,
Resource Management,
Risk Management,
Strategic Alignment,
Value DeliveryTo prevent expectation misinterpretation, the IT governance engagement ‘terms of reference’ should minimally address engagement ambit, reporting lines, and IT audit authority. Specifically, IT governance functional areas and issues definitions; identified ‘highest-organization-level’...
February 17, 2012 8:43 PM
Posted by: Robert Davis
Certified Information Systems Auditor,
Certified Information Technology Professional,
Certified Internal Auditor,
Certified Internal Controls Auditor,
Certified Public Accountant,
External Audit,
Internal Audit,
IT Audit,
ITG,
Performance Measurement,
Resource Management,
Risk Management,
Strategic Alignment,
Value DeliveryReflective of ISACA standards and guidelines, the IT audit process should be replicated within for-profit and not-for-profit entities. “Topics which should be considered are set by COBIT in the IT Governance Management Guidelines.” However, an audit committee’s perceived mandate and mission...
February 10, 2012 9:36 PM
Posted by: Robert Davis
Certified Information Systems Auditor,
Certified Information Technology Professional,
Certified Internal Auditor,
Certified Internal Controls Auditor,
Certified Public Accountant,
External Audit,
Internal Audit,
IT Audit,
ITG,
Performance Measurement,
Resource Management,
Risk Management,
Strategic Alignment,
Value DeliveryGovernance supports stakeholder expectations related to management’s fiduciary responsibilities. Governance also reflects how an enterprise achieves its stated mission. Specifically, as presented in the Cadbury Committee...
February 7, 2012 9:57 PM
Posted by: Robert Davis
Certified Information Systems Auditor,
Certified Information Technology Professional,
Certified Internal Auditor,
Certified Internal Controls Auditor,
Certified Public Accountant,
COBIT,
Infrastructure,
ISO,
IT Audit,
ITSM,
Service Delivery,
SystemsAudit evidence for elements of an adequate CE may not be available in documentary form. In addition, responsibility for IT governance is often undertaken by the owner/manager where there are no other...
February 3, 2012 9:29 PM
Posted by: Robert Davis
Certified Information Systems Auditor,
Certified Information Technology Professional,
Certified Internal Auditor,
Certified Internal Controls Auditor,
Certified Public Accountant,
COBIT,
Infrastructure,
ISO,
IT Audit,
ITSM,
Service Delivery,
SystemsRegarding outsourced services, among other expectations, an IT auditor should obtain and document an understanding of the relationship between the services provided by third parties and the entity’s control environment. An IT auditor should consider reviewing such items as contracts,
January 31, 2012 8:41 PM
Posted by: Robert Davis
Certified Information Systems Auditor,
Certified Information Technology Professional,
Certified Internal Auditor,
Certified Internal Controls Auditor,
Certified Public Accountant,
COBIT,
Infrastructure,
ISO,
IT Audit,
ITSM,
Service Delivery,
SystemsOrdinarily, an IT auditor obtains relevant CE audit evidence through a combination of inquiries and other risk assessment procedures. For example, through management and employee inquiries, an IT auditor may obtain an...
