February 24, 2012 8:57 PM
Posted by: Robert Davis
Certified Information Systems Auditor,
Certified Information Technology Professional,
Certified Internal Auditor,
Certified Internal Controls Auditor,
Certified Public Accountant,
External Audit,
Internal Audit,
IT Audit,
ITG,
Performance Measurement,
Resource Management,
Risk Management,
Strategic Alignment,
Value DeliveryPrimary drivers for IT governance audit planning are verifying governance existence, adequacy, and risk management. However, as with standard IT audits, a general control environment, information systems, and control procedures understanding...
February 21, 2012 9:28 PM
Posted by: Robert Davis
Certified Information Systems Auditor,
Certified Information Technology Professional,
Certified Internal Auditor,
Certified Internal Controls Auditor,
Certified Public Accountant,
External Audit,
Internal Audit,
IT Audit,
ITG,
Performance Measurement,
Resource Management,
Risk Management,
Strategic Alignment,
Value DeliveryIT governance audits normally have an organizational focus. ‘Organizational-based’ IT governance audits examine deployed frameworks, managerial issues, and departmental activities. However, if during...
February 17, 2012 8:50 PM
Posted by: Robert Davis
Certified Information Systems Auditor,
Certified Information Technology Professional,
Certified Internal Auditor,
Certified Internal Controls Auditor,
Certified Public Accountant,
External Audit,
Internal Audit,
IT Audit,
ITG,
Performance Measurement,
Resource Management,
Risk Management,
Strategic Alignment,
Value DeliveryTo prevent expectation misinterpretation, the IT governance engagement ‘terms of reference’ should minimally address engagement ambit, reporting lines, and IT audit authority. Specifically, IT governance functional areas and issues definitions; identified ‘highest-organization-level’...
February 17, 2012 8:43 PM
Posted by: Robert Davis
Certified Information Systems Auditor,
Certified Information Technology Professional,
Certified Internal Auditor,
Certified Internal Controls Auditor,
Certified Public Accountant,
External Audit,
Internal Audit,
IT Audit,
ITG,
Performance Measurement,
Resource Management,
Risk Management,
Strategic Alignment,
Value DeliveryReflective of ISACA standards and guidelines, the IT audit process should be replicated within for-profit and not-for-profit entities. “Topics which should be considered are set by COBIT in the IT Governance Management Guidelines.” However, an audit committee’s perceived mandate and mission...
February 10, 2012 9:36 PM
Posted by: Robert Davis
Certified Information Systems Auditor,
Certified Information Technology Professional,
Certified Internal Auditor,
Certified Internal Controls Auditor,
Certified Public Accountant,
External Audit,
Internal Audit,
IT Audit,
ITG,
Performance Measurement,
Resource Management,
Risk Management,
Strategic Alignment,
Value DeliveryGovernance supports stakeholder expectations related to management’s fiduciary responsibilities. Governance also reflects how an enterprise achieves its stated mission. Specifically, as presented in the Cadbury Committee...
October 25, 2011 7:58 PM
Posted by: Robert Davis
Certified Information Systems Auditor,
Certified Information Technology Professional,
Certified Internal Auditor,
Certified Internal Controls Auditor,
Certified Public Accountant,
External Audit,
IAP,
Information Assets Protection,
Information Security Governance,
Internal Audit,
ISG,
IT AuditRetrospectively, information security audits are a routine matter for internal auditors, but sometimes a controversial issue among external auditors. The controversy centers on the extent that IT...
October 21, 2011 8:29 PM
Posted by: Robert Davis
Certified Information Systems Auditor,
Certified Information Technology Professional,
Certified Internal Auditor,
Certified Internal Controls Auditor,
Certified Public Accountant,
External Audit,
IAP,
Information Assets Protection,
Information Security Governance,
Internal Audit,
ISG,
IT AuditFailure of an entity to take proper safeguarding precautions can lead to major operational problems and substantial asset loss. Incidents recorded throughout the world continuously reiterate that entities should not ignore information assets protection (IAP) risks and the need for processes to
October 18, 2011 8:16 PM
Posted by: Robert Davis
Certified Information Systems Auditor,
Certified Information Technology Professional,
Certified Internal Auditor,
Certified Internal Controls Auditor,
Certified Public Accountant,
COBIT,
External Audit,
Information Security Governance,
Internal Audit,
ISG,
IT AuditEvaluating IT solutions with the adequate level of IT security controls over IT resources requires a detailed principles and practices understanding. Regarding audit staffing, potential ISG engagement members should have the appropriate seniority and proficiency. Generally, when...
October 14, 2011 8:48 PM
Posted by: Robert Davis
Certified Information Systems Auditor,
Certified Information Technology Professional,
Certified Internal Auditor,
Certified Internal Controls Auditor,
Certified Public Accountant,
COBIT,
External Audit,
Information Security Governance,
Internal Audit,
ISG,
IT AuditAn IT auditor should include in the audit ambit relevant processes for planning, organizing, and monitoring information security activities. Furthermore, the audit ambit should include control systems for the use and protection of the full range...
