IT Governance, Risk, and Compliance:

Management


July 1, 2013  2:02 AM

Government-Audit Convergence Part VII



Posted by: Robert Davis
Accountability, Administrative Control, Audit Oversight Committee, Compliance Management, Control Evaluation, Due Care, Due Diligence, Fiduciary Responsibility, Framework, Governance, Government Agencies, Illegal Acts, Information Assets Protection, Laws and Regulations, Management, Safeguarding

Technology deployment and associated management information systems can provide a competitive advantage as well as increased control requirements. Legal noncompliance risks are an irrefutable fact, where consequences range from significant financial penalties to the threat of damage to an...

June 28, 2013  6:10 AM

Government-Audit Convergence Part VI



Posted by: Robert Davis
Accountability, Administrative Control, Audit Oversight Committee, Compliance Management, Control Evaluation, Due Care, Due Diligence, Fiduciary Responsibility, Framework, Governance, Government Agencies, Illegal Acts, Information Assets Protection, Laws and Regulations, Management, Safeguarding

The most common audit practice laws and regulations influences are evidence collection and perseverance. Where legal compliance audits are decreed, if an illegal act is suspected, IT auditors must ensure evidential legal mandates are satisfied in order to successfully provide authorities with...


June 23, 2013  10:47 PM

Government-Audit Convergence Part V



Posted by: Robert Davis
Accountability, Administrative Control, Audit Oversight Committee, Compliance Management, Control Evaluation, Due Care, Due Diligence, Fiduciary Responsibility, Framework, Governance, Government Agencies, Illegal Acts, Information Assets Protection, Laws and Regulations, Management, Safeguarding

Accountability is responsibility for performance against agreed-upon expectations either stated and/or implied.  Professionally, an IT auditor should exercise due caution from disclosing information acquired in the course of an engagement to any person other than the entity’s dually  appointed...


June 21, 2013  5:02 PM

Government-Audit Convergence Part IV



Posted by: Robert Davis
Accountability, Administrative Control, Audit Oversight Committee, Compliance Management, Control Evaluation, Due Care, Due Diligence, Fiduciary Responsibility, Framework, Governance, Government Agencies, Illegal Acts, Information Assets Protection, Laws and Regulations, Management, Safeguarding

Regarding laws and regulations, when professional standards are applied to compliance engagements, an IT auditor has the right to believe that management has established appropriate controls to prevent, deter and detect illegal acts, unless tests and evaluations carried on by an IT auditor prove...


June 17, 2013  1:31 AM

Government-Audit Convergence Part III



Posted by: Robert Davis
Accountability, Administrative Control, Audit Oversight Committee, Compliance Management, Control Evaluation, Due Care, Due Diligence, Fiduciary Responsibility, Framework, Governance, Government Agencies, Illegal Acts, Information Assets Protection, Laws and Regulations, Management, Safeguarding

Professional prudence dictates legal mandates impacting IT-IAP audit practice areas should be thoroughly understood by audit team members prior to proceeding with fieldwork. Specifically, IT auditors “should review compliance with applicable statutory laws, regulations as well as contracts and,...


June 15, 2013  5:19 PM

Government-Audit Convergence Part II



Posted by: Robert Davis
Accountability, Administrative Control, Audit Oversight Committee, Compliance Management, Control Evaluation, Due Care, Due Diligence, Fiduciary Responsibility, Framework, Governance, Government Agencies, Illegal Acts, Information Assets Protection, Laws and Regulations, Management, Safeguarding

Government sponsored laws and regulations can influence auditor conduct and impose IT audit practice requirements.  Therefore, applying ISACA’s Professional Ethics and Standards, an IT auditor “should maintain the highest degree of integrity and...


June 10, 2013  2:30 AM

Government-Audit Convergence Part I



Posted by: Robert Davis
Accountability, Administrative Control, Audit Oversight Committee, Compliance Management, Control Evaluation, Due Care, Due Diligence, Fiduciary Responsibility, Framework, Governance, Government Agencies, Illegal Acts, Information Assets Protection, Laws and Regulations, Management, Safeguarding

Generally, audit has a responsibility for ensuring that (1) independence and objectivity are maintained in all phases of assignments, (2) professional judgment is utilized in planning approaches, performing procedures, and reporting results of engagements, (3) work is conducted by personnel who are...


January 11, 2011  5:07 PM

Governing IT: Policy Formulation and Enforcement – Part VIII



Posted by: Robert Davis
Decision Making, Feedback Control, Fuzzy Logic, Goals, Internal Control Systems, ITG, Linear Control, Logic Control, Management, Monitoring, Objectives, Organizing, Planning, Policy Enforcement, Policy Formation, Sequential Control

Without clear policies that define acceptable IT related behavior, sustaining an effective and efficient internal control system is a remote possibility. Conversely, the formulation of clear IT policies is a mechanism for creating and propagating transparent plans for the achievement of adopted IT...


January 8, 2011  12:26 AM

Governing IT: Policy Formulation and Enforcement – Part VII



Posted by: Robert Davis
Decision Making, Feedback Control, Fuzzy Logic, Goals, Internal Control Systems, ITG, Linear Control, Logic Control, Management, Monitoring, Objectives, Organizing, Planning, Policy Enforcement, Policy Formation, Sequential Control

Due to the continuous adoption of new or improved hardware, firmware and software, IT threat vectors are likely to remain a business risk for the foreseeable future. Once an entity understands what information needs to...


January 4, 2011  5:14 PM

Governing IT: Policy Formulation and Enforcement – Part VI



Posted by: Robert Davis
Decision Making, Feedback Control, Fuzzy Logic, Goals, Internal Control Systems, ITG, Linear Control, Logic Control, Management, Monitoring, Objectives, Organizing, Planning, Policy Enforcement, Policy Formation, Sequential Control

Performance measurement is a control activity.” Measurement techniques are the means for achieving effective performance monitoring. Manually monitoring...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: