WebEx guide. > Everyone is muted to avoid background noise. Please use the chat box if you need to communicate with the host.
|
|
- Noah Little
- 8 years ago
- Views:
Transcription
1 WebEx guide > Everyone is muted to avoid background noise. Please use the chat box if you need to communicate with the host. > Asking questions: In the chat screen, ask questions by choosing All Panelists in lower right chat window. Type your message in the chat box and hit send. > If disconnected: Refer to your and reconnect. If audio is disconnected,click the Communicate tab in the upper left to find the dial in numbers and access code or refer back to your for the dial-in #. > Support #: If you have any technical problems, call WebEx Support at > We will be recording today. Chat Window Chat Box Refresh button Choose All Panelists 1
2 Auditing IT Governance January 16,
3 Webinar Moderator Phil Hurd ACUA President 3
4 Your Presenters Mike Cullen, Senior Manager CISA, CISSP, CIPP/US > Leads the firm s Technology Risk Services team in Washington, DC, focused on IT risk consulting and internal auditing. > Performs IT risk assessments and audits, developed information privacy and security programs, performed ethical hacking of IT systems, and conducted digital forensic investigations. > Presents to a variety of audiences, including ACUA, various IIA chapters and regional conferences, and at multiple universities. 4
5 Your Presenters Stephanie Marino, Manager CISA, CIA > Performs IT process improvement reviews, risk assessments, and IT audits for higher education and research institutions. > Utilizes industry best standards to assess internal control effectiveness around IT information privacy and security, governance, IT general controls, network and IT infrastructure management, and regulatory compliance. > Actively involved in training, seminars, and thought leadership initiatives with ACUA, IIA, and ISACA. 5
6 Contents/Agenda > What is IT Governance? > Approach to Auditing IT Governance > IT Governance Trends > References and Tools 6
7 Objectives > Provide an overview of IT Governance and describe its importance > Describe one approach to auditing IT Governance, including key scope areas, involved parties/stakeholders, key questions to answer > Describe current trends in IT Governance and how they can be incorporated into IT Governance audits 7
8 Polling Question #1 How would you rate your IT governance auditing experience? A. I ve audited IT governance multiple times at my institution B. I ve audited IT governance once at my institution C. I ve never audited IT governance at my institution 8
9 What is IT Governance? 9
10 What is IT Governance? > Mechanisms and structures used to clarify oversight, accountability, and decision making frameworks for IT strategy, resources, and control activities > Provides for effective management of IT operations and IT projects to ensure alignment with the institution s strategic plan Sources: The Institute for Internal Auditors, Global Technology Audit Guide: Auditing IT Governance, July 2012 Selig, Gad J. Implementing IT Governance, A Pocket Guide. June
11 What is IT Governance? The goal is to align IT investments with institutional priorities in order to enable fundamental improvements in teaching, learning, research, and administrative processes-and improvements in their costs-through technology-enabled transformation. John C. Hitt, President, University of Central Florida, Two Views of Alignment, EDUCAUSE Review March/April
12 What are the benefits of IT Governance? > Facilitates strategic alignment and understanding between the institution and IT organization(s) > Increases the ability of IT organization(s) to achieve their goals and objectives, as well as the overall institution s goals and objectives > Defines the value and cost of IT in terms of impact to the institution s goals and objectives > Helps IT organizations better manage their IT risk profile 12
13 What are the benefits of IT Governance? > Results in responsible utilization of IT resources and assets based on consistent, repeatable IT processes > Establishes and clarifies accountability and decision-making authority > Improves IT performance and compliance > Champions innovation within the IT function and throughout the institution > Emphasizes performance management and staff development 13
14 Why should institutions care about IT Governance? > Reduce costs, increase efficiency and effectiveness, especially in austere times > Frameworks make decision making easier and more consistent > Ranked as an EDUCAUSE 2012 Top 10 IT Issues 14
15 Why do auditors care about IT Governance? > IIA Standard 2110: The internal audit activity must assess and make appropriate recommendations for improving the governance process IIA 2110.A2: The internal audit activity must assess whether the [IT] governance of the organization supports the organization s strategies and objectives > Impacts downstream IT and business processes and controls by setting a foundation 15
16 Why do auditors care about IT Governance? We can evaluate the IT Governance structure and deliver results for the organization by making recommendations for improving the efficiency and effectiveness of the IT function 16
17 Polling Question #2 How would you describe your institution s approach to IT governance? A. Strong, defined, auditable, and centralized or decentralized B. Inconsistent, loosely defined, or not aligned to the institution s strategy and goals C. Non-existent or unknown 17
18 Approach to Auditing IT Governance 18
19 How do we get started? > Scoping > Stakeholder involvement > Areas of focus > Tactical steps 19
20 What should my scope be? > Scoping is always a challenge in higher education institutions, IT Governance is no exception > Ideally, even in a decentralized environment, the IT Governance framework applies across campuses, schools, and departments/units/divisions > Realistically, where can we get started 20
21 What should my scope be? > Department/unit/division level Smaller and less complex > School level > Campus level > Institution-wide level Ideal scope! Larger and more complex 21
22 Who are the stakeholders involved? Depends on your scoping, but we will look at it from the institution-wide view Potential Stakeholders: > Board > President/Chancellor > Provost Deans > Chief Business/Financial Officer Administrative department heads > Chief Information Officer > Information Security/Privacy Officer(s) > Chief Compliance/Risk Officer(s) > Research/Principal Investigators > Students 22
23 What are my areas of focus? > Institutional Governance Structures > Executive Leadership and Support > Strategic and Operational Planning > IT Organization(s) and Risk Management > Service Delivery and Management 23
24 Institutional Governance Structures Areas to Review Documents to Obtain Questions to Ask > Institution-wide Organizational structures > Communication mechanisms and frequency > Accountability protocols Governance Committee(s) > Institution s governance structure/organization chart with roles and responsibilities and reporting lines > Agendas and minutes from key governance meetings > Is IT governance centralized or decentralized? > What areas does IT support? > How is the CIO involved in institution-wide governance structures? 24
25 Executive Leadership and Support Areas to Review Documents to Obtain Questions to Ask > Strategic Plans > Budgets/Funding > CIO Roles and Responsibilities > Institution s strategic plan > IT strategic plan(s)/goals > IT budgets > CIO job description, performance plan > Is the IT strategic plan aligned specifically to elements of the institution s strategic plan? > How is IT funded? > Who does the CIO report to? > How frequently does the CIO interact with leadership/executive management? In what forums? 25
26 Strategic and Operational Planning Areas to Review Documents to Obtain Questions to Ask > Tactical Plans > Key Performance Indicators > Project Portfolio Management > IT Personnel Management > Tactical IT plans > Reports including KPIs/Metrics > Project Portfolio > Management Program documentation > IT Job Descriptions, Skill Requirements, Hiring Plans > How do IT tactical plans support IT strategic plan(s)? > How is IT measuring successful completion of tactical plans? > How are IT projects reviewed and approved to align with strategy? > Does IT have the personnel with the appropriate knowledge, skills, and abilities, to accomplish plans? 26
27 IT Organization(s) and Risk Management Areas to Review Documents to Obtain Questions to Ask > Risk Assessment > Compliance > Information Privacy > Information/Data Security > Employee Development > Asset Management and Procurement > Risk assessment process documents > Risk assessment results > Privacy program documents > Information Security program documents > Employee Development program documents > Asset Management and Procurement documents > How frequently and effectively is the IT risk assessment performed? Is it comprehensive? > How does IT ensure compliance, privacy, and security obligations are met? > How does IT provide employees development opportunities? > How does IT manage assets and procurement? 27
28 Service Delivery and Management Areas to Review Documents to Obtain Questions to Ask > Service Delivery and Costs > Helpdesk > System Operations > User Satisfaction > Project Management > Communication > Service Catalog or Inventory of Costs > Helpdesk process documentation > Helpdesk metrics > User Satisfaction metrics > Project Inventory > How are services funded? > Are costs competitive with other providers? > How effective is the IT helpdesk? > How much does it cost to maintain and implement systems? > How do IT projects get requested, reviewed, approved, and monitored? > How does IT effectively communicate services, interruptions to users? 28
29 Polling Question #3 Does your institution have an IT strategic plan? A. Yes B. No C. Unsure 29
30 IT Governance trends 30
31 IT Governance Trends > Cost Efficiencies (Outsourcing / The Cloud) > Information Privacy and Security > Scholarly Systems > Centralization vs. Decentralization 31
32 Cost Efficiencies What is it? > Outsourcing > The Cloud How does it impact/relate to IT Governance? > Compliance > Vendor Management Audit tips/real world examples 32
33 Information Privacy and Security What is it? > Privacy > Security How does it impact/relate to IT Governance? > Compliance > Reputation Audit tips/real world examples 33
34 Scholarly Systems What is it? > Learning management > MOOCs How does it impact/relate to IT Governance? > Teaching effectiveness > Student engagement Audit tips/real world examples 34
35 Centralization vs. decentralization What is it? How does it impact/relate to IT Governance? > Costs > Politics > Research Audit tips/real world examples 35
36 Polling Question #4 Which trend is likely to have the largest impact on your institution s IT governance strategy? A. Cost Efficiencies (Outsourcing / The Cloud) B. Information Privacy and Security C. Scholarly Systems D. Centralization vs. Decentralization 36
37 References and Tools 37
38 References > IIA Global Technology Audit Guide, Auditing IT Governance, July 2012 > Implementing IT Governance: A Pocket Guide, Gad Selig, 2008 > IT Governance, Peter Weill and Jeanne W. Ross, 2004 > Business Driven Information Technology, David R. Laube and Raymond F. Zammuto,
39 Tools > Process and Politics: IT Governance in Higher Education, EDUCAUSE Center for Applied Research, 2008 > A Framework for Information Systems Management and Governance, Information Resources Directorate of the University of Strathclyde, 2007 > An Executive Primer Based on the Val IT Framework 2.0, ITGI,
40 Next ACUA IT Webinar Ethical Leadership with ACUA Leads! February 2013 BYOD Party? Bring Your Own Device, Mobile Security, and Data Security Auditing March
41 ACUA MidYear ACUA MidYear Conference April 7-10, 2013 Renaissance Seattle Hotel Seattle, Washington Early registration closes Feb. 20 Register TODAY! acua.org 41
42 Resources ACUA > Promoting Internal Audit: > Listserv: > Forums: Baker Tilly > 42
43 Presenter Contact Info Thank you for participating today! Remember CPE certificates will be ed to you by ACUA Headquarters in about three weeks. Mike Cullen Stephanie Marino
44 Required disclosure and Circular 230 Prominent Disclosure The information provided here is of a general nature and is not intended to address the specific circumstances of any individual or entity. In specific circumstances, the services of a professional should be sought. Pursuant to the rules of professional conduct set forth in Circular 230, as promulgated by the United States Department of the Treasury, nothing contained in this communication was intended or written to be used by any taxpayer for the purpose of avoiding penalties that may be imposed on the taxpayer by the Internal Revenue Service, and it cannot be used by any taxpayer for such purpose. No one, without our express prior written permission, may use or refer to any tax advice in this communication in promoting, marketing, or recommending a partnership or other entity, investment plan or arrangement to any other party. Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member of Baker Tilly International Baker Tilly Virchow Krause, LLP. 44
How To Protect Your Organization From Liability From A Cell Phone (For Business)
Bring Your Own Device: A Framework for Audit March 6, 2013 1 Webinar Moderator Phil Hurd ACUA President 2 Your Presenters Mike Cullen, Senior Manager CISA, CISSP, CIPP/US > Leads the firm s Technology
More informationConducting a System Implementation Risk Review at Higher Education Institutions
Conducting a System Implementation Risk Review at Higher Education Institutions October 23, 2013 1 Webinar moderator Justin T. Noble ACUA Distance Learning Chairman 2 Your presenters Mike Cullen, Senior
More informationConstruction auditing: Continuous monitoring of active construction projects
Construction auditing: Continuous monitoring of active construction projects Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member of Baker Tilly International.
More informationHow can all higher education auditors use IT, both as general knowledge and with an IT. Baker Tilly Virchow Krause, LLP Use IT to Your Advantage
Use IT to Your Advantage How can all higher education auditors use IT, both as general knowledge and with an IT specialist, to perform better audits? 1 Webinar Moderator Phil Hurd ACUA President 2 Your
More informationConstruction Fraud: Stories from the Field
Construction Fraud: Stories from the Field Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member of Baker Tilly International. 2010 Baker Tilly Virchow Krause,
More informationAuditing Engineer-Procure-Construct (EPC) Projects
Auditing Engineer-Procure-Construct (EPC) Projects Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member of Baker Tilly International. 2012 Baker Tilly Virchow
More informationAuditing your institution's cybersecurity incident/breach response plan. Baker Tilly Virchow Krause, LLP
Auditing your institution's cybersecurity incident/breach response plan Objectives > Provide an overview of incident/breach response plans and their intended benefits > Describe regulatory/legal requirements
More informationWELCOME TO SECURE360 2013
WELCOME TO SECURE360 2013 Don t forget to pick up your Certificate of Attendance at the end of each day. Please complete the Session Survey front and back, and leave it on your seat. Are you tweeting?
More informationUniversity of Oregon Information Technology Risk Assessment. December 2, 2015
December 2, 2015 Table of Contents EXECUTIVE SUMMARY... 3 BACKGROUND... 3 APPROACH... 4 IT UNITS... 5 NOTED STRENGTHS... 5 THEMES... 6 IT RISKS... 11 IT RISKS DESCRIPTIONS... 12 APPENDIX A: BAKER TILLY
More informationGlobal Technology Audit Guide. Auditing IT Governance
Global Technology Audit Guide Auditing IT Governance Global Technology Audit Guide (GTAG ) 17 Auditing IT Governance July 2012 GTAG Table of Contents Executive Summary... 1 1. Introduction... 2 2. IT
More informationInternal audit value optimization for insurance organizations
Internal audit value optimization for insurance organizations Webinar May 13, 2015 Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member of Baker Tilly International.
More informationBaker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member of Baker Tilly International. Understanding SOC 3
Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member of Baker Tilly International. Understanding SOC 3 Agenda 1) A brief perspective on where SOC 3 originated
More informationIT Vendor Due Diligence. Jennifer McGill CIA, CISA, CGEIT IT Audit Director Carolinas HealthCare System December 9, 2014
IT Vendor Due Diligence Jennifer McGill CIA, CISA, CGEIT IT Audit Director Carolinas HealthCare System December 9, 2014 Carolinas HealthCare System (CHS) Second largest not-for-profit healthcare system
More informationHot Topics in IT. CUAV Conference May 2012
Hot Topics in IT CUAV Conference May 2012 Baker Tilly Virchow Krause, LLP Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member of Baker Tilly International.
More informationUnderstanding changes to the Trust Services Principles for SOC 2 reporting
Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member of Baker Tilly International. Understanding changes to the Trust Services Principles for SOC 2 reporting
More information03/06/2014. Bring Your Own Device: A Framework for Audit. Acknowledgement
Bring Your Own Device: A Framework for Audit Emily A Knopp, CPA, CISA Audit Director Angelo State University, Member of Texas Tech University System March 6, 2014 Texas Association of College of University
More informationUncovering outpatient operations hidden revenue busters
Healthcare industry insights Uncovering outpatient operations Our client s need This case study will discuss the findings and implementation recommendations following a comprehensive review of a large
More informationPNC is a registered mark of The PNC Financial Services Group, Inc.( PNC ) 2013 The PNC Financial Services Group, Inc. All rights reserved.
The seminar and/or webinar and materials that you will view were prepared for general information purposes only by Baker Tilly and are not intended as legal, tax or accounting advice or as recommendations
More informationUtility consulting. > > Operate as a quasi-standalone business with its own profit center > > Focus solely on internal customers
Shared services utility accounting How using a service company approach can help with cost allocations for multiple utility departments Cost allocations can strain a relationship Cost allocations are a
More informationQualitative analysis: Analyzing the construction schedule. 2014 Baker Tilly Virchow Krause, LLP
Qualitative analysis: Analyzing the construction schedule 2014 Baker Tilly Virchow Krause, LLP About Baker Tilly > Established in 1931 > One of the top 20 largest accounting and advisory firms in the United
More informationHow Human Resource Management Can Impact Your Bottom Line
How Human Resource Management Can Impact Your Bottom Line Presented by: Jenna Weidner, Senior Consultant May 2, 2012 Baker Tilly Virchow Krause, LLP Baker Tilly refers to Baker Tilly Virchow Krause, LLP,
More informationMaximizing Your IT Value with Well-Aligned Governance August 3, 2012
Maximizing Your IT Value with Well-Aligned Governance August 3, 2012 6 th Annual SoCal Excellence in Service Management Conference Your Presenter: Jason Brucker Associate Director within Protiviti's IT
More informationB Baker Tilly Beers & Cutler - A Guide to GSA Contractual Requirements
GSA Option Extensions Are Your Commercial Sales Practices Current, Accurate and Complete? Baker Tilly Beers & Cutler, PLLC, is a wholly-owned subsidiary of Baker Tilly Virchow Krause, LLP. 2010 Baker Tilly
More informationEnabling IT Performance & Value with Effective IT Governance Assessment & Improvement Practices. April 10, 2013
Enabling IT Performance & Value with Effective IT Governance Assessment & Improvement Practices April 10, 2013 Today's Agenda: Key Topics Defining IT Governance IT Governance Elements & Responsibilities
More informationPost-Construction Auditing and Fraud Detection
Post-Construction Auditing and Fraud Detection Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member of Baker Tilly International. 2010 Baker Tilly Virchow Krause,
More informationIT GOVERNANCE WITH ROBERT GOODSELL, MANAGING DIRECTOR JOE BRUTSCHE, DIRECTOR
IT GOVERNANCE WITH ROBERT GOODSELL, MANAGING DIRECTOR JOE BRUTSCHE, DIRECTOR PwC April 4, 2013 Agenda The challenge IT Governance defined IT Governance components Next steps Questions THE CHALLENGE The
More informationSubcontractor default insurance. 2013 Baker Tilly Virchow Krause, LLP
Subcontractor default insurance 2013 Baker Tilly Virchow Krause, LLP History of the market > 1996: Created by demand of contractors with the goal of taking back control when subcontractors default. > 2012:
More informationAuditing construction contract change orders
Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member of Baker Tilly International. Auditing construction contract change orders Presenter Tony Ollmann, CPA,
More informationHow To Understand The Role Of An Internal Audit
Top Ten Issues facing Internal Auditing in the Future The IIA Dallas Chapter April 6, 2006 Presented by: David A. Richards, CIA, CPA President The Institute of Internal Auditors drichards@theiia.org 1
More informationResilient and Sustainable Supply Chain September 30 th 2015. The Unique Alternative to the Big Four
Resilient and Sustainable Supply Chain September 30 th 2015 The Unique Alternative to the Big Four Resilient and Sustainable Supply Chain Welcome The presentation will begin promptly at noon Eastern. Audio:
More informationBeyond Mandates: Getting to Sustainable IT Governance Best Practices. Steve Romero PMP, CISSP, CPM IT Governance Evangelist
Beyond Mandates: Getting to Sustainable IT Governance Best Practices Steve Romero PMP, CISSP, CPM IT Governance Evangelist Agenda > IT Governance Definition > IT Governance Principles > IT Governance Decisions
More informationUsing Strategic Risk Management to Gain Assurance and Communicate More Effectively
Using Strategic Risk Management to Gain Assurance and Communicate More Effectively Julie Englund Board Member, Treasurer and Finance Committee Chair Wilson College Raina Rose Tagle, CPA, CISA, CIA National
More informationProtect Your Privates
Protect Your Privates Session 502 June 10, 2014 1:45 PM IASA 86 TH ANNUAL EDUCATIONAL CONFERENCE & BUSINESS SHOW Agenda Introductions Objectives Overview of Privacy Laws and Regulations Recent Breaches
More informationHIPAA Compliance: Are you prepared for the new regulatory changes?
HIPAA Compliance: Are you prepared for the new regulatory changes? Baker Tilly CARIS Innovation, Inc. April 30, 2013 Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed
More informationApplying Business Architecture to the Cloud
Applying Business Architecture to the Cloud Mike Rosen, Chief Scientist Mike.Rosen@ WiltonConsultingGroup.com Michael Rosen Agenda n What do we mean by the cloud? n Sample architecture and cloud support
More informationIT Accessibility for CIOs and Campus Leaders: Strategies and Solutions
EDUCAUSE Live! IT Accessibility for CIOs and Campus Leaders: Strategies and Solutions IT Accessibility Constituent Group http://educause.edu/groups/itaccess November 20, 2013 IT Accessibility Constituent
More informationThe CIPM certification is comprised of two domains: Privacy Program Governance (I) and Privacy Program Operational Life Cycle (II).
Page 1 of 7 The CIPM certification is comprised of two domains: Privacy Program Governance (I) and Privacy Program Operational Life Cycle (II). Domain I provides a solid foundation for the governance of
More informationStrategy, COBIT and Vision: HOW DO THEY RELATE? Ken Vander Wal, CISA, CPA, Past President, ISACA vandeke@gmail.com 11.16.2013
Strategy, COBIT and Vision: HOW DO THEY RELATE? Ken Vander Wal, CISA, CPA, Past President, ISACA vandeke@gmail.com 11.16.2013 AGENDA IT s Changing Landscape ISACA s Response Vision and Mission COBIT 5
More informationFinancial Institutions Industry Insights
February 2011 Address the heightened risks of your mortgage lending and servicing activities with enhanced internal controls The continuing stress within the housing and mortgage finance industries has
More informationInternal Auditing Guidelines
Internal Auditing Guidelines Recommendations on Internal Auditing for Lottery Operators Issued by the WLA Security and Risk Management Committee V1.0, March 2007 The WLA Internal Auditing Guidelines may
More informationImplementing Practical Information Security Programs
Implementing Practical Information Security Programs CISO Summit March 17-19, 2013 Presented by: David Cass, SVP & Chief Information Security Officer, Elsevier Information Security & Data Protection Office
More informationOAC Presentation to UNESCO Member States
OAC Presentation to UNESCO Member States Scope and Purpose of Audit and Risk Committees 29 June 2016 1 Content: 1. Context 2. Audit and Risk Management in UNESCO today 3. Relationship between Entreprise
More informationAustinGO: Website Governance and Management Audit
City of Austin AUDIT REPORT A Report to the Austin City Council Mayor Lee Leffingwell Mayor Pro Tem Sheryl Cole AustinGO: Website Governance and Management Audit August 2013 Council Members Chris Riley
More informationCybersecurity in the States 2012: Priorities, Issues and Trends
Cybersecurity in the States 2012: Priorities, Issues and Trends Commission on Maryland Cyber Security and Innovation June 8, 2012 Pam Walker, Director of Government Affairs National Association of State
More informationSocial Media -Benefits and Risk. Western Carolinas IIA Chapter Meeting October 25, 2012
Social Media -Benefits and Risk Western Carolinas IIA Chapter Meeting October 25, 2012 Matt Thompson Managing Director, Advisory Services Grant Thornton LLP Introductions Matt Thompson Managing Director
More informationCredit Unions RISK ADVISORY SERVICES. Enterprise Risk Management, Internal Audit and Complex Accounting Services
Credit Unions RISK ADVISORY SERVICES Enterprise Risk Management, Internal Audit and Complex Accounting Services Credit unions care about personal service. So do we. How BDO works with credit unions Credit
More informationPositioning Pima County Community College District s Human Capital Management for the Future
Positioning Pima County Community College District s Human Capital Management for the Future February 4, 2015 Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member
More informationCitation for published version (APA): Berthing, H. H. (2014). Vision for IT Audit 2020. Abstract from Nordic ISACA Conference 2014, Oslo, Norway.
Aalborg Universitet Vision for IT Audit 2020 Berthing, Hans Henrik Aabenhus Publication date: 2014 Document Version Early version, also known as pre-print Link to publication from Aalborg University Citation
More informationHow to Install the Fuzebox Meeting Application
How to Install the Fuzebox Meeting Application When attending live webinars, you are required to have a visual and audio connection. Ways to connect to a meeting: (A) Download and Install the Fuze Meeting
More informationEnterprise Risk Management & Information Technology
Enterprise Risk Management & Information Technology Presented by Scott Perry and Gary Ross Slalom Consulting, San Francisco Agenda Introductions Session Objectives Overview of Enterprise Risk Management
More informationNorth Texas ISSA CISO Roundtable
North Texas ISSA CISO Roundtable Roundtable Topic Threat Against Our Well Being The Most Effective Methods in Combating and Responding to the Cyber Attack Event Sponsor Moderator and Panelists David Stanton
More informationInternal Audit RFP 2013 Questions and Answers
Question set 1: 1. What do you like about your current outsource IA arrangement and what has prompted your consideration of alternative providers? IIT policy requires periodic placement of IA business
More informationIT Insights. Managing Third Party Technology Risk
IT Insights Managing Third Party Technology Risk According to a recent study by the Institute of Internal Auditors, more than 65 percent of organizations rely heavily on third parties, yet most allocate
More informationStepping Through the Info Security Program. Jennifer Bayuk, CISA, CISM
Stepping Through the Info Security Program Jennifer Bayuk, CISA, CISM Infosec Program How to: compose an InfoSec Program cement a relationship between InfoSec program and IT Governance design roles and
More informationHow quality assurance reviews can strengthen the strategic value of internal auditing*
How quality assurance reviews can strengthen the strategic value of internal auditing* PwC Advisory Internal Audit Table of Contents Situation Pg. 02 In response to an increased focus on effective governance,
More informationASSESSMENT OF THE IT GOVERNANCE PERCEPTION WITHIN THE ROMANIAN BUSINESS ENVIRONMENT
Accounting and Management Information Systems Vol. 11, No. 1, pp. 44 55, 2012 ASSESSMENT OF THE IT GOVERNANCE PERCEPTION WITHIN THE ROMANIAN BUSINESS ENVIRONMENT Pavel NĂSTASE 1 and Simona Felicia UNCHIAŞU
More informationHot Topic: Managing Your ERP Implementation Presented by:
Hot Topic: Managing Your ERP Implementation Presented by: Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member of Baker Tilly International. Agenda Objective:
More informationState and local tax update for law firms. Baker Tilly refers to Baker Tilly Virchow Krause, LLP,
State and local tax update for law firms Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member of Baker Tilly International. 2010 Baker Tilly Virchow Krause,
More informationCompany size matters: Perspectives on IT Governance
www.pwc.com/ca/technology-consulting Company size matters: Perspectives on IT Governance versus large Canadian organizations and IT Governance PwC conducted research for the 4th edition of the IT Governance
More informationWelcome! Presented by: Don Bernards, Partner Baker Tilly Brian Coate, Vice President Lancaster Pollard Ryan Miles, Vice President Lancaster Pollard
Welcome! HUD 202 refinancing: i Preserving multifamily il properties Presented by: Don Bernards, Partner Baker Tilly Brian Coate, Vice President Lancaster Pollard Ryan Miles, Vice President Lancaster Pollard
More informationOwner s project control review. 2014 Baker Tilly Virchow Krause, LLP
Owner s project control review 2014 Baker Tilly Virchow Krause, LLP About Baker Tilly > Established in 1931 > One of the top 20 largest accounting and advisory firms in the United States according to Accounting
More informationAalborg Universitet. Cyber Assurance - what should the IT auditor focus on? Berthing, Hans Henrik Aabenhus. Publication date: 2014
Aalborg Universitet Cyber Assurance - what should the IT auditor focus on? Berthing, Hans Henrik Aabenhus Publication date: 2014 Document Version Early version, also known as pre-print Link to publication
More informationOctober 7, 2011. Presented to. The PMI Washington DC Chapter. Pedro Agosto. Director of Client Services, XA Systems, LLC. pedro.agosto@xasystems.
October 7, 2011 Presented to The PMI Washington DC Chapter By Pedro Agosto Director of Client Services, XA Systems, LLC pedro.agosto@xasystems.com Introduction Re-evaluating IT Services Today s Challenges
More informationSupply Chain Shared Services (SCSS)
Supply Chain Shared Services (SCSS) Agenda Supply Chain, Procurement Program Overview Proposed Policy Changes Procurement Program Objectives Program Key Milestones Next Steps 2 Supply Chain, Procurement
More informationData Breach Essentials
BDO KNOWLEDGE WEBINAR SERIES Data Breach Essentials June 2014 BDO USA, LLP, a Delaware limited liability partnership, is the U.S. member of BDO International Limited, a UK company limited by guarantee,
More informationPCI Compliance From an Internal Audit point of view
PCI Compliance From an Internal Audit point of view University of Oklahoma Board of Regents, Internal Audit May 24, 2016 Tim Marley CPA CIA CISA CFE GSNA CISSP CIPP CISM PCI ISA PCIP IT Audit Director
More informationIT Governance: framework and case study. 22 September 2010
IT Governance: framework and case study Presenter Yaowaluk Chadbunchachai Advisory Services Ernst & Young Corporate Services Limited Presentation topics ERM and IT governance IT governance framework IT
More informationPhil Marshall Black Duck Software. 2012 ISACA Webinar Program. 2012 ISACA. All rights reserved.
Open Source Component Governance and Management Using COBIT Phil Marshall Black Duck Software 2012 ISACA Webinar Program. 2012 ISACA. All rights reserved. Welcome Type in questions using the Ask A Question
More informationInformation Technology (IT) Governance
Information Technology () Governance A Position Paper Michael Ridley Chief Information Officer and Chief Librarian University of Guelph September 2006 1. Objective This paper outlines an incremental approach
More informationDomain 1 The Process of Auditing Information Systems
Certified Information Systems Auditor (CISA ) Certification Course Description Our 5-day ISACA Certified Information Systems Auditor (CISA) training course equips information professionals with the knowledge
More informationGuide for the Role and Responsibilities of an Information Security Officer Within State Government
Guide for the Role and Responsibilities of an Information Security Officer Within State Government Table of Contents Introduction 3 The ISO in State Government 4 Successful ISOs Necessary Skills and Abilities
More informationVendor Management Best Practices
23 rd Annual and One Day Seminar Vendor Management Best Practices Catherine Bruder CPA, CITP, CISA, CISM, CTGA Michigan Texas Florida Insight. Oversight. Foresight. SM Doeren Mayhew Bruder 1 $100 billion
More informationHCCA Compliance Institute 2013 Privacy & Security
HCCA Compliance Institute 2013 Privacy & Security 704 Conducting a Privacy Risk Assessment A Practical Guide to the Performance, Evaluation and Response April 23, 2013 Presented By Eric Dieterich Session
More informationLATEST TRENDS IN LEGAL BUSINESS PROCESS OUTSOURCING
LATEST TRENDS IN LEGAL BUSINESS PROCESS OUTSOURCING 1 May 29, 2014 WELCOME TO OUR WEBINAR SERIES I have invited you, key stakeholders and decision makers involving your Business Process Outsourcing solutions,
More informationAUDIT REPORT. The Energy Information Administration s Information Technology Program
U.S. Department of Energy Office of Inspector General Office of Audits and Inspections AUDIT REPORT The Energy Information Administration s Information Technology Program DOE-OIG-16-04 November 2015 Department
More informationLessons Learned: Implementing Cloud Application Software Suites
Business and Technology Insights Lessons Learned: Implementing Cloud Inside: Executive Summary Definitions re: Cloud Application Software Cloud Application Software Implementation Guidance Summary Executive
More informationBudget Conferencing User Guide
Budget Conferencing User Guide Welcome! This user guide contains detailed instructions on how to use our conferencing services, including touch tone commands. Using this guide you can set up your next
More informationCareer Survey. 1. In which country are you based? 2. What is your job title? 3. Travel budget. 1 of 28. Response Count. answered question 88
Career Survey 1. In which country are you based? 88 answered question 88 skipped question 0 2. What is your job title? 88 answered question 88 skipped question 0 3. Travel budget not at all 21.0% 17 somewhat
More informationThe Hunt for Fraud. September 25, 2014. Seminar / Training. September 26, 2014
BYOD and Securing Mobile Devices September 25, 2014 The Hunt for Fraud September 26, 2014 Seminar / Training Central Arkansas Chapter Information Systems Audit and Control Association, Arkansas Division
More informationInstant Net Conference with Cisco WebEx Meeting Center
Instant Net Conference with Cisco WebEx Meeting Center Setting up an Instant Net Conference Subscription (first time only) Go to https://www.mymeetings.com/ Select the Manage My Meetings login link. Enter
More informationSurvey of more than 1,500 Auditors Concludes that Audit Professionals are Not Maximizing Use of Available Audit Technology
Survey of more than 1,500 Auditors Concludes that Audit Professionals are Not Maximizing Use of Available Audit Technology Key findings from the survey include: while audit software tools have been available
More informationIMAS Regulatory Roundup - Outsourcing, Technology and Data Protection How does it impact fund management companies?
IMAS Regulatory Roundup - Outsourcing, Technology and Data Protection How does it impact fund management companies? IMAS Seminar 20 January 2015 Ken Chia Baker & McKenzie.Wong & Leow is incorporated with
More informationImpact of New Internal Control Frameworks
Impact of New Internal Control Frameworks Webcast: Tuesday, February 25, 2014 CPE Credit: 1 0 With You Today Bob Jacobson Principal, Risk Advisory Services Consulting Leader West Region Bob.Jacobson@mcgladrey.com
More information1. IT STRATEGY, GOVERNANCE AND RISK TRAINING PROGRAM
1. IT STRATEGY, GOVERNANCE AND RISK TRAINING PROGRAM Many organisations fail to realise optimum business value from their investment in IT. Our series of webinars and management forums aim to provide a
More informationExam Name: Certified Information Security Manager
Vendor: Isaca Exam Code: CISM Exam Name: Certified Information Security Manager Version: DEMO QUESTION 1 Senior management commitment and support for information security will BEST be attained by an information
More informationBased on 2008 Survey of 255 Non-IT CEOs/Executives
Based on 2008 Survey of 255 Non-IT CEOs/Executives > 50% Ranked ITG as very important > 75% of businesses consider ITG to be an integral part of enterprise governance, but the overall maturity level is
More informationAre Passwords Passé?
Are Passwords Passé? Deployment Strategies for Multifactor Authentication IAM Online December 10, 2014 Mike Grady, Scalable Privacy Project David Walker, Scalable Privacy Project Thank you to InCommon
More informationState of Minnesota IT Governance Framework
State of Minnesota IT Governance Framework June 2012 Table of Contents Table of Contents... 2 Introduction... 4 IT Governance Overview... 4 Process for Developing the New Framework... 4 Management of the
More informationPlanning for Digital WEBINAR. 2015 Netcall. #digitalplanning Chat room www.netcall.com/9th-june
Planning for Digital WEBINAR Tuesday 9 th June 2015 Your panel members today Richard Farrell Chief Technology Officer Netcall Dave Vernon Head of Membership The Forum Mike Elliott Senior Account Executive
More informationAbout the Presenter About the Cloud Security Alliance Guidance 1.0 Getting Involved Call to Action
Governance, Risk Management, Compliance, & Audit An Overview of Cloud Security Alliance s Security Guidance for Critical Areas of Focus in Cloud Computing July 23, 2009 Agenda About the Presenter About
More informationNEW PERSPECTIVES. Data Analysis Challenges: C1 is customer provided. Anticipate IRS Audits: System Development and Implementation Projects:
NEW PERSPECTIVES on Healthcare Risk Management, Control and Governance www.ahia.org Journal of the Association of Heathcare Internal Auditors Vol. 31, No. 2, Summer, 2012 C1 is customer provided Data Analysis
More informationWelcome to the Creating Strategic Partnerships: Faculty Affairs Offices and Human Resources Webinar
Welcome to the Creating Strategic Partnerships: Faculty Affairs Offices and Human Resources Webinar This webinar will start at 12:00 pm Please dial 1-888-757-2748, Passcode: 298154 to access the audio
More informationAHIA HCCA Auditing & Monitoring Focus Group Defining the Key Roles and Responsibilities Corporate Compliance and Internal Audit.
and Requirement: May be required if the organization must comply with Sarbanes-Oxley. Otherwise, is implemented as an organizational governance/business decision and best practice. Purpose: Provide independent
More informationInformation Technology Governance: Key Success Factors
Information Technology Governance: Key Success Factors Tim Brooks VP & CIO Saint Louis University AITP September 22, 2011 Tim Brooks - Saint Louis University 1 Discussion Points What is IT Governance?
More informationWMACCA Small Law Department Initiative. Scaling a Compliance Program To Your Organization And Small Law Department
WMACCA Small Law Department Initiative Scaling a Compliance Program To Your Organization And Small Law Department Michael C. Hardy, II Womble Carlyle Sandridge & Rice, LLP michael.hardy@wcsr.com 410.545.5873
More informationSecuring Medical Information, Electronic Medical Records (EMRs) and Databases in the Cloud
Securing Medical Information, Electronic Medical Records (EMRs) and Databases in the Cloud By: Connie Bergquist, Matthew Brewer, Debi Harding, James Konderla, Elizabeth Nguyen, Nathlay Phothirath, David
More informationPharmaceutical Compliance and Regulatory Congress 2009
Pharmaceutical Compliance and Regulatory Congress 2009 Compliance Program Elements Track I: How Program Management Can Keep You On Track Edward H. Leskauskas Director, Compliance and Ethics Operations
More informationA smarter way to protect your brand. Copyright 2012 Compliance 360 All Rights Reserved
A smarter way to protect your brand Minimizing Compliance Risks of Proactive OCR HIPAA Audits Copyright 2012 Compliance 360 All Rights Reserved Compliance 360 at a Glance Compliance, Risk and Audit Solutions
More informationBest practices and insight to protect your firm today against tomorrow s cybersecurity breach
Best practices and insight to protect your firm today against tomorrow s cybersecurity breach July 8, 2015 Baker Tilly Virchow Krause, LLP Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently
More informationEducation and training programs have
: Responding to a New Regulatory World Mindy J. Steinberg, MPH, and Elaine R. Rubin, PhD Strategic approach required to address infrastructure, leadership, curriculum, and communication needs. training
More information