Introduction Auditing Internal Controls in an IT Environment SOx and the COSO Internal Controls Framework Roles and Responsibilities of IT Auditors

Similar documents
Executive's Guide to

Enhancing IT Governance, Risk and Compliance Management (IT GRC)

Trends in Information Technology (IT) Auditing

IT GOVERNANCE PANEL BRING VALUE BY AUDITING IT GOVERNANCE GET THE

CORE CONCEPTS OF. Thirteenth Edition. Mark G. Simkin, PhD. Professor Department of Information Systems University of Nevada

AHIA HCCA Auditing & Monitoring Focus Group Defining the Key Roles and Responsibilities Corporate Compliance and Internal Audit.

Profil stručnjaka za informacijsku sigurnost - certificirati se ili ne? Biljana Cerin, CISA, CISM, CGEIT, CBCP, PMP

COSO Enterprise Risk Management. Establishing Effective Governance, Risk, and Compliance (GRC) Processes. 2nd Edition. Wiley Corporate F&A

AUD105-2nd Edition. Auditor s Guide to IT - 20 hours. Objectives

Mapping COBIT 5 with IT Governance, Risk and Compliance at Ecopetrol S.A. By Alberto León Lozano, CISA, CGEIT, CIA, CRMA

ERIC M. WRIGHT, cpa, citp

Table of Contents. Auditor's Guide to Information Systems Auditing Richard E. Cascarino Copyright 2007, John Wiley & Sons, Inc.

Security & IT Governance: Strategies to Building a Sustainable Model for Your Organization

Chayuth Singtongthumrongkul

AN OVERVIEW OF INFORMATION SECURITY STANDARDS

ACCOUNTING INFORMATION SYSTEMS

Chapter 1 The Principles of Auditing 1

Certified Information Systems Auditor (CISA)

IT Security & Compliance Risk Assessment Capabilities

Cloud Computing An Auditor s Perspective

IT Vendor Due Diligence. Jennifer McGill CIA, CISA, CGEIT IT Audit Director Carolinas HealthCare System December 9, 2014

Cybercrime & Cybersecurity: the Ongoing Battle International Hellenic University

Securing your Corporate Infrastructure What is really needed to keep your assets protected

Information Security Management Systems

This article will provide background on the Sarbanes-Oxley Act of 2002, prior to discussing the implications for business continuity practitioners.

The Next Generation of Security Leaders

Achieving Business Imperatives through IT Governance and Risk

Achieving Governance, Risk and Compliance Requirements with HISP Certification Course

Terms of Reference for an IT Audit of

CLASSIFICATION SPECIFICATION FORM

Making Compliance Work for You

Introduction to ISACA and ITGI By Georges Ataya, International Vice President, ISACA

Cyber Security solutions

IT risk management discussion 2013 PIAA Leadership Camp May 15, 2013

Strategic IT audit. Develop an IT Strategic IT Assurance Plan

Domain 1 The Process of Auditing Information Systems

CISA TIMETABLE (4 DAYS)

Program Overview and 2015 Outlook

Task Area 1: IT Services for Biomedical Research, Health Sciences, and Healthcare

From Cybersecurity to Collaboration: Assessing the Top Priorities for Internal Audit Functions Internal Audit Capabilities and Needs Survey

COBIT 5 Introduction. 28 February 2012

Governance, Risk, and Compliance (GRC) White Paper

Experienced professionals may apply for the Certified Risk Management Professional (CRMP) certification under the grandfathering provision.

Practical Guidance for Auditing IT General Controls. September 2, 2009

Database Security and Auditing

High Value Audits: An Update on Information Technology Auditing. Robert B. Hirth Jr., Managing Director

The Information Systems Audit

Information Security Management System (ISMS) Overview. Arhnel Klyde S. Terroza

Governance and Management of Information Security

Navigating the Standards for Information Technology Controls

Security Transcends Technology

IT Service Management ITIL, COBIT

Domain 5 Information Security Governance and Risk Management

Best Practices in Identity and Access Management (I&AM) for Regulatory Compliance. RSA Security and Accenture February 26, :00 AM

How To Use Risk It

Risk mitigation for business resilience White paper. A comprehensive, best-practices approach to business resilience and risk mitigation.

Business Continuity Management Emerging Trends

What Should IS Majors Know About Regulatory Compliance?

Complimentary Relationship Between ITIL and PMBOK

Roles and Responsibilities Corporate Compliance and Internal Audit

Enabling Information PREVIEW VERSION

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist,

An Overview of Information Security Frameworks. Presented to TIF September 25, 2013

The Importance of IT Controls to Sarbanes-Oxley Compliance

Information Technology. A Current Perspective on Risk Management

Manage Third Party Information Technology Services

Benchmark of controls over IT activities Report. ABC Ltd

Information Security Management Systems. Chief Operating Officer, Director of Strategy and Business Development, Chief Information Security Officer

BADM 590 IT Governance, Information Trust, and Risk Management

Caretower s SIEM Managed Security Services

IT Compliance After Hours Seminar September 2007 Zurich. Improving IT Risk & Compliance Management (RCM)

Risky Business. Is Your Cybersecurity in Cruise Control? ISACA Austin Chapter Meeting May 5, 2015

Executive Management of Information Security

(Instructor-led; 3 Days)

FPO Internal Audit Capabilities and Needs Survey Internal Audit Capabilities and Needs Survey

Altius IT Policy Collection Compliance and Standards Matrix

KAREN E. RUSHING. AUDIT OF Human Capital Management System (HCMS) Application Controls

COBIT 5 For Cyber Security Governance and Management. Nasser El-Hout Managing Director Service Management Centre of Excellence (SMCE)

08/10/2013. Data protection and compliance. Agenda. Data protection life cycle and goals. Introduction. Data protection overview

Certification for Information System Security Professional (CISSP)

GLOBAL STANDARD FOR INFORMATION MANAGEMENT

CFE 2. Enterprise Risk Management. Study Guide - Supplemental Background Material

HHSN W 1 QSSI - Quality Software Services, Inc

Internal Auditing Guidelines

IT Audit in the Cloud

Cybersecurity: Considerations for Internal Audit. IIA Atlanta Chapter Meeting January 9, 2015

Surviving an IT Audit. Michael Hammond, CISA, CRISC, CISSP, C EH Director, IT Audit Services O Connor & Drew P.C. mhammond@ocd.com

Security Controls What Works. Southside Virginia Community College: Security Awareness

Information Technology General Controls Review (ITGC) Audit Program Prepared by:

Transcription:

Introduction Auditing Internal Controls in an IT Environment SOx and the COSO Internal Controls Framework Roles and Responsibilities of IT Auditors Importance of Effective Internal Controls and COSO COSO Internal Control Systems Monitoring Guidance Sarbanes-Oxley Act Wrapping It Up: COSO Internal Controls and Sox Using CobiT to Perform IT Audits Introduction to CobiT CobiT Framework Using CobiT to Assess Internal Controls Using CobiT in a SOx Environment CobiT Assurance Framework Guidance CobiT in Perspective IIA and ISACA Standards for the Professional Practice of Internal Auditing Internal Auditing's International Professional Practice Standards Content of the IPPF and the IIA International Standards Strongly Recommended IIA Standards Guidance ISACA IT Auditing Standards Overview Codes of Ethics: The IIA and ISACA Understanding Risk Management Through COSO ERM Risk Management Fundamentals Quantitative Risk Analysis Techniques IIA and ISACA Risk Management Internal Audit Guidance COSO ERM: Enterprise Risk Management IT Audit Risk and COSO ERM Performing Effective IT Audits IT Audit and the Enterprise Internal Audit Function Organizing and Planning IT Audits Developing and Preparing Audit Programs Gathering Audit Evidence and Testing Results Workpapers and Reporting IT Audit Results Preparing Effective IT Audits Auditing IT General Controls General Controls in Today's IT Environments

Importance of IT General Controls IT Governance General Controls IT Management General Controls IT Technical Environment General Controls Infrastructure Controls and ITIL Service Management Best Practices ITIL Service Management Best Practices ITIL's Service Strategies Component ITIL Service Design ITIL Service Transition Management Processes ITIL Service Operation Processes Service Delivery Best Practices Auditing IT Infrastructure Management Systems Software and IT Operations General Controls IT Operating System Fundamentals Features of a Computer Operating System Other Systems Software Tools Evolving Control Issues: Wireless Networks, Cloud Computing, and Virtualization Understanding and Auditing IT Wireless Networks Understanding Cloud Computing Storage Management Virtualization Auditing and Testing IT Application Controls Selecting, Testing, and Auditing IT Applications IT Application Control Elements Selecting Applications for IT Audit Reviews Performing an Applications Controls Reviews: Preliminary Steps Completing the IT Applications Controls Audit Application Review Case Study: Client-Server Budgeting System Auditing Applications Under Development Importance of Reviewing IT Applicatio Controls Software Engineering and CMMi Software Engineering Concepts CMMi: Capability Maturity Model for Integration CMMi Benefits IT Audit, Internal Control, and CMMi Auditing Service-Oriented Architectures and Record Management Processes

Service-Oriented Computing and Service-Driven Applications IT Auditing in SOA Environments Electronic Records Management Internal Control Issues and Risks IT Audits of Electronic Records Management Processes Computer-Assisted Audit Tools and Techniques Understanding Computer-Assisted Audit Tools and Techniques Determining the Need for CAATTs CAATT Software Tools Steps to Building Effective CAATTs Importance of CAATTs for Audit Evidence Gathering Continuous Assurance Auditing, OLAP and XBRL Implementing Continuous Assurance Auditing Benefits of Continuous Assurance Auditing Tools Data Warehouses, Data Mining, and OLAP XBRL: The Internet-Based Extensible Marking Language Newer Technologies, the Continuous Close, and IT audit Importance of IT Governance IT Controls and the Audit Committee Role of the Audit Committee for IT Auditors Audit Committee Approval of Internal Audit Plans and Budgets Audit Committee Briefings on IT Audit Issues Audit Committee Review and Action on Significant IT Audit Findings IT Audit and the Audit Committee Val IT, Portfolio Management, and Project Management Val IT: Enhancing the Value of IT Investments IT Systems Portfolio and Program Management Project Management for IT Auditors Compliance with IT-Related Laws and Regulations Computer Fraud and Abuse Act Computer Security Act of 1987 Gramm - Leach - Bliley Act HIPAA: Healthcare and Much More Other Personal Privacy and Security Legislative Requirements IT-Related Laws, Regulations, and Audit Standards Understanding and Reviewing Compliance with ISO Standards Background and Importance of ISO Standards in a Global Commerce World ISO Standards Overview

ISO 19011 Quality Management Systems Auditing ISO Standards and IT Auditors IT Security Environment CONTROLS Generally Accepted Security Standards Effective IT Perimeter Security Establishing an Effective, Enterprise-Wide Security Strategy Best Practices for It Audit and Security Cyber-Security and Privacy Controls IT Network Security Fundamentals IT Systems Privacy Concerns PCI-DSS Fundamentals Auditing IT Security and Privacy Security and Privacy in the IT Audit Department IT Fraud Detection and Prevention Understanding and Recognizing Fraud in an IT Environment Red Flags: Fraud Detection Signs for IT and other Internal Auditors Public Accounting's Role in Fraud Detection IIA Standards and ISACA Materials for Detecting and Investigating Fraud IT Audit Fraud Risk Assessments IT Audit Fraud Investigations IT Fraud Prevention Processes Fraud Detection and the IT Auditor Identity and Access Management Importance of Identity and Access Management Identity Management Processes Separation of Duties Identify Management Controls Access Management Provisioning Authentication and Authorization Auditing Identity and Access Management Processes Establishing Effective IT Disaster Recovery Processes IT Disaster and Business Continuity Planning Today Building and Auditing an IT Disaster Recovery Plan Building the IT Disaster Recovery Plan Disaster Recovery Planning and Service Level Agreements Newer Disaster Recovery Plan Technologies: Data Mirroring Techniques Auditing Business Continuity Plans

Disaster Recovery and Business Continuity Planning Going Forward Electronic Archiving and Data Retention Elements of a Successful Electronic Records Management Process Electronic Documentation Standards Implementing Electronic IT Data Archiving Auditing Electronic Document Retention and Archival Processes Business Continuity Management and BS 25999 IT Business Continuity Management Planning Needs Today BS 25999 Good Practice Guidelines Auditing BCM Processes Linking the BCM with Other Standards and Processes Auditing Telecommunications and IT Communications Networks Network Security Concepts Effective IT Network Security Controls Auditing a VPN Installation Change and Patch Management Controls IT Change Management Processes Auditing IT Change and Patch Management Controls Six Sigma and Lean Technologies Six Sigma Background and Concepts Implementing Six Sigma Lean Six Sigma Building an Effective IT Internal Audit Function Establishing an IT Internal Audit Function Internal Audit Charter: An Important IT Audit Authorization Role of the Chief Audit Executive IT Audit Specialists IT Audit Managers and Supervisors Internal and IT Audit Policies and Procedures Organizing an Effective IT Audit Function Importance of a Strong IT Audit Function Professional Certifications: CISA, CIA, and More Certified Information Systems Auditor Credentials Certified Information Security Manager Credentials

Certificate in the Governance of Enterprise IT Certified Internal Auditor Responsibilities and Requirements Beyond the CIA: Other IIA Certifications CISSP Information Systems Security Professional Certification Certified Fraud Examiner Certification.. ASQ Internal Audit Certifications Other Internal Auditor Certifications Quality Assurance Auditing and ASQ Standards Duties and Responsibilities of Quality Auditors Role of the Quality Auditor Performing ASQ Quality Audits Quality Assurance Reviews of IT Audit Functions Future Directions for Quality Assurance Auditing About the Author Index Table of Contents provided by Blackwell's Book Services and R.R. Bowker. Used with permission.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information