Selamat datang di Scribd!

Lewati carousel

Auditing IT Governance Controls

Diunggah oleh

John Pasquito

0% menganggap dokumen ini bermanfaat (0 suara)

90 tayangan22 halaman

IT Governance

Hak Cipta

Format Tersedia

PPTX, PDF, TXT atau baca online dari Scribd

Bagikan dokumen Ini

Bagikan atau Tanam Dokumen

Opsi Berbagi

Apakah menurut Anda dokumen ini bermanfaat?

Apakah konten ini tidak pantas?

Laporkan Dokumen Ini

IT Governance

Hak Cipta:

Format Tersedia

Unduh sebagai PPTX, PDF, TXT atau baca online dari Scribd

Tandai sebagai konten tidak pantas

0% menganggap dokumen ini bermanfaat (0 suara)

90 tayangan22 halaman

Auditing IT Governance Controls

Diunggah oleh

John Pasquito

IT Governance

Hak Cipta:

Format Tersedia

Unduh sebagai PPTX, PDF, TXT atau baca online dari Scribd

Tandai sebagai konten tidak pantas

Lompat ke Halaman

Anda di halaman 1dari 22

Cari di dalam dokumen

Auditing IT Governance

Controls
IT Governance
Structure of the IT Function
The Computer Center
Disaster Recovery Planning
Outsourcing the IT Function
IT Governance

is a relatively new subset of corporate governance

that focuses on the management and assessment of

strategic IT resources.

Key objectives:

to reduce risk and

to ensure that investments in IT resources add value to the

corporation.
3 IT Governance Issues

1. Organizational structure of the IT function

2. Computer center operations

3. Disaster recovery planning

Process

1. Explanation of nature of risk and description of

the controls needed to mitigate the risk.

2. Present audit objectives

3. Sample test of controls

Structure of the IT Function
Centralized data processing

-all data processing is performed by one or more large

computers housed at a central site that serves users throughout the
organization

Primary Service Areas

-Data Administration

-Data Processing

-Systems Development and Maintenance

Data Administration
Data Processing

manages the computer resources used to perform day-to-

day processing of transaction

It consists of the following organizational functions:

-data conversion

-computer operations

-data library
Systems Development and Maintenance

responsible for analyzing user needs and for designing

new systems to satisfy those needs

Participants:

-system professionals

-end users

-stakeholders
Segregation of Incompatible IT Functions

Separate systems development from computer

operations

Separate database administration from other functions

Separate new systems development from maintenance

-inadequate documentation

-program fraud
The Computer Center
Physical Location

Construction

Access

Air Conditioning

Fire Suppression

Fault Tolerance
Audit Objectives
to evaluate the controls governing computer center
security

Auditor must verify that:

-physical security controls are adequate to

reasonably protect the organization from physical exposures

-insurance coverage on equipment is adequate to

compensate the organization for the destruction or damage
of its computer
Audit Procedures

Test of:

Physical construction

Fire Detection Program

Access Control

Raid

Uninterruptible Power Supply

Insurance Coverage
Disaster Recovery Planning

a comprehensive statement of all actions to be taken

before, during, and after any type of disaster
Steps:

1. Identify critical applications

2. Create a disaster recovery team

3. Provide site backup

- Mutual aid pact

- Empty Shell

- Recovery operations center

- Internally provided backup

4. Specify backup and off-site storage procedures

- Operating system backup

- Application backup

- Backup data files

- Backup documentation

- Backup supplies and source documents

- Testing the DRY

Audit Objective
The auditor should verify that management's disaster
recovery plan is adequate and feasible for dealing with a
catastrophe that could deprive the organization of its
computing resources.
Audit Procedures
Site Backup

Critical Application List

Software Backup

Data Backup

Backup Supplies, Documents, and Documentation

Disaster Recovery Team

Outsourcing the IT Function

Core Competency Theory

- an organization should focus exclusively on its core

business competencies, while allowing outsourcing vendors
to efficiently manage the none-core areas such as IT
functions. This however ignores an important distinction
between Commodity IT Assets & Specific IT Assets.
Transaction Cost Economics (TCE) Theory

- firms should retain certain specific non-core IT

assets in-house
Risks
Failure to perform

Vendor exploitation

Cost exceeds benefits

Reduced security

Loss of strategic advantage

SAS 70
a definitive standard by which client organization's
auditors can gain knowledge that controls at the third-
party vendor are adequate to prevent or detect material
errors that could impact the client's financial statements

Anda mungkin juga menyukai

Ch2 Auditing IT Governance Controls
Dokumen39 halaman
Ch2 Auditing IT Governance Controls
Crazy Dave
Belum ada peringkat
Lecture 2 - Auditing IT Governance Controls
Dokumen63 halaman
Lecture 2 - Auditing IT Governance Controls
Lei Casiple
Belum ada peringkat
Auditing in CIS Environment - Topic 1
Dokumen35 halaman
Auditing in CIS Environment - Topic 1
Luisito
Belum ada peringkat
Iaps 1003 - Practice Note
Dokumen4 halaman
Iaps 1003 - Practice Note
Ivan Tamayo Basas
Belum ada peringkat
Auditing IT Governance Controls
Dokumen37 halaman
Auditing IT Governance Controls
JAP
Belum ada peringkat
Notes
Dokumen10 halaman
Notes
Richel Armayan
Belum ada peringkat
Chapter 10 Production Cycle
Dokumen3 halaman
Chapter 10 Production Cycle
Zenn Vanrim Lopez
100% (1)
Data Warehousing Terminology
Dokumen2 halaman
Data Warehousing Terminology
ud
Belum ada peringkat
CH 13
Dokumen33 halaman
CH 13
joyabyss
Belum ada peringkat
Accounting Information Systems Australasian 1st Edition Romney Solutions Manual
Dokumen37 halaman
Accounting Information Systems Australasian 1st Edition Romney Solutions Manual
Alea Nada
Belum ada peringkat
Audit Under Computerized Information System (CIS)
Dokumen61 halaman
Audit Under Computerized Information System (CIS)
Charla Suan
Belum ada peringkat
Computer Assisted Audit Tools Chap-04
Dokumen30 halaman
Computer Assisted Audit Tools Chap-04
I-am Kum
Belum ada peringkat
Ch02-Auditing IT Governance Controls-Rev26022014
Dokumen60 halaman
Ch02-Auditing IT Governance Controls-Rev26022014
Alfin Abdullah
100% (4)
Auditing in A Computerized Environment
Dokumen15 halaman
Auditing in A Computerized Environment
Sed Reyes
100% (1)
Chapter 5
Dokumen4 halaman
Chapter 5
Jelly Anne
Belum ada peringkat
Process of Information System Audit
Dokumen4 halaman
Process of Information System Audit
ray
Belum ada peringkat
Data Analytics and The Auditor - ACCA Global
Dokumen5 halaman
Data Analytics and The Auditor - ACCA Global
Jasim Uddin
Belum ada peringkat
It Auditing Chapter 7 Caats Report
Dokumen48 halaman
It Auditing Chapter 7 Caats Report
Wendy Cagape
Belum ada peringkat
Chapter 8 Data Structures and Caats For Data Extraction
Dokumen4 halaman
Chapter 8 Data Structures and Caats For Data Extraction
Jhon Karl Andal
Belum ada peringkat
Google in China
Dokumen3 halaman
Google in China
sundaygin
Belum ada peringkat
Cobit 1
Dokumen25 halaman
Cobit 1
pj8714
Belum ada peringkat
Revenue Assurance A Complete Guide - 2021 Edition
Dari Everand
Revenue Assurance A Complete Guide - 2021 Edition
Gerardus Blokdyk
Belum ada peringkat
Case 5 & 6
Dokumen4 halaman
Case 5 & 6
Arvey Peña Dimacali
Belum ada peringkat
Data Warehousing Final Exam
Dokumen2 halaman
Data Warehousing Final Exam
Areej Almalki
Belum ada peringkat
Data Structures and Caatts For Data Extraction
Dokumen33 halaman
Data Structures and Caatts For Data Extraction
mary aligmayo
Belum ada peringkat
AUDCISE Unit 4 Lecture Notes 2022-2023
Dokumen32 halaman
AUDCISE Unit 4 Lecture Notes 2022-2023
Eijoj Mae
Belum ada peringkat
Data Quality Tools For Data Warehousing: Enterprise Case Study
Dokumen2 halaman
Data Quality Tools For Data Warehousing: Enterprise Case Study
IOSRJEN : hard copy, certificates, Call for Papers 2013, publishing of journal
Belum ada peringkat
CIS Quiz
Dokumen1 halaman
CIS Quiz
Elyssa
Belum ada peringkat
Quiz 1: Auditing and Internal Control / IT Governance Controls
Dokumen8 halaman
Quiz 1: Auditing and Internal Control / IT Governance Controls
Abigail Balladares
Belum ada peringkat
Chapter 6 Test Bank
Dokumen28 halaman
Chapter 6 Test Bank
mira chehab
Belum ada peringkat
Assignment - Fundamentals of Big Data and Business Analytics
Dokumen9 halaman
Assignment - Fundamentals of Big Data and Business Analytics
Ranjani Sundar
Belum ada peringkat
Chapter 4 - Production and Supply Chain Management Information Systems
Dokumen57 halaman
Chapter 4 - Production and Supply Chain Management Information Systems
NHÂN NGUYỄN ĐỨC
Belum ada peringkat
Chapter 4 Information Technology Deployment Risk
Dokumen49 halaman
Chapter 4 Information Technology Deployment Risk
Inez Tan
0% (1)
Auditing in CIS Environment - IT Audit Fundamentals
Dokumen9 halaman
Auditing in CIS Environment - IT Audit Fundamentals
Luisito
Belum ada peringkat
Auditing in CIS Environment - Auditing Operating Systems and Networks (Final)
Dokumen44 halaman
Auditing in CIS Environment - Auditing Operating Systems and Networks (Final)
Luisito
100% (2)
Chapter 8 Data Structures and CAATs For Data Extraction PDF
Dokumen4 halaman
Chapter 8 Data Structures and CAATs For Data Extraction PDF
Jessa Herrera
Belum ada peringkat
4 Auditing AIS
Dokumen128 halaman
4 Auditing AIS
Alexander Corvinus
0% (1)
Answer Question 8 Assignment Aa
Dokumen6 halaman
Answer Question 8 Assignment Aa
jhghjgjhg
Belum ada peringkat
10.2 Using Caatts
Dokumen38 halaman
10.2 Using Caatts
Pauline Mercado
Belum ada peringkat
11-Using The Work of Others
Dokumen19 halaman
11-Using The Work of Others
Ne Bz
Belum ada peringkat
Analyzing Financing Activities - Student
Dokumen38 halaman
Analyzing Financing Activities - Student
syvinaas
Belum ada peringkat
Paps 1003
Dokumen9 halaman
Paps 1003
Angeline Sahagun
Belum ada peringkat
Section - 1 Case-1
Dokumen9 halaman
Section - 1 Case-1
syafira
Belum ada peringkat
Final Chapter 1 To 3 Bsais 3B Sure Yaa
Dokumen45 halaman
Final Chapter 1 To 3 Bsais 3B Sure Yaa
Nikki Jean Hona
Belum ada peringkat
Case 4
Dokumen10 halaman
Case 4
Kenneth M. Gonzales
Belum ada peringkat
Controlling Database Management Systems: Access Controls
Dokumen6 halaman
Controlling Database Management Systems: Access Controls
Cillian Reeves
Belum ada peringkat
Chapter 2 Auditing IT Governance Controls
Dokumen5 halaman
Chapter 2 Auditing IT Governance Controls
Leidy Garcia
Belum ada peringkat
To Help Overcome The Communication Problem Between Users and Developers. Diagrams
Dokumen19 halaman
To Help Overcome The Communication Problem Between Users and Developers. Diagrams
Nanthiga Babu
Belum ada peringkat
Overview of Internal Control
Dokumen11 halaman
Overview of Internal Control
Rizza Mae Sera Esparagoza
100% (1)
Value Chain Management Capability A Complete Guide - 2020 Edition
Dari Everand
Value Chain Management Capability A Complete Guide - 2020 Edition
Gerardus Blokdyk
Belum ada peringkat
Business Analytics Full Notes
Dokumen10 halaman
Business Analytics Full Notes
S.Dhivya Devi
Belum ada peringkat
Quick Guide To Auditing in An IT Environment
Dokumen8 halaman
Quick Guide To Auditing in An IT Environment
Karlayaan
Belum ada peringkat
Assignment On Chapter 1 Data Warehousing and Management
Dokumen11 halaman
Assignment On Chapter 1 Data Warehousing and Management
Anna Belle
Belum ada peringkat
AIS ch11 Auditing Computer Based IS
Dokumen17 halaman
AIS ch11 Auditing Computer Based IS
Ruby Rosios
Belum ada peringkat
Obstacles and Implementation of Accounting Software System in Small Medium Enterprises (SMEs) : Case of South Asian Perspective.
Dokumen9 halaman
Obstacles and Implementation of Accounting Software System in Small Medium Enterprises (SMEs) : Case of South Asian Perspective.
ijsab.com
Belum ada peringkat
It 800 Prefinal
Dokumen3 halaman
It 800 Prefinal
Rovern Keith Oro Cuenca
Belum ada peringkat
AUDCIS - 2022 - Mod5 - Tools and Techniques in IT Audit
Dokumen43 halaman
AUDCIS - 2022 - Mod5 - Tools and Techniques in IT Audit
Bea Garcia
Belum ada peringkat
12 Transaction Processing PDF
Dokumen50 halaman
12 Transaction Processing PDF
kdg
Belum ada peringkat
IS-344 Computing Applications in Business Spring 2015 Week 2
Dokumen43 halaman
IS-344 Computing Applications in Business Spring 2015 Week 2
Faded Rianbow
Belum ada peringkat
13auditing in A Cis
Dokumen5 halaman
13auditing in A Cis
Franz Campued
Belum ada peringkat
Prac I Investments
Dokumen16 halaman
Prac I Investments
John Pasquito
Belum ada peringkat
Prac I Investments
Dokumen16 halaman
Prac I Investments
John Pasquito
Belum ada peringkat
3.4 Allowed Calculators
Dokumen3 halaman
3.4 Allowed Calculators
Jessica Laine Tumbaga
Belum ada peringkat
C
Dokumen3 halaman
C
John Pasquito
Belum ada peringkat
5forLIFE - 5th Yr
Dokumen3 halaman
5forLIFE - 5th Yr
John Pasquito
Belum ada peringkat
Corporate Social Governance
Dokumen8 halaman
Corporate Social Governance
John Pasquito
Belum ada peringkat
Basic of Accounting Principles PDF
Dokumen23 halaman
Basic of Accounting Principles PDF
Mani Kandan
Belum ada peringkat
Corporate Governance and Social Responsibility
Dokumen25 halaman
Corporate Governance and Social Responsibility
John Pasquito
Belum ada peringkat
Accounting - Basics Easy PC Training
Dokumen13 halaman
Accounting - Basics Easy PC Training
Rahul Shakya
Belum ada peringkat
PSA-710 Comparative Information - Corresponding Figures & Comparative Financial Statements
Dokumen22 halaman
PSA-710 Comparative Information - Corresponding Figures & Comparative Financial Statements
colleenyu
Belum ada peringkat
Standards and Guidelines For Electronic Medical Record Systems in Kenya
Dokumen115 halaman
Standards and Guidelines For Electronic Medical Record Systems in Kenya
I-TECH Kenya
Belum ada peringkat
Contoh Soal
Dokumen2 halaman
Contoh Soal
Afwan Yulianto
Belum ada peringkat
Wi-Fi Spy Camera With As Esp-32 Cam
Dokumen18 halaman
Wi-Fi Spy Camera With As Esp-32 Cam
Mohammed Nissar
Belum ada peringkat
CSE313 - Final Exam Question - PC-A - TH - Fall20
Dokumen2 halaman
CSE313 - Final Exam Question - PC-A - TH - Fall20
Md Zahidul Islam
Belum ada peringkat
PL2303 Windows Driver User Manual v1.12.0
Dokumen17 halaman
PL2303 Windows Driver User Manual v1.12.0
Adetayo Onanuga
Belum ada peringkat
Excel101 Part 1
Dokumen10 halaman
Excel101 Part 1
Kenville Jack
Belum ada peringkat
Python
Dokumen1 halaman
Python
vinodjames
Belum ada peringkat
50 Artificial Intelligence Interview Questions and Answers (2023)
Dokumen32 halaman
50 Artificial Intelligence Interview Questions and Answers (2023)
Leo
Belum ada peringkat
BICC Protocol
Dokumen41 halaman
BICC Protocol
Youssouf Doumbia
Belum ada peringkat
Thesis Loan Management System
Dokumen4 halaman
Thesis Loan Management System
robynchampagnemanchester
100% (2)
სხეულის ენა
Dokumen322 halaman
სხეულის ენა
tikoo
Belum ada peringkat
Image Compression: JPEG: Summary: Sources
Dokumen21 halaman
Image Compression: JPEG: Summary: Sources
Ngô Hiếu Trường
Belum ada peringkat
C Programming in AVR
Dokumen42 halaman
C Programming in AVR
رضا میرزانیا
Belum ada peringkat
Kitty - The Fast, Featureful, GPU Based Terminal Emulator: Quickstart
Dokumen3 halaman
Kitty - The Fast, Featureful, GPU Based Terminal Emulator: Quickstart
Chiun Er Ang
Belum ada peringkat
MIL-STD-1553 Tutorial and Reference
Dokumen22 halaman
MIL-STD-1553 Tutorial and Reference
A. Villa
Belum ada peringkat
Amos - Commandline Interface: 1. Getting Started 1.1 Launching Amos From Oss Front Page Gui
Dokumen20 halaman
Amos - Commandline Interface: 1. Getting Started 1.1 Launching Amos From Oss Front Page Gui
Sefyu
Belum ada peringkat
Proposal Mobile App
Dokumen7 halaman
Proposal Mobile App
fieqaradzi
0% (1)
Sbs w2k C Constants Enumerations and Structures
Dokumen12 halaman
Sbs w2k C Constants Enumerations and Structures
Md. Ashraf Hossain Sarker
Belum ada peringkat
H-4007-0069-01-A Including Tool Setting in Your Program
Dokumen6 halaman
H-4007-0069-01-A Including Tool Setting in Your Program
Dörky Lefieuw
Belum ada peringkat
PCD Notes - Unit - 1
Dokumen15 halaman
PCD Notes - Unit - 1
Jagadeesan Dhanapal
Belum ada peringkat
Persentasi Uji Kompetensi
Dokumen26 halaman
Persentasi Uji Kompetensi
amy
Belum ada peringkat
HPE ProLiant DL385 Gen11 QuickSpec
Dokumen51 halaman
HPE ProLiant DL385 Gen11 QuickSpec
Joe Dong
Belum ada peringkat
Unit 1, Lesson 9 - Lossless Compression
Dokumen18 halaman
Unit 1, Lesson 9 - Lossless Compression
Aalaa Mady
Belum ada peringkat
Rage of Kings Hack Generator Gold Food Money No Human Verification
Dokumen3 halaman
Rage of Kings Hack Generator Gold Food Money No Human Verification
Mark yoz
Belum ada peringkat
AX 2012 Indian Localisation
Dokumen6 halaman
AX 2012 Indian Localisation
dossindoss
Belum ada peringkat
Assessing The Impact of Internet of Everything Technologies in Football
Dokumen14 halaman
Assessing The Impact of Internet of Everything Technologies in Football
Alkım Karantay
Belum ada peringkat
CH 5
Dokumen372 halaman
CH 5
antonio avila
Belum ada peringkat
UI Design Report Example
Dokumen3 halaman
UI Design Report Example
Wei Lee
Belum ada peringkat
Strengt of Material05
Dokumen149 halaman
Strengt of Material05
kamalwax
Belum ada peringkat
Fleet Equipment Magzine PDF
Dokumen52 halaman
Fleet Equipment Magzine PDF
Imran Alam
Belum ada peringkat