The strength of the partnership between IT audit and the IT organization is a significant differentiator in the overall success of IT projects and IT audit effectiveness, our research shows.
Topics: IT Governance, IT Strategy, IT Risk, IT Controls
Segregation of duties (SODs) is an important concept to internal control frameworks, financial reporting and regulatory compliance, including the Sarbanes-Oxley Act (SOX). It is a component of an effective control environment. The overall effectiveness of management’s internal controls depends on SoDs to a large extent. For effective internal controls, there needs to be an adequate division of responsibilities.
Topics: COSO, Internal Controls, IT Controls, Process-Level Control, Segregation of Duties
Discussions of robotic process automation (RPA) and artificial intelligence (AI) tend to follow separate tracks. This has been a function of the way these technologies have been marketed and sold. This is changing as companies realize that both RPA and AI are required to achieve any significant degree of end-to-end process automation.
Topics: IT Strategy, IT Controls, Robotic Process Automation, Machine Learning, Artificial Intelligence
Data integrity is the assurance that information can only be accessed or modified by those authorized to access the system. Measures taken to ensure integrity include controlling the physical environment of networked terminals and servers, restricting access to data, and maintaining rigorous authentication practices. Data integrity can also be threatened by environmental hazards, such as heat, dust and electrical surges.
Topics: IT Audit, IT Infrastructure, Cloud Computing, IT Risk, IT Controls, Data Security, Data Analytics, Performance Management/Measurement, Customer Satisfaction
What is design risk? To “design” is to create, fashion, execute or construct according to plan. The term design as used here refers to the entire scope of a project. A business system design is a collection of design documents and supporting materials which define the system functionality that supports one or more business processes and in the process, creates, retrieves, updates and deletes data.
Topics: IT Audit, IT Governance, IT Infrastructure, IT Strategy, IT Risk, IT Controls, Performance Management/Measurement
What is Transaction Authenticity?
Transaction authenticity can be defined as the authentication of a party’s (individual, organization) identity, to ensure that pending transactions and contractual agreements are legal and enforceable.
Topics: IT Audit, IT Infrastructure, Cloud Computing, IT Risk, IT Controls, Performance Management/Measurement
Electronic discovery (eDiscovery) refers to the process of searching, locating and securing electronic data for the purpose of using it as evidence in a legal case.
Topics: Laws & Regulations, IT Audit, IT Security, IT Controls, Investigations/Forensics
Corporations today are thinking about how to protect assets. A few of the white collar crime problems include hacking/intrusions (cyber vulnerability), insider/outsider trading (convergence of cyber and financial crimes), the Foreign Corrupt Practices Act (FCPA), spear fishing (email compromise) and economic espionage. They must consider the possibility of internal corruption or external corruption, and environmental factors such as culture and competition contributing to these crimes. As protection, organizations can use cyber security, pen testing and data loss prevention tactics.
Topics: Enterprise Risk Management, Internal Audit, Internal Controls, Risk Assessment, Cybersecurity, IT Controls
Add a Comment: