Overview:  Different controls in an organization  Relationship between IT controls & financial controls  The Mega Process Leads  Application of COBIT.

Slides:

Advertisements

Similar presentations

PRESENTATION ON MONDAY 7 TH AUGUST, 2006 BY SUDHIR VARMA FCA; CIA(USA) FOR THE INSTITUTE OF INTERNAL AUDITORS – INDIA, DELHI CHAPTER.

Advertisements

Sarbanes-Oxley Act of 2002 UAA – ACCT 316 – Fall 2003 Accounting Information Systems Dr. Fred Barbee.

Chapter 10 Accounting Information Systems and Internal Controls

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

CHAPTER 1 AUDITING AND THE PUBLIC ACCOUNTING PROFESSION Fall 2007 u What is auditing? u Types of Audits u Independent Auditor Relationships u Services.

©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley The CPA Profession Chapter 2.

Learning Objectives LO1 Describe the conceptual audit risk model and its components. LO2 Explain the usefulness and limitations of the audit risk model.

ACG 6415 SPRING 2012 KRISTIN DONOVAN & BETH WILDMAN IT Security Frameworks.

Audit Committee in Albania Legal framework Law 9226 /2006 “On banks in Republic of Albania” Law 9901/2008 “On entrepreneurs and commercial companies” Corporate.

Sarbanes-Oxley Act. 2 What Is It? Act passed by Congress in response to the recent and continuing corporate scandals. Signed into law July 30, Established.

COBIT Framework Source:

Assurance, Attestation, and Internal Auditing Services

Chapter © 2009 Pearson Education, Inc. Publishing as Prentice Hall.

Audit Guidance Using the Federal Information System Controls Audit Manual (FISCAM) to Achieve Audit Objectives in Financial and Performance Audits Mickie.

SOX and IT Audit Programs John R. Robles Thursday, May 31, Tel:

ProCognis SOX 404 & COSO Implementation Presentation

By Collin Smith COBIT Introduction By Collin Smith

Adam Bearhalter Kristy Kelly Julie Bland Alex Tiset.

Forensic and Investigative Accounting

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Internal Control Pertemuan 05 s.d 06 Matakuliah: F0712 / Lab Sistem Informasi Akuntansi Tahun: 2007.

COBIT Framework Introduction. Problems with IT? – Increasing pressure to leverage technology in business strategies – Growing complexity of IT environments.

The 10 Deadly Sins of Information Security Management

The CPA Profession Chapter 2.

Chapter 4 IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESSES.

Nature of an Integrated Audit

Learning Objectives LO1 Describe the association framework. LO2 Determine whether a PA is associated with financial statements. LO3 Describe the three.

1 Rittenberg/Schwieger/Johnstone Auditing: A Business Risk Approach Sixth Edition Chapter 7 Performing an Integrated Audit Copyright © 2008 Thomson South-Western,

IT Assurance and Reliability Why Should You Care? Richard Oppenheim, CPA, CITP President, SysTrust Services Corporation Presented to ISACA Regional Meeting.

Internal Auditing and Outsourcing

Introduction to IT Auditing

1 Chamber of Control of Georgia Strategy for Corporate Development and Reorganisation Implementation Plan.

Auditing Internal Control over Financial Reporting

The CPA Profession Chapter 2 By Arens et. al. Learning Objective 1 Describe the nature of CPA firms, what they do, and their structure.

The Sarbanes-Oxley Act of PricewaterhouseCoopers Introduction of Panel Members The Sarbanes-Oxley Act of 2002 What Companies Should Be Doing Now.

INFORMATION ASSURANCE USING C OBI T MEYCOR C OBI T CSA & MEYCOR C OBI T AG TOOLS.

GRC - Governance, Risk MANAGEMENT, and Compliance

Vijay V Vijayakumar.  SOX Act  Difference between IT Management and IT Governance  Internal Controls  Frameworks for Implementing SOX  COSO - Committee.

INTERNAL CONTROL OVER FINANCIAL REPORTING

Implementation Issues of Sarbanes-Oxley CASE Presentation September 23, 2004 By Denise Farnan.

Chapter Three IT Risks and Controls.

Chapter 5 Internal Control over Financial Reporting

© 2013 Cengage Learning. All Rights Reserved. 1 Part Four: Implementing Business Ethics in a Global Economy Chapter 9: Managing and Controlling Ethics.

Information Technology Controls and Sarbanes-Oxley ISACA Roundtable Discussion April 15, 2004.

Everyone’s Been Hacked Now What?. OakRidge What happened?

Chapter 7 Auditing Internal Control over Financial Reporting McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved.

Presented By Tay Un Soo Senior VP, Bank of Commerce President of ISACA - Malaysia Chapter 1999 National Accountants Conference THRIVING IN THE DIGITAL.

Roadmap to Maturity FISMA and ISO 2700x. Technical Controls Data IntegritySDLC & Change Management Operations Management Authentication, Authorization.

An Integrated Control Framework & Control Objectives for Information Technology – An IT Governance Framework COSO and COBIT 4.0.

Committee of Sponsoring Organizations of The Treadway Commission Formed in 1985 to sponsor the National Commission on Fraudulent Financial Reporting “Internal.

1 © 2012 John Wiley & Sons, Ltd, Accounting for Managers, 4th edition, Chapter 2 Accounting and its Relationship to Shareholder Value and.

TWO FIELDS…ONE JOB: THE RELATIONSHIP BETWEEN ACCOUNTING AND IT By: Jodi L. Benson July 2005.

The Institute and the Profession: 1 Personalize your title and presenter here. The Institute and the Profession The Institute and the Profession: 1.

IT Governance: COBIT, ISO17799 & ITIL. Introduction COBIT ITIL ISO17799Others.

The Audit as a Management Tool Vermont State Auditor’s Office – April 2009.

Everyone’s Been Hacked Now What?. OakRidge What happened?

Copyright © 2007 Pearson Education Canada 7-1 Chapter 7: Audit Planning and Documentation.

Institute of Internal Auditors COBIT Presentation October 9, 2001.

International Security Management Standards. BS ISO/IEC 17799:2005 BS ISO/IEC 27001:2005 First edition – ISO/IEC 17799:2000 Second edition ISO/IEC 17799:2005.

Internal Control Chapter 7. McGraw-Hill/Irwin © 2006 The McGraw-Hill Companies, Inc., All Rights Reserved. 7-2 Summary of Internal Control Definition.

Control and Security Frameworks Chapter Three Prepared by: Raval, Fichadia Raval Fichadia John Wiley & Sons, Inc

Analysis of Sarbanes-Oxley and IT Control: Robert Freeman.

Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin 20-1 Chapter Twenty Assurance, Related Services and Internal.

IT Auditor’s Role in IT Governance Fred C. Roth, CISA MIS Training Institute Session 425.

Lecture 5 Control and AIS Copyright © 2012 Pearson Education 7-1.

COBIT. The Control Objectives for Information and related Technology (COBIT) A set of best practices (framework) for information technology (IT) management.

1 Using CobiT to Enhance IT Security Governance LHS © John Mitchell John Mitchell PhD, MBA, CEng, CITP, FBCS, MBCS, FIIA, CIA, CISA, QiCA, CFE LHS Business.

Governance, audit and digital preservation

Chapter 8 Developing an Effective Ethics Program

Presentation transcript:

Overview:  Different controls in an organization  Relationship between IT controls & financial controls  The Mega Process Leads  Application of COBIT in an organization  Software used in an organization for IT control  Conclusion

Different controls in an organization  COSO  Internal Environment  Risk Assessment  Control Activities  Information and Communications  Monitoring

Different controls in an organization  COBIT  Planning and Organization  Acquisition and Implementation  Delivery and Support  Monitoring

Relationship between IT controls & financial controls  Failure to terminate application access may result in unauthorized access to company’s confidential information  Only one role/job function allowed per user for Sarbanes-Oxley compliance.

The Mega Process Leads

Application of COBIT in an organization – Why COBIT ?  Attention on Corporate Governance  Management accountability for resources  Specific need for control of IT resources  Business oriented solutions  Framework for risk assessment  Authoritative basis  Improved communication among management, users and auditors

 Management to evaluate IT investment decisions to balance risk and control of investment in an often unpredictable IT environment to benchmark existing and future IT environment  Users to obtain assurance on security and controls of products and services provided by internal and third-parties.  IS auditors to substantiate opinions to management on internal controls to find out the minimum controls that are necessary Application of COBIT in an organization– Who & What for ?

Software used in an organization for IT control  SAP – Software in IT Control  Sarbanes-Oxley Compliance 302 – Corporate Responsibility for Financial reports 404 – Management assessment of Internal controls 406 – Code of Ethics for senior officers 409 – Real time issue disclosures  Creating procedures  Auditing tools  mySAP financials & mySAP ERP

Conclusion  Different controls in organization  Relationship between IT and financial controls  The Mega process leads  COBIT in an organization  Software for IT control