C OBI T Brooke Pollack & Ian Paul November 14, 2007.

Slides:

Advertisements

Similar presentations

Organizational Governance

Advertisements

Chapter 10 Accounting Information Systems and Internal Controls

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

International Federation of Accountants International Education Standards for Professional Accountants Mark Allison, Executive Director Institute of Chartered.

©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley The CPA Profession Chapter 2.

Forces of Change Don H. Hansen Health Care Services Partner

COMPLIANCE AND INTEGRITY IN GOVERNMENT AND NON-PROFIT ORGANIZATIONS Michael E. Nawrocki, CPA Managing Partner Nawrocki Smith LLP, CPA’s Historical Perspective.

Strategy 2022: A Holistic View Tony Hayes International President ISACA © 2012, ISACA. All rights reserved.

Agenda COBIT 5 Product Family Information Security COBIT 5 content

Roger Southgate Past President of ISACA London Chapter Member of the BSI Committees for Service Management and IT Governance Leader.

McGraw-Hill/Irwin Copyright © 2008 The McGraw-Hill Companies, Inc. All rights reserved. Chapter 6 The Role of Government.

1 Sarbanes-Oxley Section 404 June 29,  SOX 404 Background 3  SOX 404 Goals 4  SOX 404 Requirements 5  SOX 404 Assertions 6  SOX 404 Compliance.

Chapter © 2009 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2009 Pearson Education, Inc. Publishing as Prentice Hall.

Security Controls – What Works

By Collin Smith COBIT Introduction By Collin Smith

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Copyright Security-Assessment.com 2004 Security Governance and Regulatory Controls by Peter Benson.

© 2006 IBM Corporation Introduction to z/OS Security Lesson 9: Standards and Policies.

Information Security Governance and Risk Chapter 2 Part 1 Pages 21 to 69.

COBIT Framework Introduction. Problems with IT? – Increasing pressure to leverage technology in business strategies – Growing complexity of IT environments.

The CPA Profession Chapter 2.

“The Impact of Sarbanes Oxley, An Evolving Best Practice” Ellen C. Wolf Senior Vice President & Chief Financial Officer American Water National Association.

PAINTING THE FULL PICTURE

1 Business Continuity and Compliance Working Together Kristy Justice, AVP WaMu Card Services 08/19/2008.

How can projects be controlled?

 Corporate governance is based on three interrelated components: corporate governance principles, functions and mechanisms.

Internal Auditing and Outsourcing

COBIT®. COBIT - Control Objectives for Information and related Technology C OBI T was initially created by the Information Systems Audit & Control Foundation.

© ITGI, ISACA - not for commercial use. John R. Robles Guidance for Information.

Information Security Governance 25 th June 2007 Gordon Micallef Vice President – ISACA MALTA CHAPTER.

Information Security Framework & Standards

IT Control Objectives for Sarbanes-Oxley

The Institutionalization of Business Ethics

Evolving IT Framework Standards (Compliance and IT)

Chapter 3 Internal Controls.

The CPA Profession Chapter 2 By Arens et. al. Learning Objective 1 Describe the nature of CPA firms, what they do, and their structure.

Professional Standards Committee and Frameworks for IT Audits

COBIT Information Security An Introduction Tanvir Orakzai,PhD

INFORMATION ASSURANCE USING C OBI T MEYCOR C OBI T CSA & MEYCOR C OBI T AG TOOLS.

GRC - Governance, Risk MANAGEMENT, and Compliance

Vijay V Vijayakumar.  SOX Act  Difference between IT Management and IT Governance  Internal Controls  Frameworks for Implementing SOX  COSO - Committee.

Overview:  Different controls in an organization  Relationship between IT controls & financial controls  The Mega Process Leads  Application of COBIT.

ADD Perspectives on Accountability Where are We Now and What does the Future Hold? Jennifer G. Johnson, Ed.D.

1 Today’s Presentation Sarbanes Oxley and Financial Reporting An NSTAR Perspective.

An Integrated Control Framework & Control Objectives for Information Technology – An IT Governance Framework COSO and COBIT 4.0.

1 Information Technology (IT) Auditing & Control Instructor: Dr. Princely Ifinedo Cape Breton University (CBU)

TWO FIELDS…ONE JOB: THE RELATIONSHIP BETWEEN ACCOUNTING AND IT By: Jodi L. Benson July 2005.

April 2008 Global Developments in Corporate Reporting Charles Tilley Chartered Institute of Management Accountants Chief Executive Global Developments.

Disaster Recover Planning & Federal Information Systems Management Act Requirements December 2007 Central Maryland ISACA Chapter.

IT Governance: COBIT, ISO17799 & ITIL. Introduction COBIT ITIL ISO17799Others.

© The McGraw-Hill Companies, Inc., 2008 McGraw-Hill/Irwin Principles of Accounting (Accounting 1 for BBA - Undergraduate) SBS Victor Yerris, PhD

Chapter 12 Buying and Selling Investments. Slide 2 What Regulatory Agencies Help Consumers? Banks, brokerage companies, and other financial businesses.

AUDIT COMMITTEES کمیته های حسابرسی. مطلب تویی طالب تویی، هم منتها، هم مبتدا خورشید را حاجب تویی، امید را واجب تویی.

Samantha Schreiner University of Illinois at Urbana- Champaign BA 559 – Professor Michael Shaw December 15 th, 2008 A Survey of IT Governance Through COBIT,

COBIT®. COBIT® - Control Objectives for Information and related Technology. C OBI T was initially created by the Information Systems Audit & Control Foundation.

Choi/Meek, 6/e1 International Accounting, 6/e Frederick D.S. Choi Gary K. Meek Chapter 4: Comparative Accounting: The Americas and Asia.

Page 1 | Confidential and Proprietary Information Russell Guthrie Chief Financial Officer Executive Director, Professional Relations Compliance Program.

International Security Management Standards. BS ISO/IEC 17799:2005 BS ISO/IEC 27001:2005 First edition – ISO/IEC 17799:2000 Second edition ISO/IEC 17799:2005.

The Power of Recommendations Dainius Jakimavičius National Audit Office of Lithuania Vilnius, April 23, 2013.

BA 559: IT Governance Ben Tsao. What is COBIT?  Control Objectives for Information and Related Technology  Control framework for IT  A set of best.

Lecture 5 Control and AIS Copyright © 2012 Pearson Education 7-1.

COBIT. The Control Objectives for Information and related Technology (COBIT) A set of best practices (framework) for information technology (IT) management.

Introduction Outline: Importance IT Governance

International Accounting, 6/e

IIASA Governance Review

Corporate Governance It is a system by which companies are managed and directed in the best interests of the owners and shareholders. It refers to the.

Security Policies and Implementation Issues

Yvette Connor Strategic Risk Management Engagement Leader

Presentation transcript:

C OBI T Brooke Pollack & Ian Paul November 14, 2007

IT G OVERNANCE Helps align IT strategy with business strategy System for control and monitoring of IT Allows the Board to makes IT decisions Keeps blame off of IT for poor decisions Assigns accountability Manages IT risk Keeps IT inline with original plan Responsibility of executives and the Board

ISACA & ITGI ISACA Researches IT governance and control Central source of information 170 chapters in 70 countries 65,000 members worldwide ITGI Research think tank Aims to help companies govern IT and make it successful

C OBI T B ACKGROUND IT governance framework Increases value attained from IT Emphasizes regulatory framework Sarbanes Oxley Created by ISACA & ITGI Must pay to access CobiT Currently on 4 th edition

W HY C OBI T? Increasing need for and complexity of IT Business-focused Process-oriented Controls-based Measurement-driven

C OBI T S TRUCTURE CobiT provides a clear link among IT governance requirements, IT processes and IT controls. CobiT acts as an integrator of different guidance materials. Summarizes key objectives under one umbrella framework.

C OBI T S TRUCTURE C ONT ’ D CobiT products have been organized into three levels designed to support: Executive management boards Business and IT management Governance, assurance, control and security professionals

C OBI T C OMPONENTS

O THER IT G OVERNANCE S TRUCTURES IT Infrastructure Library: developed by the UK’s Office of Government Commerce ISO/IEC 27001: a set of best practices, and is a well known standard for industry in the UK AS8015: Australian Standard for Corporate Governance of IT and Communication Technology ISM3: Information Security Management Maturity Model All developed to guide the implementation of IT governance.

C OBI T & S ARBANES -O XLEY Also know as the “Public Company Accounting Reform and Investor Protection Act of 2002 SOX or Sarbox. US Federal law in response to several major corporate and accounting scandals such as Enron and Tyco. “the most far-reaching reforms of American Business practices since the time of FDR.” (President Bush)

C OBI T & S ARBANES -O XLEY C ONT ’ D Established the Public Accounting Oversight Board The Act covers such issues as: Corporate governance Internal control assessment Enhanced financial disclosure Public companies subjected to this Act are encouraged to adopt CobiT in order to ease the accountability process

C OBI T S URVEY Used as compliance measure Benefits are hard to quantify Awareness tripled since 2003 IT governance driven by overall corporate governance reform 3 C’s – Culture, resistance to Change, lack of appropriate Communication IT/Telecom & Financial sectors best at IT governance

C ASE S TUDIES Sun Microsystems Response to Sarbanes-Oxley and similar legislation to assess compliance Measure IT’s alignment to overall strategy Harley Davidson Coordination between management, IT, and auditors Created benchmarks Created comprehensive view of risk and control environment

S OURCES ISACA ITGI ezCOBIT Youtube Pricewaterhouse Cooper CIO.com Wikipedia Network World Datamation