Governance, audit and digital preservation

Slides:



Advertisements
Similar presentations
Chapter 10 Accounting Information Systems and Internal Controls
Advertisements

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Control and Accounting Information Systems
Control and Accounting Information Systems
Audit Committee in Albania Legal framework Law 9226 /2006 “On banks in Republic of Albania” Law 9901/2008 “On entrepreneurs and commercial companies” Corporate.
COBIT - II.
Roger Southgate Past President of ISACA London Chapter Member of the BSI Committees for Service Management and IT Governance Leader.
Under the Microscope Business Officers Meeting March 7, 2006 Presented by Randy Van Dyke Internal Control.
By Collin Smith COBIT Introduction By Collin Smith
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
First Practice - Information Security Management System Implementation and ISO Certification.
Training.
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
Chapter 4 IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESSES.
Introduction to IT Auditing
1 Homologues Group Meeting Slovenia, October 2009 Republika SlovenijaEuropean Union Ljubljana, October 2009 Introduction to IT audits PART II IT.
Continual Service Improvement Process
Chapter 3 Internal Controls.
Vijay V Vijayakumar.  SOX Act  Difference between IT Management and IT Governance  Internal Controls  Frameworks for Implementing SOX  COSO - Committee.
Chapter Three IT Risks and Controls.
Internal controls. Session objectives Define Internal Controls To understand components of Internal Controls, control environment and types of controls.
Overview:  Different controls in an organization  Relationship between IT controls & financial controls  The Mega Process Leads  Application of COBIT.
Roles and Responsibilities
Presented By Tay Un Soo Senior VP, Bank of Commerce President of ISACA - Malaysia Chapter 1999 National Accountants Conference THRIVING IN THE DIGITAL.
CSI - Introduction General Understanding. What is ITSM and what is its Value? ITSM is a set of specialized organizational capabilities for providing value.
Roadmap to Maturity FISMA and ISO 2700x. Technical Controls Data IntegritySDLC & Change Management Operations Management Authentication, Authorization.
An Integrated Control Framework & Control Objectives for Information Technology – An IT Governance Framework COSO and COBIT 4.0.
Committee of Sponsoring Organizations of The Treadway Commission Formed in 1985 to sponsor the National Commission on Fraudulent Financial Reporting “Internal.
IT Governance: COBIT, ISO17799 & ITIL. Introduction COBIT ITIL ISO17799Others.
IT GOVERNANCE  Objective : The objective of this area is to ensure that the Certified Information Systems Auditor ( CISA ) candidate understands and can.
S5: Internal controls. What is Internal Control Internal control is a process Internal control is a process Internal control is effected by people Internal.
Deck 5 Accounting Information Systems Romney and Steinbart Linda Batch February 2012.
Lecture 5 Control and AIS Copyright © 2012 Pearson Education 7-1.
COBIT. The Control Objectives for Information and related Technology (COBIT) A set of best practices (framework) for information technology (IT) management.
1 Using CobiT to Enhance IT Security Governance LHS © John Mitchell John Mitchell PhD, MBA, CEng, CITP, FBCS, MBCS, FIIA, CIA, CISA, QiCA, CFE LHS Business.
Auditors’ Dilemma – reporting requirements on Internal Financial Controls under the Companies Act 2013 and Clause 49 of the Listing agreement V. Venkataramanan.
ISACA Willamette Valley Chapter Luncheon Thursday, March 20, 2008 Practical Auditors Guide for CobiT Steve Balough, CISA.
MS in IT Auditing, Cyber Security, and Risk Assessment
Modern Auditing: Assurance Services and the Integrity of Financial Reporting, 8th Edition William C. Boynton California Polytechnic State University at.
RISK MANAGEMENT SYSTEM
Dr. Yeffry Handoko Putra, M.T
Introduction Outline: Importance IT Governance
BIL 424 NETWORK ARCHITECTURE AND SERVICE PROVIDING.
Training Course on Integrated Management System for Regulatory Body
Integrated Management System and Certification
Chapter 4 Internal Controls McGraw-Hill/Irwin
©2009 ISACA/ITGI. All rights reserved.
Audit Planning and Analytical Procedures
Internal control objectives
INTRODUCTION TO ISO 9001:2015 FOR IMPLEMENTATION Varinder Kumar CISA, ISO27001 LA, ISO 9001 LA, ITIL, CEH, MEPGP IT, Certificate course in PII & Privacy.
اطار الرقابة الداخلية و فقا للجنة دعم المنظمات COSO
A Framework for Control
Value of internal auditing: Assurance, Insight, objectivity
ISACA Guidance and Practices Committee
COSO Internal Control s Framework
©2009 ISACA/ITGI. All rights reserved.
Value of internal auditing: Assurance, Insight, objectivity
Value of internal auditing: Assurance, Insight, objectivity
Corporate Governance It is a system by which companies are managed and directed in the best interests of the owners and shareholders. It refers to the.
Understanding the current Public Sector landscape from an risk management point of view Applying the ethical responsibility to the Triple Bottom-line:
Internal Controls Policies and Procedures
Control and Accounting Information Systems
Value of internal auditing: Assurance, Insight, objectivity
ISACA Guidance and Practices Committee
What is IT audit? An examination of how IT systems where implemented to ensure that they meet the organization’s business needs without compromising.
KEY INITIATIVE Internal Control and Technical Accounting
Good practices for risk assessment and control activities
Financial Control Measures
Financial Control Measures
Presentation transcript:

Governance, audit and digital preservation April 14, 2004 Governance, audit and digital preservation Boudien J. Glashouwer RE RI CISA April 14, 2004 www.hec.nl

Governance, audit and digital preservation April 14, 2004 Table of contents Governance Quality and Maturity Information Security Audit Digital preservation April 14, 2004 Erpanet - Antwerp www.hec.nl

Strategic business goals Governance, audit and digital preservation April 14, 2004 Strategic business goals Profit or Non-profit Core business is digital preservation or Digital preservation is secondary April 14, 2004 Erpanet - Antwerp www.hec.nl

Governance, audit and digital preservation April 14, 2004 Legislation Democracy Buying and selling agreements Computer crime Transparency Privacy Finance Specific laws Records management April 14, 2004 Erpanet - Antwerp www.hec.nl

Governance, audit and digital preservation April 14, 2004 Hot issues Sarbanes Oxley Act, 2002, USA Financial reporting, auditing, internal control, standard setting, corporate governance Basel II, New Basel Capital Accord, 2003, Europe Limitation of credit risks and operational risks in banking April 14, 2004 Erpanet - Antwerp www.hec.nl

Governance, audit and digital preservation April 14, 2004 Governance How to keep the ship on course? How to achieve objectives? How to timely adapt? Governance manage, control, account for and supervise April 14, 2004 Erpanet - Antwerp www.hec.nl

Governance, audit and digital preservation April 14, 2004 Goals, strategy and policy Laws and regulations Standards and control models Commitment on top level Plan Do Needs Responsibilities Projects Communication Meetings Organisation Quality Security Management cycle Correct/ Adapt Check Monitor, evaluate, learn New standards? Adapt policy Measure Alignment Compliance Assessment Audit/assurance April 14, 2004 Erpanet - Antwerp www.hec.nl

Plan

Governance & control models Governance, audit and digital preservation April 14, 2004 Governance & control models COSO USA, Internal Control Integrated Framework, 1992 business ethics, effective internal control, corporate governance COBIT Governance, control and audit for IT and related technology, 1996 IT-controls support the COSO-framework April 14, 2004 Erpanet - Antwerp www.hec.nl

Governance, audit and digital preservation April 14, 2004 COSO Committee of Sponsoring Organisations of the Treadway Commission (fraudulent financial reporting) Internal Control Integrated Framework 1. Control environment (company level) 2. Risk assessment (achieve objectives) 3. Control activities (policies, procedures, practices, general & application controls) 4. Information and communication (at all levels) 5. Monitoring of the internal control (oversight) April 14, 2004 Erpanet - Antwerp www.hec.nl

Governance, audit and digital preservation April 14, 2004 CobiT Planning and Organisation strategy, quality, human resources Acquisition and Implementation systems development and installing Delivery and Support service levels, operations, security Monitoring internal control, assurance, audit April 14, 2004 Erpanet - Antwerp www.hec.nl

Do

Governance, audit and digital preservation April 14, 2004 Business Performance Manage business Take action Produce Can be a bakery or digital preservation... April 14, 2004 Erpanet - Antwerp www.hec.nl

Quality and maturity of business processes Governance, audit and digital preservation April 14, 2004 Quality and maturity of business processes ISO 9000 general quality ISO 15489 records management ITIL IT Infrastructure Library EFQM, total quality management April 14, 2004 Erpanet - Antwerp www.hec.nl

Information Security Risk analysis business processes Awareness Standard ISO 17799 Baseline security levels Manager, security-officer, security manager, auditor Service Level Agreement (SLA and SLM) Certification April 14, 2004 Erpanet - Antwerp

Check

Monintoring & Measuring Critical Success Factors Key Goal Indicators Key Performance Indicators Dashboards Scorecards Benchmarking April 14, 2004 Erpanet - Antwerp

Auditing Internal audit External audit Self assessment Internal Audit Service External audit Financial auditing Operational auditing IT/EDP-auditing April 14, 2004 Erpanet - Antwerp

Resources Business processes People Application systems Technology input, througput, output, outcome People Application systems Technology Facilities Data April 14, 2004 Erpanet - Antwerp

Criteria Effectiveness Efficiency Confidentiality Integrity Availability Compliance Reliability April 14, 2004 Erpanet - Antwerp

Audit approach Legislation, standards Management norms Audit plan Audit tools Report Communication Certification? April 14, 2004 Erpanet - Antwerp

Correct/Adapt

Improvement Define maturity level Learn Take small steps Grow and improve quality of business processes! April 14, 2004 Erpanet - Antwerp

Digital preservation No information, no control... Without digital preservation governance, control and audit not possible! Can the audit of business processes be enough or… Do we need a special preservation audit or certificate? April 14, 2004 Erpanet - Antwerp

Take the challenge Enjoy this conference in Antwerp! April 14, 2004 Erpanet - Antwerp

Websites www.coso.org www.isaca.org www.erpanet.org April 14, 2004 Erpanet - Antwerp

Contact Het Expertise Centrum, The Hague www.hec.nl b.glashouwer@hec.nl 00 31 6 206 02 209 April 14, 2004 Erpanet - Antwerp

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.