Preservation and Access for Electronic College and University Records zCollaborative Models for System Design zPhilip Bantin zIndiana University Archivist.

Slides:



Advertisements
Similar presentations
USG INFORMATION SECURITY PROGRAM AUDIT: ACHIEVING SUCCESSFUL AUDIT OUTCOMES Cara King Senior IT Auditor, OIAC.
Advertisements

Continuous Auditing Global Technology Auditing Guide 3 Twelfth Continuous Auditing and Reporting Symposium Rutgers Business School November.
Dr. Mohamed A. Hamada Lecturer of Accounting Information Systems Advanced Auditing Lecture 1 Assurance and Attestation Services.
Sodexo.com Group Internal Audit. page 2 helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and.
Auditing Computer Systems
Coping with Electronic Records Setting Standards for Private Sector E-records Retention.
1 LBNL Enterprise Computing (EC) January 2003 LBNL Enterprise Computing.
ECURE 2000 z Strategies for Managing Electronic Records: Lessons Learned from the Indiana University Electronic Records Project zPhilip C. Bantin zIndiana.
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
INTERNAL CONTROL. INTERNAL CONTROL DEFINED  INTERNAL CONTROL IS A PROCESS - EFFECTED BY AN ENTITY'S BOARD OF DIRECTORS, MANAGEMENT, AND OTHER PERSONNEL.
Internal Control Concepts A Guide for Deans, Directors, and Department Chairs.
6-1 McGraw-Hill/Irwin ©2002 by The McGraw-Hill Companies, Inc. All rights reserved. Chapter 6 Internal Control Evaluation: Assessing Control Risk.
1 Pertemuan 4 Auditing Standards and Responsibilities Matakuliah:A0274/Pengelolaan Fungsi Audit Sistem Informasi Tahun: 2005 Versi: 1/1.
Alliance for Strategic Technology (AST) SUNY Business Intelligence Initiative January 8, 2009.
Course Technology Chapter 3: Project Integration Management.
The CPA Profession Chapter 2.
Monitoring, Review and Reporting Project Cycle Management A short training course in project cycle management for subdivisions of MFAR in Sri Lanka.
INTERNAL CONTROLS. Session Objectives Understand why an organization should have internal controls Understand the key components of internal controls.
Duties and Responsibilities of Budget Managers and Budget Analyst Duties and Responsibilities of Budget Managers and Budget Analyst.
Session 4: Good Governance: How SAIs influence Good Governance in Public Administration Zahira Ravat 27 & 28 May 2014.
Database Auditing Models Dr. Gabriel. 2 Auditing Overview Audit examines: documentation that reflects (from business or individuals); actions, practices,
Chapter 7 Database Auditing Models
Internal Auditing and Outsourcing
Central Piedmont Community College Internal Audit.
The CPA Profession Chapter 2 By Arens et. al. Learning Objective 1 Describe the nature of CPA firms, what they do, and their structure.
Effective Management and Compliance 1 ANA GRANTEE MEETING  FEBRUARY 5, 2015.
Chapter 07 Internal Control McGraw-Hill/IrwinCopyright © 2014 by The McGraw-Hill Companies, Inc. All rights reserved.
Information Assurance The Coordinated Approach To Improving Enterprise Data Quality.
Chapter Three IT Risks and Controls.
Monitoring Internal Control Systems Johann Rieser Senior Auditor, Ministry of Finance, Vienna.
© 2013 Cengage Learning. All Rights Reserved. 1 Part Four: Implementing Business Ethics in a Global Economy Chapter 9: Managing and Controlling Ethics.
1 Secure Commonwealth Panel Health and Medical Subpanel Debbie Condrey - Chief Information Officer Virginia Department of Health December 16, 2013 Virginia.
Implementing and Auditing Ethics Programs
Generally Accepted Recordkeeping Principles Generally Accepted Recordkeeping Principles ® Registered Trademark of ARMA International.
European Conference on Quality in Official Statistics, Rome 8-11 July Satisfying User and Partner Needs- the Use of Specific Reviews at Eurostat.
Learning Objectives LO5 Illustrate how business risk analysis is used to assess the risk of material misstatement at the financial statement level and.
1.  Describe an overall framework for project integration management ◦ RelatIion to the other project management knowledge areas and the project life.
Evaluation of Internal Control System
SBIR Budgeting Leanne Robey Chief, Special Reviews Branch, NIH.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 7 Database Auditing Models.
University of Idaho Successful External Program Review Archie George, Director Institutional Research and Assessment Jane Baillargeon, Assistant Director.
Audit Planning Process
Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved.McGraw-Hill/Irwin.
McGraw-Hill/Irwin © 2003 The McGraw-Hill Companies, Inc., All Rights Reserved. 6-1 Chapter 6 CHAPTER 6 INTERNAL CONTROL IN A FINANCIAL STATEMENT AUDIT.
DATA IT Senate Data Governance Membership IT Senate Data Governance Committee Membership Annie Burgad, Senior Programmer, Central IT Julie Cannon, Director.
How to Be on the Board Without Walking the Plank Effective Boards.
IS 630 : Accounting Information Systems Auditing Computer-based Information Systems Lecture 10.
RTI, Nagpur1 Day 2- Session III Internal controls and risk assessment.
S19: Documentation of fieldwork. Session Objectives ♂ In the last session, we have discussed the standards of documentation and the standard files to.
Chapter 3-Auditing Computer-based Information Systems.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
ICAJ/PAB - Improving Compliance with International Standards on Auditing Planning an audit of financial statements 19 July 2014.
Internal Control Process at Geneseo. Objectives Understand the objectives of effective internal controls Describe Geneseo’s internal control program Accurately.
INFORMATION ASSURANCE POLICY. Information Assurance Information operations that protect and defend information and information systems by ensuring their.
Lecture 5 Control and AIS Copyright © 2012 Pearson Education 7-1.
EECS David C. Chan1 Computer Security Management Session 1 How IT Affects Risks and Assurance.
Internal Control Chapter 7. McGraw-Hill/Irwin © 2008 The McGraw-Hill Companies, Inc., All Rights Reserved. 7-2 Summary of Internal Control Definition.
Audit Planning, Understanding the Client, Assessing Risks and Responding Chapter 6.
Getting to Know Internal Auditing
Getting to Know Internal Auditing
Getting to Know Internal Auditing
Chapter 9 Control, security and audit
FORMAL SYSTEM DEVELOPMENT METHODOLOGIES
The CPA Profession Chapter 2.
Getting to Know Internal Auditing
2017 Administration and Finance Conference
Adding Value Across the Board
TECHNOLOGY ASSESSMENT
Presentation transcript:

Preservation and Access for Electronic College and University Records zCollaborative Models for System Design zPhilip Bantin zIndiana University Archivist

ISSUES zWhy is the team approach critical to the success of an electronic records management project? zWho are the archivist’s/records manager’s “natural” allies? zWhat are some model structures for an institution-wide program?

WHY DO WE NEED PARTNERS? zArchivists have always needed partners, but we have not consistently reached out to these allies zBut with electronic information, partnerships are more essential because we have less CONTROL of the systems, and it is a more COMPLEX environment

WHY PARTNERSHIPS ARE IMPORTANT zMore broad-based support required zA wider variety of skills required

PARTNERS zFocus on three partners: zTwo of these partners create and manage Information or Information Systems: Decision Support Personnel & Systems Analysts zOne of these partners manages Risk: Internal Audit

DECISION SUPPORT AND INSTITUTIONAL RESEARCH PERSONNEL zDecision support is a set of people, procedures and databases used to support decision-making activities and strategic planning zThe role of decision-support personnel is to: 1) structure and focus information to meet the needs of decision makers; 2) understand and be able to articulate the needs of users; 3) become a focal point for information development and processing, particularly as it relates to information integration, access, and analysis/presentation

DECISION SUPPORT PERSONNEL AND ARCHIVISTS - SIMILARITIES IN MISSION AND GOALS zBoth are focused on understanding the research needs of users zBoth are concerned with providing ready access to information or records zBoth are concerned with creating and maintaining accurate, reliable, and authentic information or records

SYSTEMS ANALYSTS zSystem analysts translate business needs and requirements into information requirements and systems zThe products of this activity may be improved business processes, improved information systems, or new or improved computer applications

SYSTEMS ANALYSTS AND ARCHIVISTS - SIMILARITIES IN MISSION AND GOALS zBoth professions regard an understanding of business processes as critical to the design of an information or recordkeeping system

INTERNAL AUDIT zOVERALL MISSION z“The examination and evaluation of the adequacy and effectiveness of the organization’s system of internal controls and the quality of performance in carrying out assigned responsibilities”

INTERNAL AUDIT zSPECIFIC OBJECTIVES: zDetermining the accuracy and propriety of financial transactions zDetermining the level of compliance with University policies and procedures and state and federal laws zEvaluating the accuracy and effectiveness of the University’s electronic information and processing systems

ARCHIVISTS AND AUDITORS - SIMILARITIES IN MISSION AND GOALS zAccuracy of Information zReliability of Information zAuthenticity of Information zSecure and Accountable Systems zCompliance with Laws and Policies zImportance of Risk Assessment

PARTNERSHIP STRATEGIES WITH INFORMATION MANAGERS AND DECISION SUPPORT PERSONNEL zForming an overall structure for managing electronic records zCommittee on Institutional Data and Information zCommittee of Data and Information Stewards zAssistant Director, Data and Information Management

COMMITTEE ON INSTITUTIONAL DATA AND INFORMATION zComposition: Senior University Officials, typically at the level of Dean or Director zResponsibilities: Establish overall policy and guidelines for management of data and information, and regularly review the performance of the overall information management function

COMMITTEE OF DATA AND INFORMATION STEWARDS zComposition: 2 major types: z1) Individuals who have planning, policy and operational responsibilities for the management and use of institutional data z2) Information specialists who develop and use management information systems and decision support systems

COMMITTEE OF DATA AND INFORMATION STEWARDS zFunctional Areas Represented: zAlumni Relations, Development, Personnel Management, Financial Management, Library and Archives, Physical Facilities, Purchasing, and Student Management

COMMITTEE OF DATA AND INFORMATION STEWARDS zResponsibilities: Recommending policies and establishing procedures and guidelines for the university- wide management of institutional data and information zSpecific areas of concern: quality, integrity, documentation, access, security, and archival requirements of data and information

Assistant Director, Data and Information Management zResponsibilities: Provide leadership for the data and information management activities zDirect the functional areas of system analysis and the modeling of systems, information access, and the Information Repository System zChair the Committee of Data and Information Stewards and function as this group’s liaison to the Committee on Institutional Data and Information

ARCHIVES/INTERNAL AUDIT PARTNERSHIP z4 Stages: z1) Preliminary Review z2) Field Work z3) Audit Report z4) Follow-up Review

PRELIMINARY REVIEW STAGE zGoals: zDefine the Objectives of the Audit zGather Information on Business Processes - Create Process Models

FIELD WORK STAGE zArchives and Internal Audit go forward in parallel with their own unique, though complementary, reviews zTeam members meet frequently to compare notes and discuss possible adjustments to the overall strategy

AUDIT REPORT STAGE zCreate a joint report incorporating the findings and recommendations of both Archives and Internal Audit zReport sent to dean or director of unit, to selected high-level administrators, and to the IU Board of Trustees zWithin one month, dean or director must submit written response

FOLLOW-UP REVIEW STAGE zOne year after distribution of initial report, a follow-up review is initiated zGoal is to determine whether problems identified earlier were addressed zAll unresolved problems are described in a follow-up report

VALUE OF PARTNERSHIP - EVERYONE BENEFITS zArchives zParticipation in the authorized and routine review of information systems zOpportunity to exchange ideas on the overall management of systems with experienced analysts and auditors

BENEFITS zInternal Audit: zAccess to detailed business process models zAccess to previously unavailable analyses of systems from a recordkeeping perspective

BENEFITS zTo the University : zHaving its information systems much more thoroughly reviewed and analyzed, resulting in more accountable, compliant, and trustworthy systems