Office of the Auditor General of Canada Final Report of the Task Force on IT Governance Richard Brisebois Beijing, China.

Slides:

Advertisements

Similar presentations

INTOSAI Standing Committee on IT Audit Auditing IT Service Management Presentation Slovenia 2001 Presented by Kjetil Kvernflaten Audit Adviser OAG of Norway.

Advertisements

Two E-Governance Projects Sweden and the United States The INTOSAI Working Group on IT Audit (WGITA) May 2008.

19th WGITA-meeting Beijing April Auditing e-Government 1.

Office of the Auditor General of Canada Progress Report for the Task Force on IT Governance 17th Meeting of the INTOSAI Working Group On IT Audit Richard.

MONITORING OF SUBGRANTEES

1 E A P TASK FORCE EAP Task Force Water Programme – Progress and Plans Peter Börkey Helsinki, 24– 25 May 2007.

Organizational Governance

EU funds’ evaluation plan , Latvia

HELPING THE NATION SPEND WISELY Angus Waugh SAI-UK IntoIT The INTOSAI IT Working Group Journal Beijing, April 2010.

Program Management Office (PMO) Design

PRESENTATION ON MONDAY 7 TH AUGUST, 2006 BY SUDHIR VARMA FCA; CIA(USA) FOR THE INSTITUTE OF INTERNAL AUDITORS – INDIA, DELHI CHAPTER.

USG INFORMATION SECURITY PROGRAM AUDIT: ACHIEVING SUCCESSFUL AUDIT OUTCOMES Cara King Senior IT Auditor, OIAC.

1 Revision of ISSAI 30 – Code of Ethics Project proposal to the Steering Committee of the INTOSAI Professional Standards Committee Bahrain, May 2014.

19th WGITA-meeting Beijing April Auditing e-Government 1.

Course: e-Governance Project Lifecycle Day 1

ERP/SAP in Public Administration Matthijs Kerkvliet.

Goal 3 Knowledge Sharing & Knowledge Services Update from Knowledge Sharing Committee SAI India 1.

Due Process – ISSAIs and INTOSAI GOVs Roberto José Domínguez Moro Superior Audit Office of Mexico INTOSAI Working Group on Public Debt October, 2009.

Presentation to ISACA Ottawa Valley Chapter Richard Brisebois, Principal November 9, 2010.

2011 Governance, Risk, and Compliance Conference August 29 – 31, 2011 / Orlando, FL, USA The Top Four Essential Objectives to Auditing ERM Stephen E. McBride,

Report of the Knowledge Sharing Committee (Goal-3) Ms. Indu Agrawal SAI-India Comptroller and Auditor General of India1.

The 22 nd meeting of the INTOSAI Working Group on IT Audit (WGITA) KPI Project Final Report — Key Performance Indicators Methodology for Auditing IT Programs.

Development of ISSAI 5300 on IT AUDIT

Project Human Resource Management

Revision of ISSAI 30 INTOSAI Code of Ethics

Safety Driven Performance Conference 2013 The future of managing asset-intensive businesses John Keefe APM/RBMI Technical Manager Asset Integrity Services.

Performance Audit Subcommittee (PAS) recent activities Maria Lúcia Lima Federal Court of Accounts - Brazil Meeting of the ICS Subcommittee.

October 2004 From Principles to Prosperity How we Integrate Corporate Governance into our Investment Process Guy Jubb Head of Corporate Governance.

SEMINAR Ethics Committees or similar within SAIs Lisboa, January 2014.

Conformity Assessment and Accreditation Mike Peet Chief Executive Officer South African National Accreditation System.

Progress Report on the activities of the INTOSAI Working Group on IT Audit Chair: SAI India Comptroller and Auditor General of India1.

USING THE PUBLIC PROCUREMENT MODEL OF EXCELLENCE (PPME) TOOL TO IDENTIFY CAPACITY DEVELOPMENT NEEDS A PRESENTATION BY A.B. ADJEI CHIEF EXECUTIVE – PUBLIC.

INTOSAI Capacity Building Committee Meeting Stockholm, 8-10 September 2015 SAI capacity from a Post-2015 development agenda perspective The PASAI cooperative.

INTOSAI Task Force Global Financial Crisis - Challenges for SAIs and the WGPD Roberto José Domínguez Moro Superior Audit Office of Mexico INTOSAI Working.

1 WFC 2015, Mexico Worldwide implementation of the PFMI Froukelien Wendt, Monetary and Capital Markets Department, IMF.

Module N° 8 – SSP implementation plan. SSP – A structured approach Module 2 Basic safety management concepts Module 2 Basic safety management concepts.

New Challenges in Institutional Development of the National Audit Office of Lithuania Dainora Venckevičienė Chief Specialist at the Division for Legal.

Towards a European network for digital preservation Ideas for a proposal Mariella Guercio, University of Urbino.

CBC Steering Committee Chaired by CBC Vice Chair Mr Magnus Lindell 1 INTOSAI CBC Steering Committee Meeting in Stockholm, Sweden.

Performance Audit Subcommittee PSC-SC meeting – Manama standards/performance-audit-subcommittee.html.

Project Portfolio Governance by the Executive Governance Committee (EGC) The EGC Jim Kneeland ©

DEPARTMENT OF DEFENCE Briefing on Audit Outcomes Year ended 31 March 2010 AGSA AUDIT TEAM.

Comité de deuda pública Public Debt Committee Strategic Plan Presented by Richard Domingue Office of the Auditor General of Canada.

First Meeting of the Steering Committee Knowledge Sharing Committee INTOSAI Strategic Goal 3 New Delhi, India March 5-6, 2009 Information on the INTOSAI.

IT GOVERNANCE  Objective : The objective of this area is to ensure that the Certified Information Systems Auditor ( CISA ) candidate understands and can.

WEC MADRID 18 TH MARCH 2004 ASTRAZENECA’S APPROACH TO SUPPLIER RISK MANAGEMENT.

Cargo Strategic Action Plan Prepared by: Cargo Strategic Action Group Air Carrier Maintenance Branch, AFS-330.

Performance Audit Subcommittee - PAS PSC meeting Mexico City, November 4, 2007.

Elements of an Effective Regional Strategy for Development of Statistics - SADC Ackim Jere SADC Secretariat Gaborone, Botswana PARIS 21 Forum on Reinforcing.

PUBLIC–PRIVATE PARTNERSHIP (PPP) FRAMEWORK AND GUIDELINES Syed M. Ali Zaidi, P.Eng. PM(Stanford), Ph.D. Director, Strategic Partnerships Alberta Infrastructure.

Working Group on the Value and Benefits Chair´s Report 7th Meeting of the Steering Committee of the INTOSAI Committee on the Knowledge Sharing and Knowledge.

Due Process – ISSAIs and INTOSAI GOVs Roberto José Domínguez Moro Superior Audit Office of Mexico INTOSAI Working Group on Public Debt October, 2009.

Project Management Project Integration Management Minder Chen, Ph.D. CSU Channel Islands

International Auditing and Assurance Standards Board ISA Implementation Monitoring Project Update Jon Grant, IAASB Task Force Chairman IAASB Board Meeting.

Leadership Guide for Strategic Information Management Leadership Guide for Strategic Information Management for State DOTs NCHRP Project Information.

Capacity for Health Impact Assessment Debbie Abrahams Director IMPACT+ West Midlands Public Health Observatory, Birmingham, 25 th June 2008.

Developing an Audit Program By Rodney Kocot President Systems Control and Security Incorporated Copyright © 2005 Rodney Kocot.

The International Society for Quality in Health Care (ISQua) – Guidelines.

Audit of predetermined objectives

Project Human Resource Management

Agenda Item #2 CHAIR´S REPORT September 6, 2017.

Predetermined Objectives – 2013/14

PUBLIC PRIVATE DIALOGUE FOR INVESTMENT CLIMATE POLICY REFORM IN FIJI

the Public Procurement Audit Practical Guide

Presentation to the INTOSAI Working Group on IT Audit Systems assurance and data analytics for continued audit quality and improved efficiency of audits.

Documentation Requirements of an IT Audit including Audit Management System (Area: Audit Process) A presentation by SAIs AFROSAI-E, Bangladesh, China,

CORPORATE & ACADEMIC GOVERNANCE STRUCTURE

Reporting Dashboard of WGITA

Presentation transcript:

Office of the Auditor General of Canada Final Report of the Task Force on IT Governance Richard Brisebois Beijing, China

Office of the Auditor General of Canada Agenda Background Project Objective Project team Project Schedule/History IT Governance Key Questions Outcomes Conclusion

Office of the Auditor General of Canada Project Objective The main objective of the project was to discuss the importance of IT Governance, identify risks and challenges being faced and propose new guidance and share best practices in this area

Office of the Auditor General of Canada Project Team Project leader: Richard Brisebois, Canada Active Members: 1.Claudia Dias, Brazil 2.Nagarajan Nagarajan & Ashutosh Sharma, India 3.Dainius Jakimavicius & Irmantas Aleliunas, Lithuania 4.Thomas Wijsman, Netherlands 5.Thor Kristian Svendsen & Erna Jørgensen Lea, Norway 6.Mr. Jamtsho, Bhutan 7.Shaima Al Hinai, Oman 8.Alla Petrenko, Russian Federation 9.Steve Doughty/Angus Waugh, United Kingdom 10.Madhav Panwar, USA Commentary Project Participants: 1.Sr. Ryoichi Doi, Japan 2.Bjørn Undall, Sweden

Office of the Auditor General of Canada Project Schedule/History May 2006: The IT Governance project was initiated at the INTOSAI WGITA meeting in Brazil. Oct 2006: Scoping report completed. March 2007: WGITA IT Governance Performance Auditing Seminar in Muscat, Oman. 2008: Launch of the IT Governance database in Japan 2008: Collection of various SAIs work on IT Governance (inserted to the IT Governance database) 2009: Collection of reference material on IT Governance (inserted to the IT Governance database) 2008 & 2009: Interim Progress Reports April 2010: IT Governance Checklist April 2010: Final report of IT Governance task force

Office of the Auditor General of Canada

What is IT Governance? IT governance is the responsibility of the board of directors and executive management. It is an integral part of enterprise governance and consists of the leadership and organisational structures and processes that ensure that the organisations IT sustains and extends the organisations strategies and objectives. IT Governance Institute

Office of the Auditor General of Canada IT Governance Key Questions 1. Leadership and Organization - Do the IT organizational structure and human resources (personnel) management in place support the organizations strategies and objectives? 2. IT strategy - Is there an IT strategy in place, including the IT direction, and the processes for the strategys development, approval, and implementation and maintenance that is aligned with the organizations strategies and objectives? 3. Policies and standards - Are there IT policies, standards, and procedures, and the processes for their development, approval, implementation, maintenance, and monitoring in place to support the IT strategy and comply with regulatory and legal requirements? 4. Quality Management System - Is there an IT quality management system in place to support the organizations strategies and objectives? 5. IT controls - Are there sufficient IT management and monitoring of controls (e.g., continuous monitoring, QA) in place to support organizations policies, standards and procedures?

Office of the Auditor General of Canada IT Governance Key Questions 6. Investment planning - Are there IT resource investment, use and allocation practices, including prioritization criteria in place that are aligned with the organizations strategies and objectives? 7. Contracting - Are there IT contracting strategies and policies, and contract management practices in place to support the organizations strategies and objectives? 8. Risk management - Are there risk management practices in place to ensure that the organizations IT-related risks are properly managed? 9. Monitoring and reporting - Are there monitoring and assurance practices in place to allow the board and executive management to receive sufficient and timely information about IT performance? 10. Business continuity planning - Is there a business continuity plan in place to support orderly recovery of essential business operations during the period of an IT disruption?

Office of the Auditor General of Canada How to Use the Questions Question: Do the IT organizational structure and human resources (personnel) management in place support the organizations strategies and objectives? Audit objective: To determine whether IT organizational structure and human resources (personnel) management in place support the organizations strategies and objectives. Criterion: We expect the organization to have in place adequate IT organizational structure and human resources (personnel) management to support the organizations strategies and objectives.

Office of the Auditor General of Canada Outcomes of the IT Governance Task Force Publications Database of Reference Material for IT Governance IT Governance Scoping, status and final reports Papers and presentations made at the 5th performance audit seminar (Oman, 2007) Collection of various SAIs work on IT Governance Collection of Reference material on IT Governance Identification of Framework and Standards related to IT Governance

Office of the Auditor General of Canada Sub Projects Cancelled Develop training material on IT Governance (cancelled) Adapt Private Sector IT Governance material for Public Sector use (cancelled)

Office of the Auditor General of Canada Conclusion Lets not re-invent the wheel There are a lot of resources available on IT governance Most of them are available in Database of Reference Material for IT Governance Lets continue to share best practices and facilitate exchange of information and experience

Office of the Auditor General of Canada Questions/Thank You Richard Brisebois CGA, CISA Principal, IT Audit Services Office of the Auditor General of Canada Tel: (613) ext Fax: (613) Sparks Street Ottawa, Ontario, Canada K1A 0G6