Presentation is loading. Please wait.

Presentation is loading. Please wait.

Governance, audit and digital preservation

Published byFabienne Pellerin Modified over 5 years ago

Similar presentations

Presentation on theme: "Governance, audit and digital preservation"— Presentation transcript:

1 Governance, audit and digital preservation
April 14, 2004 Governance, audit and digital preservation Boudien J. Glashouwer RE RI CISA April 14, 2004

2 Governance, audit and digital preservation
April 14, 2004 Table of contents Governance Quality and Maturity Information Security Audit Digital preservation April 14, 2004 Erpanet - Antwerp

3 Strategic business goals
Governance, audit and digital preservation April 14, 2004 Strategic business goals Profit or Non-profit Core business is digital preservation or Digital preservation is secondary April 14, 2004 Erpanet - Antwerp

4 Governance, audit and digital preservation
April 14, 2004 Legislation Democracy Buying and selling agreements Computer crime Transparency Privacy Finance Specific laws Records management April 14, 2004 Erpanet - Antwerp

5 Governance, audit and digital preservation
April 14, 2004 Hot issues Sarbanes Oxley Act, 2002, USA Financial reporting, auditing, internal control, standard setting, corporate governance Basel II, New Basel Capital Accord, 2003, Europe Limitation of credit risks and operational risks in banking April 14, 2004 Erpanet - Antwerp

6 Governance, audit and digital preservation
April 14, 2004 Governance How to keep the ship on course? How to achieve objectives? How to timely adapt? Governance manage, control, account for and supervise April 14, 2004 Erpanet - Antwerp

7 Governance, audit and digital preservation
April 14, 2004 Goals, strategy and policy Laws and regulations Standards and control models Commitment on top level Plan Do Needs Responsibilities Projects Communication Meetings Organisation Quality Security Management cycle Correct/ Adapt Check Monitor, evaluate, learn New standards? Adapt policy Measure Alignment Compliance Assessment Audit/assurance April 14, 2004 Erpanet - Antwerp

8 Plan

9 Governance & control models
Governance, audit and digital preservation April 14, 2004 Governance & control models COSO USA, Internal Control Integrated Framework, 1992 business ethics, effective internal control, corporate governance COBIT Governance, control and audit for IT and related technology, 1996 IT-controls support the COSO-framework April 14, 2004 Erpanet - Antwerp

10 Governance, audit and digital preservation
April 14, 2004 COSO Committee of Sponsoring Organisations of the Treadway Commission (fraudulent financial reporting) Internal Control Integrated Framework 1. Control environment (company level) 2. Risk assessment (achieve objectives) 3. Control activities (policies, procedures, practices, general & application controls) 4. Information and communication (at all levels) 5. Monitoring of the internal control (oversight) April 14, 2004 Erpanet - Antwerp

11 Governance, audit and digital preservation
April 14, 2004 CobiT Planning and Organisation strategy, quality, human resources Acquisition and Implementation systems development and installing Delivery and Support service levels, operations, security Monitoring internal control, assurance, audit April 14, 2004 Erpanet - Antwerp

12 Do

13 Governance, audit and digital preservation
April 14, 2004 Business Performance Manage business Take action Produce Can be a bakery or digital preservation... April 14, 2004 Erpanet - Antwerp

14 Quality and maturity of business processes
Governance, audit and digital preservation April 14, 2004 Quality and maturity of business processes ISO 9000 general quality ISO records management ITIL IT Infrastructure Library EFQM, total quality management April 14, 2004 Erpanet - Antwerp

15 Information Security Risk analysis business processes Awareness
Standard ISO 17799 Baseline security levels Manager, security-officer, security manager, auditor Service Level Agreement (SLA and SLM) Certification April 14, 2004 Erpanet - Antwerp

16 Check

17 Monintoring & Measuring
Critical Success Factors Key Goal Indicators Key Performance Indicators Dashboards Scorecards Benchmarking April 14, 2004 Erpanet - Antwerp

18 Auditing Internal audit External audit Self assessment
Internal Audit Service External audit Financial auditing Operational auditing IT/EDP-auditing April 14, 2004 Erpanet - Antwerp

19 Resources Business processes People Application systems Technology
input, througput, output, outcome People Application systems Technology Facilities Data April 14, 2004 Erpanet - Antwerp

20 Criteria Effectiveness Efficiency Confidentiality Integrity
Availability Compliance Reliability April 14, 2004 Erpanet - Antwerp

21 Audit approach Legislation, standards Management norms Audit plan
Audit tools Report Communication Certification? April 14, 2004 Erpanet - Antwerp

22 Correct/Adapt

23 Improvement Define maturity level Learn Take small steps
Grow and improve quality of business processes! April 14, 2004 Erpanet - Antwerp

24 Digital preservation No information, no control...
Without digital preservation governance, control and audit not possible! Can the audit of business processes be enough or… Do we need a special preservation audit or certificate? April 14, 2004 Erpanet - Antwerp

25 Take the challenge Enjoy this conference in Antwerp! April 14, 2004
Erpanet - Antwerp

26 Websites www.coso.org www.isaca.org www.erpanet.org April 14, 2004
Erpanet - Antwerp

27 Contact Het Expertise Centrum, The Hague www.hec.nl
April 14, 2004 Erpanet - Antwerp

Download ppt "Governance, audit and digital preservation"

Similar presentations

Chapter 10 Accounting Information Systems and Internal Controls

Chapter 10 Accounting Information Systems and Internal Controls
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Control and Accounting Information Systems

Control and Accounting Information Systems
Control and Accounting Information Systems

Control and Accounting Information Systems
Audit Committee in Albania Legal framework Law 9226 /2006 “On banks in Republic of Albania” Law 9901/2008 “On entrepreneurs and commercial companies” Corporate.

Audit Committee in Albania Legal framework Law 9226 /2006 “On banks in Republic of Albania” Law 9901/2008 “On entrepreneurs and commercial companies” Corporate.
COBIT - II.

COBIT - II.
Www.isaca-malta.org Roger Southgate Past President of ISACA London Chapter Member of the BSI Committees for Service Management and IT Governance Leader.

Roger Southgate Past President of ISACA London Chapter Member of the BSI Committees for Service Management and IT Governance Leader.
Under the Microscope Business Officers Meeting March 7, 2006 Presented by Randy Van Dyke Internal Control.

Under the Microscope Business Officers Meeting March 7, 2006 Presented by Randy Van Dyke Internal Control.
By Collin Smith http://techinitiatives.blogspot.com COBIT Introduction By Collin Smith http://techinitiatives.blogspot.com.

By Collin Smith COBIT Introduction By Collin Smith
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.

Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
First Practice - Information Security Management System Implementation and ISO 27001 Certification.

First Practice - Information Security Management System Implementation and ISO Certification.
Training.

Training.
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.

Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
Chapter 4 IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESSES.

Chapter 4 IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESSES.
Introduction to IT Auditing

Introduction to IT Auditing
1 Homologues Group Meeting Slovenia, October 2009 Republika SlovenijaEuropean Union Ljubljana, 12-13 October 2009 Introduction to IT audits PART II IT.

1 Homologues Group Meeting Slovenia, October 2009 Republika SlovenijaEuropean Union Ljubljana, October 2009 Introduction to IT audits PART II IT.
Continual Service Improvement Process

Continual Service Improvement Process
Chapter 3 Internal Controls.

Chapter 3 Internal Controls.
Vijay V Vijayakumar.  SOX Act  Difference between IT Management and IT Governance  Internal Controls  Frameworks for Implementing SOX  COSO - Committee.

Vijay V Vijayakumar.  SOX Act  Difference between IT Management and IT Governance  Internal Controls  Frameworks for Implementing SOX  COSO - Committee.

Similar presentations

Ads by Google