Presentation is loading. Please wait.

Presentation is loading. Please wait.

IT Assurance and Reliability Why Should You Care? Richard Oppenheim, CPA, CITP President, SysTrust Services Corporation Presented to ISACA Regional Meeting.

Published byKristina Wheeler Modified over 9 years ago

Similar presentations

Presentation on theme: "IT Assurance and Reliability Why Should You Care? Richard Oppenheim, CPA, CITP President, SysTrust Services Corporation Presented to ISACA Regional Meeting."— Presentation transcript:

1

2 IT Assurance and Reliability Why Should You Care? Richard Oppenheim, CPA, CITP President, SysTrust Services Corporation Presented to ISACA Regional Meeting Denver, CO October 17, 2001

3 Prepared by SysTrust Services Corporation 2 Today’s Discussion  Valuable Assets need reliable protection  Dealing with Uncertainty in Uncertain Times  Ideas for assuring control

4 Prepared by SysTrust Services Corporation 3 Valuable assets need to be reliable  Overcoming loss of resources  Average laptops lost / day = 1,000  Identify costs to replace -  Equipment and Resources  Data  What is cost of Data in the hands of someone you do not control?

5 Prepared by SysTrust Services Corporation 4 Business Systems Data is business foundation Decision making – too much and too little IT systems include relationships Take inventory of what you have Back ups internal and off site Data, Applications, Operations, Data Networks Documentation, Procedures manuals Redundant operations, Hot Sites Controls

6 Prepared by SysTrust Services Corporation 5 Reliable Systems Are Needed More than just financial Data to manage business processes Control at all levels Design Development Maintenance Monitoring Data, Applications, Resources People, Paper, Procedures

7 Prepared by SysTrust Services Corporation 6 Why should you care ? 7 World Trade Center

8 Prepared by SysTrust Services Corporation 7 Reliable Systems - Verification  Beneficiaries  Board, Management, Staff  Customers  Bankers, Insurers, Investors  Vendors  Goals  Opinion for Business Continuity  On time, On budget, On point

9 Prepared by SysTrust Services Corporation 8 Reliable Systems - Verification  Audit Goals – Now & Future  Continuous auditing and reporting  Understanding IT business process  Certification opportunity  Controls determine CRITERIA  System reliability is goal

10 Prepared by SysTrust Services Corporation 9 Reliable Systems - Assurance Internal vs External Needs Need for consistency Price vs Cost Spending for prevention Cost of recovery Resource Access vs Disaster Value of assurance Principles of SysTrust

11 Prepared by SysTrust Services Corporation 10 SysTrust from AICPA SysTrust is a report issued by a CPA or CA on the “Reliability”of an entity’s system. Reliable Systems COBIT from ISACA IT GOVERNANCE A structure of relationships and processes to direct and control the enterprise in order to achieve the enterprise's goals by adding value while balancing risk versus return over IT and its processes.

12 Prepared by SysTrust Services Corporation 11 Why Get Involved With SysTrust  When there is a system failure the CEO is going to call  Structure and framework built on platform including COBIT  Can be used to help decide if /when outsourcing is appropriate  Due diligence issues

13 Prepared by SysTrust Services Corporation 12 Why is SysTrust Important Enterprise Resource Planning (ERP) When employees are busy, controls are put aside or forgotten Company secrets are more vulnerable Attacks can cripple business operations Outsourcing is a financial alternative

14 Prepared by SysTrust Services Corporation 13 SysTrust Services Corp. Documentation package that provides for:  Definitions of principles, criteria, and controls  Data center self assessment and description  Auditor testing, evaluation, conclusion, plan

15 Prepared by SysTrust Services Corporation 14 Disasters Happen 10 things the SME can do

16 Prepared by SysTrust Services Corporation 15 10 Things the SME can do  1Management must be involved: executives, senior mgmt, operations, IT  2Disaster Plan must be in writing  3Backup data daily and move one copy offsite  4Practice system outage recovery  5Understand who the users of the IT system are and where they are located

17 Prepared by SysTrust Services Corporation 16 10 Things the SME can do  6IT and business documents, manuals for operations, training, etc. must be in writing  7Personnel must also have backups  8Contracts for outsourced support and services need review  9 IT recovery needs  10 Obtain expert support as needed

18 Prepared by SysTrust Services Corporation 17 How / Where / When to Begin SHORT TERM Start NOW Create procedures for tasks done regularly Assess value related to process LONG TERM Operations redundancy / Hot site Risk assessment Continuous auditing

19 Prepared by SysTrust Services Corporation 18 Resistance to Implementation $ Management priorities elsewhere Lack of personnel Lack of resources Lack of user participation Issues working against IT Assurance and Reliability

20 Prepared by SysTrust Services Corporation 19 IT Assurance & Reliability Something to care about – NOW

21 Prepared by SysTrust Services Corporation 20 IT Assurance & Reliability Richard Oppenheim, CPA, CITP President, SysTrust Services Corporation www.systrustservices.com roppenheim@systrustservices.com 303-795-8847

Download ppt "IT Assurance and Reliability Why Should You Care? Richard Oppenheim, CPA, CITP President, SysTrust Services Corporation Presented to ISACA Regional Meeting."

Similar presentations

The Managing Authority –Keystone of the Control System

The Managing Authority –Keystone of the Control System
Managing Outsourced Service Providers By: Philip Romero, CISSP, CISA.

Managing Outsourced Service Providers By: Philip Romero, CISSP, CISA.
Managing Risk: A Framework and Reporting Cycle 2014.

Managing Risk: A Framework and Reporting Cycle 2014.
INTERNAL AUDIT PROCESS Pre-Audit Presentation. OBJECTIVES OF PRESENTATION  Provide a basic understanding of internal audit  Provide a basic awareness.

INTERNAL AUDIT PROCESS Pre-Audit Presentation. OBJECTIVES OF PRESENTATION  Provide a basic understanding of internal audit  Provide a basic awareness.
COBIT - II.

COBIT - II.
©2008 Prentice Hall Business Publishing, Auditing 12/e, Arens/Beasley/Elder 1 - 1 The Demand for Audit and Other Assurance Services Chapter 1.

©2008 Prentice Hall Business Publishing, Auditing 12/e, Arens/Beasley/Elder The Demand for Audit and Other Assurance Services Chapter 1.
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Chapter 5 IT Processes Presented by Dr. Mohamed Sammouda.

Chapter 5 IT Processes Presented by Dr. Mohamed Sammouda.
Managing the Information Technology Resource Jerry N. Luftman

Managing the Information Technology Resource Jerry N. Luftman
Software Project Transition Planning

Software Project Transition Planning
CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.

CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.
Chapter 10 Information Systems Management. Agenda Information Systems Department Plan the Use of IT Manage Computing Infrastructure Manage Enterprise.

Chapter 10 Information Systems Management. Agenda Information Systems Department Plan the Use of IT Manage Computing Infrastructure Manage Enterprise.
The Information Systems Audit Process

The Information Systems Audit Process
Tan Jenny 23 September 2009 SESSION 4: Understanding Your IT Control Environment & Its Readiness.

Tan Jenny 23 September 2009 SESSION 4: Understanding Your IT Control Environment & Its Readiness.
Welcome to the Board! (and did we mention your Fiduciary Responsibility?)

Welcome to the Board! (and did we mention your Fiduciary Responsibility?)
Internal Auditing and Outsourcing

Internal Auditing and Outsourcing
Protecting ICT Systems

Protecting ICT Systems
Overview of Systems Audit

Overview of Systems Audit
INFORMATION ASSURANCE USING C OBI T MEYCOR C OBI T CSA & MEYCOR C OBI T AG TOOLS.

INFORMATION ASSURANCE USING C OBI T MEYCOR C OBI T CSA & MEYCOR C OBI T AG TOOLS.
INTERNAL CONTROL OVER FINANCIAL REPORTING

INTERNAL CONTROL OVER FINANCIAL REPORTING

Similar presentations

Ads by Google