Presentation is loading. Please wait.

Presentation is loading. Please wait.

G RADUATE PROJECT IT Policy and Audit FA13-900 D’Mico Johnson.

Published byMaximillian Atkins Modified over 9 years ago

Similar presentations

Presentation on theme: "G RADUATE PROJECT IT Policy and Audit FA13-900 D’Mico Johnson."— Presentation transcript:

1 G RADUATE PROJECT IT Policy and Audit FA13-900 D’Mico Johnson

2 I NTRODUCTION During this presentation we will look at the current and future rules and the policies that regulate new technology implementations at Silgan Containers. We will also examine and compare Silgan to the industry standards.

3 A BOUT S ILGAN C ONTAINERS o Established in 1987 o Largest provider of metal food packaging o More than 3500 Employees o More than 2500 PC’s o More than 350 Servers (Physical and Virtual) o More than 75 different applications ran o IT Staff of 30 employees (7 programmers, 1 database admin, 6 network engineers, 5 help desk personnel, 3 operations support specialist, 8 ERP developers and 6 management personnel). o Annual IT budget of 2.5 million dollars.

4 S ILGAN ’ S CURRENT POLICY AND REGULATION New Technology Implementation New technology under 5K, less than 40 IT man hrs. IT Director approves or denies these proposals. New technology under 100k, more than 40 IT hrs. Approval from the CFO Approval from IT steering committee New technology over 100K Approval from CEO Approval from IT steering committee

5 S ILGAN ’ S CURRENT POLICY AND REGULATION SOX Testing Technology that affects Financial/ Security aspects Test new technology Analysis reviews testing data End user evaluation SOX Auditing Non SOX Testing Technology that doesn’t affect Financial/Security Test new technology End user evaluation

6 C URRENT I NDUSTRY P OLICY AND R EGULATIONS New Technology Implementation Internal IT control frameworks SDLC COBIT Regulatory Sarbanes-Oxley Act (SOX)

7 I NTERNAL F RAMEWORK SDLC Process for planning, creating, testing and deploying an information system. Phases Design Implementation Maintenance Planning Analysis

8 I NTERNAL F RAMEWORK COBiT It is a supporting toolset that allows managers to bridge the gap between control requirements, technical issues and business risks. Domains Plan and Organize Acquire and Implementation Deliver and Support Monitor and Evaluate

9 S ILGAN C ONTAINERS VS. I NDUSTRY Custom Internal Framework Cost Dependent IT Steering Committee SOX regulated Internal Framework SDLC COBIT IT Steering Committee Sox Regulated

10 F UTURE Silgan’s Future Silgan has no immediate plans to change their current implementation policies. There is also no foreseeable regulation changes in the future that will alter Silgan’s current implementation plan. Industry Future More regulatory audits Internal and external More Internal frameworks

11 R ECOMMENDATIONS Future Recommendations Utilize Internal Frameworks Initial phase implement SDLC Second phase implement COBiT Add more IT personnel on steering committee Utilize internal auditing Utilize external auditing

12 D EFINITION OF T ERMS SOX- Sarbanes Oxley (SOX audit) is an audit on a publicly-held company's financial information and internal controls SDLC- System Design Life Cycle is the process for planning, creating, testing, and deploying an information system COBiT- Control Objectives for Information and Related Technology is a framework created by ISACA for information technology management and IT governance. It is a supporting toolset that allows managers to bridge the gap between control requirements, technical issues and business risks

13 C ONCLUSION Silgan’s current implementation and regulatory plans work. However, I do believe that if Silgan was to implement SDLC and COBiT in stages it would stream line a lot of the current processes and make things easier by supplying a. I also believe that with the use of internal and external audits, Silgan would guarantee compliance with SOX and any other regulatory policies they may see in the future.

Download ppt "G RADUATE PROJECT IT Policy and Audit FA13-900 D’Mico Johnson."

Similar presentations

IT Web Application Audit Principles Presented by: James Ritchie, CISA, CISSP….

IT Web Application Audit Principles Presented by: James Ritchie, CISA, CISSP….
G R C The Science of Compliance ® ®. Craig Isaacs CEO, Unified Compliance Framework The world's largest and most reviewed legal framework. 2.

G R C The Science of Compliance ® ®. Craig Isaacs CEO, Unified Compliance Framework The world's largest and most reviewed legal framework. 2.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.
Frameworks, Standards and Regulations IT Auditing and Cyber Security Spring 2014 Instructor: Liang Yao (MBA, MS, CIA, CISA, CISSP)

Frameworks, Standards and Regulations IT Auditing and Cyber Security Spring 2014 Instructor: Liang Yao (MBA, MS, CIA, CISA, CISSP)
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Control and Accounting Information Systems

Control and Accounting Information Systems
Sodexo.com Group Internal Audit. page 2 helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and.

Sodexo.com Group Internal Audit. page 2 helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and.
ACG 6415 SPRING 2012 KRISTIN DONOVAN & BETH WILDMAN IT Security Frameworks.

ACG 6415 SPRING 2012 KRISTIN DONOVAN & BETH WILDMAN IT Security Frameworks.
Audit Committee in Albania Legal framework Law 9226 /2006 “On banks in Republic of Albania” Law 9901/2008 “On entrepreneurs and commercial companies” Corporate.

Audit Committee in Albania Legal framework Law 9226 /2006 “On banks in Republic of Albania” Law 9901/2008 “On entrepreneurs and commercial companies” Corporate.
Project Management Process. Project Complexity means that: a team of people are needed to supply expertise the work needs to be broken into manageable.

Project Management Process. Project Complexity means that: a team of people are needed to supply expertise the work needs to be broken into manageable.
Chapter 5 5-1 © 2009 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2009 Pearson Education, Inc. Publishing as Prentice Hall.
Chapter 5 5-1 © 2009 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2009 Pearson Education, Inc. Publishing as Prentice Hall.
Implementing SMS in Civil Aviation: the Canadian Perspective.

Implementing SMS in Civil Aviation: the Canadian Perspective.
Sarbanes-Oxley Compliance Process Automation

Sarbanes-Oxley Compliance Process Automation
Security Controls – What Works

Security Controls – What Works
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
© 2006 IBM Corporation Introduction to z/OS Security Lesson 9: Standards and Policies.

© 2006 IBM Corporation Introduction to z/OS Security Lesson 9: Standards and Policies.
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.

Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
7.2 System Development Life Cycle (SDLC)

7.2 System Development Life Cycle (SDLC)
Integrating work flows of five utilities utilizing Oracle’s WAM

Integrating work flows of five utilities utilizing Oracle’s WAM

Similar presentations

Ads by Google