Presentation is loading. Please wait.

Presentation is loading. Please wait.

Presented By Tay Un Soo Senior VP, Bank of Commerce President of ISACA - Malaysia Chapter 1999 National Accountants Conference THRIVING IN THE DIGITAL.

Published byFrancine Little Modified over 9 years ago

Similar presentations

Presentation on theme: "Presented By Tay Un Soo Senior VP, Bank of Commerce President of ISACA - Malaysia Chapter 1999 National Accountants Conference THRIVING IN THE DIGITAL."— Presentation transcript:

1 Presented By Tay Un Soo Senior VP, Bank of Commerce President of ISACA - Malaysia Chapter 1999 National Accountants Conference THRIVING IN THE DIGITAL ECONOMY OF A NEW CENTURY

2 AGENDA Introduction - Directions and Challenges What is Corporate Governance & how it works. What is IT Governance & how it works. Relationship of Corporate and IT Governance How IT Governance impacts Enterprise effectiveness CobiT: The breakthrough IT Governance tool What is IT Audit Governance? How to audit IT Governance? Conclusion -

3 Introduction: What is Digital Economy? Information Knowledge Content Computing Communi- cation Interactive Multimedia Technology Humans Organizations Societies Intelligence Cyberspace Digital Electronic Goods, services, capital, labour, information

4 Changes In Information Technology Time to react Business process Organization Rightsizing Control Redesign TRENDS Realignment MISSION CUSTOMERS COMPETITION NEW ENTERPRISE Business risk Risk Assessment Assurance AUDITORS

5 INFORMATION TECHNOLOGY BUSINESS STRATEGIES, CULTURES, ETHICS SUCCESSFUL ENTERPRISE OPTIMISE INFORMATION VALUE CAPITALISE ON TECHNOLOGY ATTAIN BUSINESS OBJECTIVES

6 SECURITY & PRIVACY TIMELY, ACCURATE INFORMATION BUSINESS CONTINUITY NEW AUDIT METHODOLOGIES ACCOUNTING FOR VIRTUAL ASSETS TECHNICAL PROFICIENCIES CHANGING ROLES

7 AICPA 1999 TOP 10 TECHNOLOGY PRIORITIES 1. YEAR 20002 (1998) 2. Internet, Intranets & Extranets1 3. Information Security & Control3 4. Training & Technology4 5. Technology Management- 6. Disaster Recovery- 7. The Virtual Office- 8. Privacy- 9. Electronic Money- 10.Electronic Evidence-

8 Information-related Assurance Services RISK ASSESSMENT ASSURANCE ELECTRONIC COMMERCE ASSURANCE SYSTEM RELIABILITY ASSURANCE WEBTRUST ASSURANCE Business Risks Systems & Tools Internal IS Websites

9 Do your enterprise’s systems create competitive advantage, or simply keep you in business? Does your IT investment make money for your organization or cause it concern? What is the economic and strategic value of your enterprise’s information? How is online and internet delivery of products and services changing global industries? DO THE ISSUES CONCERN ME? CIO

10 Does your management view the internet as a threat or an opportunity? How can you help management and Board to effectively manage and govern IT strategy opportunities and threats in the rapidly changing technology?

11 TOP PRIORITIES OF CHIEF INFORMATION OFFICERS In The Digital Economy Business/IT fusion Demonstrating the business value of IT IT Governance

12 THE TOP OF THE TOP PRIORITIES IT and systems must work hand in hand with corporate goals and business practices - To create competitive advantage - To ensure the ultimate success of the enterprise.

13 What Is Corporate Governance? OBJECTIVES To Enhance Business Prosperity And Corporate Accountability To realize long term stakeholders value The process and structure to direct and manage the business and affairs of the company

14 EFFECTIVE CORPORATE GOVERNANCE Individual And Group Expertise And Experience Monitors And Measures Performance Provides assurance to critical issues INFORMATION TECHNOLOGY & CORPORATE OBJECTIVES IT Governance

15 CORPORATE GOVERNANCE FRAMEWORK STAKEHOLDERS REGULATORS EXTERNAL AUDITORS AUDIT COMMITTEE BOARD OF DIRECTORS

16 COSO Framework of Internal Control Monitoring Communication Control Risk Activities Information & Communication Information & Assessment Control Environment

17 Guidance on Control - CoCo 20 criteria of control PURPOSE CAPABILITY COMMITMENT ACTION MONITORING & LEARNING

18 Quality Fiduciary Security COBIT Information Criteria IT Processes IT Resources Domains Processes Activities

19 How Corporate Governance Works DIRECT REPORT USING Results measured Input for constant revision & maintenance of control Cycle begins again Enterprise governed by: Assurance provided by

20 What is IT Governance? IT GOVERNANCE is an inclusive term, which encompasses : Information systems, technology & communication business, legal & other issues stakeholders, directors, senior management, process owners, IT suppliers, users, auditors, etc Linking business objectives and IT

21 IT Aligned With Business IT Resources Used Responsibly IT Related Risks Managed Appropriately Plan/organize Acquire/implement Deliver/support Monitor MANAGE RISKS: Security, Reliability & Compliance REALISE BENEFITS: Increase automation Effectiveness Decrease costs Efficiency GOOD/BEST PRACTICES HOW IT GOVERNANCE WORKS IT ACTIVITIES

22 RELATIONSHIP OF CORPORATE & IT GOVERNANCE STRATEGIC PLAN

23 RELATIONSHIP OF CORPORATE & IT GOVERNANCE REQUIRE INFORMATION FROM BUSINESS OBJECTIVES STRATEGIC PLANNING MAXIMISE BENEFITS CAPITALIZING ON OPPORTUNITIES GAINING COMPETITIVE ADVANTAGE

24 How IT governance impact an enterprise effectiveness? IT INVESTMENT Protection INFORMATION ASSET - Management for success BUSINESS ISSUES - Y2K, ERP, E-commerce STRATEGIC INFORMATION Security, Confidentiality, Integrity

25 COBIT is the breakthrough IT governance tool

26 C OBI T : GOVERNANCE, CONTROL and AUDIT for INFORMATION and RELATED TECHNOLOGY IT governance tool to help management understand and manage IT risk

27 THE COBIT FRAMEWORK Setting The Scene THE NEED FOR CONTROL IN IT Dependencies Vulnerabilities Scale and cost of investment Change organizations and business practices, create opportunities and reduce costs MANAGEMENT OF IT RISKS Management - What to invest for security & control Users - assurance Auditors - Opinion on internal control

28 THE COBIT FRAMEWORK Setting The Scene COMPETITION CHANGE COST THE BUSINESS ENVIRONMENT MANAGENT EXPECTATIONS OF IT Re-engineered Processes Right-sizing Distributed Processing Flattened Organization Outsourcing

29 COBIT IS SPECIFICALLY DESIGNED FOR.. MANAGEMENTUSERSAUDITORS IT investment Risk & Control Benchmarking Assurance on return on costs, security and control on products and services Minimum controls To substantiate opinions to management

30 COBIT Framework’s Principles - Summary BUSINESS REQUIREMENTS IT PROCESSES IT RESOURCES

31 The Framework’s Principles BUSINESS PROCESSES What you get INFORMATION IT RESOURCES What you need Do they match ? n data n application systems n technology n facilities n people Criteria n effectiveness n efficiency n confidentiality n integrity n availability n compliance n reliability

32 The Framework’s Principles PLANNING & ORGANISATION IT RESOURCES n data n application systems n technology n facilities n people MONITORING DELIVERY & SUPPORT ACQUISITION & IMPLEMENTATION The principle applied is that the IT Resources are managed by a set of naturally grouped processes, which need to be controlled in order to ensure that the resources provide the information that the enterprise needs to achieve its objectives. Match

33 IT Domains & Processes Domains Processes Activities Natural grouping of processes, often matching and organisational domain of responsibility. A series of joined activities with natural (control) breaks. Actions needed to achieve a measurable result. Activities have a life-cycle whereas tasks are discreet.

34 The COBIT Cube Domains Processes Activities Quality Fiduciary Security People Application Systems Technology Facilities Data IT Processes Information Criteria IT Resources

35 The Waterfall Navigation Aid - High Level Control Objectives for Each Process IT Processes Business Requirements Control Statements Control Practices The control of Which satisfy Is enabled by considering 34 CONTROL OBJECTIVES AUDIT GUIDELINES

36 What Is IT Audit Governance? It is an encompassing term which includes: IT Audit Charter IT Audit Plan IT Audit Manual IT Audit Program

37 How To Audit IT Governance? Audit Charter Independence Planning Performance of Audit Work Reporting AUDITING GUIDELINE ISSUED BY ISACA CORPORATE GOVERNANCE ON INFORMATION SYSTEMS

38 Audit Charter Scope of work to include corporate governance of information systems and technology Reporting line to be used where corporate governance issues are identified

39 Independence Consider organizational status appropriate for the nature of planned audit If not, use of independent third party should be considered

40 Planning Fact finding - corporate governance structure IS audit objectives - intended audience’s needs, level of dissemination intended and national and industry regulations; control framework adopted Scope of the audit - relevant processes; IT resources Staffing

41 Performance of Audit Work Review of Board activities Review of policies and compliance Business process owner responsibilities Consideration of external factors

42 Reporting To audit committee and Board members Contents include - Statement on directors’ responsibility for system of internal control - Statement on reasonable assurance of system of internal control - Key procedures established by Board to provide effective internal control - Non compliance, major uncontrolled risks - Poor control structures or controls - Overall conclusion

43

44

Download ppt "Presented By Tay Un Soo Senior VP, Bank of Commerce President of ISACA - Malaysia Chapter 1999 National Accountants Conference THRIVING IN THE DIGITAL."

Similar presentations

Organizational Governance

Organizational Governance
Options appraisal, the business case & procurement

Options appraisal, the business case & procurement
PRESENTATION ON MONDAY 7 TH AUGUST, 2006 BY SUDHIR VARMA FCA; CIA(USA) FOR THE INSTITUTE OF INTERNAL AUDITORS – INDIA, DELHI CHAPTER.

PRESENTATION ON MONDAY 7 TH AUGUST, 2006 BY SUDHIR VARMA FCA; CIA(USA) FOR THE INSTITUTE OF INTERNAL AUDITORS – INDIA, DELHI CHAPTER.
Alignment of COBIT to Botswana IT Audit Methodology

Alignment of COBIT to Botswana IT Audit Methodology
Auditing Governance Functions

Auditing Governance Functions
Chapter 10 Accounting Information Systems and Internal Controls

Chapter 10 Accounting Information Systems and Internal Controls
Development of internal control: methodology and responsibility

Development of internal control: methodology and responsibility
Strategy 2022: A Holistic View Tony Hayes International President ISACA 2013-2014 © 2012, ISACA. All rights reserved.

Strategy 2022: A Holistic View Tony Hayes International President ISACA © 2012, ISACA. All rights reserved.
Agenda COBIT 5 Product Family Information Security COBIT 5 content

Agenda COBIT 5 Product Family Information Security COBIT 5 content
TI BISNIS ITG using COBIT &

TI BISNIS ITG using COBIT &
COBIT - II.

COBIT - II.
Chapter 5 5-1 © 2009 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2009 Pearson Education, Inc. Publishing as Prentice Hall.
Chapter 5 5-1 © 2009 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2009 Pearson Education, Inc. Publishing as Prentice Hall.
AUDIT COMMITTEE FORUM TM ACF Roundtable IT Governance – what does it mean to you as an audit committee member July 2010 The AUDIT COMMITTEE FORUM TM is.

AUDIT COMMITTEE FORUM TM ACF Roundtable IT Governance – what does it mean to you as an audit committee member July 2010 The AUDIT COMMITTEE FORUM TM is.
By Collin Smith http://techinitiatives.blogspot.com COBIT Introduction By Collin Smith http://techinitiatives.blogspot.com.

By Collin Smith COBIT Introduction By Collin Smith
IS Audit Function Knowledge

IS Audit Function Knowledge
Why Managers Must Understand IT Managers play a key role –Frame opportunities and threats so others can understand them –Evaluate and prioritize problems.

Why Managers Must Understand IT Managers play a key role –Frame opportunities and threats so others can understand them –Evaluate and prioritize problems.
The Information Systems Audit Process

The Information Systems Audit Process
COBIT Framework Introduction. Problems with IT? – Increasing pressure to leverage technology in business strategies – Growing complexity of IT environments.

COBIT Framework Introduction. Problems with IT? – Increasing pressure to leverage technology in business strategies – Growing complexity of IT environments.
Implementing and Auditing Ethics Programs

Implementing and Auditing Ethics Programs

Similar presentations

Ads by Google