Presentation is loading. Please wait.

Presentation is loading. Please wait.

I NFORMATION T ECHNOLOGY G ENERAL C ONTROLS A UDIT CA. Dr. K. Paul Jayakar M.com., FCA, Ph.D., DIRM, CRISC Director IT & RMS, Brahmayya & Co. 2 nd September.

Published byRoger Robbins Modified over 9 years ago

Similar presentations

Presentation on theme: "I NFORMATION T ECHNOLOGY G ENERAL C ONTROLS A UDIT CA. Dr. K. Paul Jayakar M.com., FCA, Ph.D., DIRM, CRISC Director IT & RMS, Brahmayya & Co. 2 nd September."— Presentation transcript:

1 I NFORMATION T ECHNOLOGY G ENERAL C ONTROLS A UDIT CA. Dr. K. Paul Jayakar M.com., FCA, Ph.D., DIRM, CRISC Director IT & RMS, Brahmayya & Co. 2 nd September 2015

2 Today’s overview

3 1.PLANNING AND DESIGN 2.ACCESS CONTROL 3.CONFIGURATION AND MANAGEMENT 4.APPLICATIONS 5.DATA INTEGRITY AND SECURITY 6.MONITORING AND LOGGING 7.PHYSICAL SECURITY 8.CONTINGENCY PLANNING AND DISASTER PREPAREDNESS 9.POLICY 10.THIRD PARTIES

4 Learning Objectives Technology Procedure Policies Benefits

5 1. Planning And Design

6 a.Classifying Data b.Risk Management c.Topology d.Data flow

7 2. Access Control

8 a.Identify Users, System Administrators, Developers b.Access Control Administration: Authorization and Access Granting Authority c.Authentication and Authorization d.VPN/Remote Access e.Host Interfaces f.Network Access Control Devices

9 3. Configuration And Management

10 a.Host Configuration b.Network Device Configuration c.Application and Database Configuration d.Change Control e.Patching and Anti-virus f.System Validation

11 4. Applications

12 5. Data Integrity And Security

13 6. Monitoring And Logging

14 a.Application, Database, System, Network, and Device Logs b.Log Maintenance and Review c.Intrusion Detection d.Testing

15 7. Physical Security

16 8. Contingency Planning And Disaster Preparedness

17 a.Contingency Planning b.Non-production Environments c.Backups

18 9 Policy

19 10 Third Parties

20 New Environment

21 N EW O PPORTUNITIES

22 New Opportunities The technology learning curve

23 Time Spent Projects Worked On Get Familiar Achieve Mastery Working Toward Mastery Get Experienced

24 Doing Your Best Work Working from home Working offsite Technology requirements

25 Summary Define your challenges – Technological as well as personal Set realistic expectation – Mastery is not achieved overnight Keep your eye on the goal – Mentorship programs

26 Resources ICAI icai.org ; cit.icai.org IIA theiia.org ISACA isaca.org

27 Q UESTIONS ?

28 T HANK YOU

Download ppt "I NFORMATION T ECHNOLOGY G ENERAL C ONTROLS A UDIT CA. Dr. K. Paul Jayakar M.com., FCA, Ph.D., DIRM, CRISC Director IT & RMS, Brahmayya & Co. 2 nd September."

Similar presentations

N.J. Office of Homeland Security & Preparedness Grant and Program Management Bureau Grants Tracking System.

N.J. Office of Homeland Security & Preparedness Grant and Program Management Bureau Grants Tracking System.
Top-Down Network Design Chapter Nine Developing Network Management Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer.

Top-Down Network Design Chapter Nine Developing Network Management Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer.
All Rights Reserved, Duke Medicine 2007 IT Security Presented by: Trisha Craig and Don Elsner Principal Auditors – IT Audit Duke University 1.

All Rights Reserved, Duke Medicine 2007 IT Security Presented by: Trisha Craig and Don Elsner Principal Auditors – IT Audit Duke University 1.
© 2005, QEI Inc. all characteristics subject to change. For clarity purposes, some displays may be simulated. Any trademarks mentioned remain the exclusive.

© 2005, QEI Inc. all characteristics subject to change. For clarity purposes, some displays may be simulated. Any trademarks mentioned remain the exclusive.
Security Controls – What Works

Security Controls – What Works
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
Inteco and NIST Cooperation Peter Mell National Vulnerability Database Project Lead Senior Computer Scientist NIST Computer Security Division Tim Grance.

Inteco and NIST Cooperation Peter Mell National Vulnerability Database Project Lead Senior Computer Scientist NIST Computer Security Division Tim Grance.
Data Management Awareness January 23, 2008 1 University of Michigan Administrative Information Services Data Management Awareness Unit Liaisons January.

Data Management Awareness January 23, University of Michigan Administrative Information Services Data Management Awareness Unit Liaisons January.
Concepts of Database Management Seventh Edition

Concepts of Database Management Seventh Edition
Microsoft Operations Manager Presented by: Alen Plicanic.

Microsoft Operations Manager Presented by: Alen Plicanic.
R EAL P ROPERTY AND F ACILITIES E NGINEERING C OORDINATION Stephen Rider Facilities and Real Estate Division Office of Strategic Infrastructure NASA Headquarters.

R EAL P ROPERTY AND F ACILITIES E NGINEERING C OORDINATION Stephen Rider Facilities and Real Estate Division Office of Strategic Infrastructure NASA Headquarters.
Database Administration Chapter 16. Need for Databases  Data is used by different people, in different departments, for different reasons  Interpretation.

Database Administration Chapter 16. Need for Databases  Data is used by different people, in different departments, for different reasons  Interpretation.
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®

Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
User Group 2015 Security Best Practices. Presenters Steve Kelley, COO 31 years experience building and managing operations and service delivery organizations.

User Group 2015 Security Best Practices. Presenters Steve Kelley, COO 31 years experience building and managing operations and service delivery organizations.
Management Information Systems

Management Information Systems
GEORGE MILLER BLUE TEAM CS 410 Mobile Digital Signatures A Mobile Access Defense Health System (MADHS)

GEORGE MILLER BLUE TEAM CS 410 Mobile Digital Signatures A Mobile Access Defense Health System (MADHS)
D ATABASE A DMINISTRATION ITEC 450 Fall 2012 Instructor: Dr. Rama Gudhe.

D ATABASE A DMINISTRATION ITEC 450 Fall 2012 Instructor: Dr. Rama Gudhe.
How STERIS is using Cloud Technology to Protect Web Access Presented By: Ed Pollock, CISSP-ISSMP, CISM CISO STERIS Corporation “Enabling Business”

How STERIS is using Cloud Technology to Protect Web Access Presented By: Ed Pollock, CISSP-ISSMP, CISM CISO STERIS Corporation “Enabling Business”
ShareTech Eye Cloud Service System. Here comes your footer Page 2 Eye Cloud Service System Stage of Development ShareTech Information Co., Ltd. Early.

ShareTech Eye Cloud Service System. Here comes your footer Page 2 Eye Cloud Service System Stage of Development ShareTech Information Co., Ltd. Early.
HIPAA COMPLIANCE WITH DELL

HIPAA COMPLIANCE WITH DELL

Similar presentations

Ads by Google