Your SlideShare is downloading. ×
K P M G L L P
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Saving this for later?

Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime - even offline.

Text the download link to your phone

Standard text messaging rates apply

K P M G L L P

294
views

Published on

Published in: Business, Technology

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
294
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
14
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. K P M G L L P A D V I S O R Y Changes in the IT Audit Profession Stephen G. Hasty, Jr. National Partner in Charge IT Advisory Savannah, GA January 4, 2007
  • 2. Changes in the IT Audit Profession
    • Current Business and Regulatory Issues that Impact IT Auditors
    • Skills Needed by Today’s IT Audit Professional
  • 3. Changes in the IT Audit Profession
    • Current Business and Regulatory Issues that Impact IT Auditors
  • 4. Current Business and Regulatory Issues that Impact IT Auditors
    • Perception of the IT organization’s value
      • Performance
        • Almost 60% of organizations have either no process or only an informal process to measure realization of business benefits
        • For 50% of companies, IT Governance was not an integral part of their organization’s corporate governance
        • COBIT and ITIL frameworks are used effectively by less than 20% of organizations
        • Almost 50% of respondents had experienced at least one project failure in the past 12 months
  • 5. Current Business and Regulatory Issues that Impact IT Auditors , cont.
    • Perception of the IT organization’s value
      • Cost
        • Over 60% of organizations felt that the emphasis on cost targets & financial success criteria were about right in their IT outsourcing contracts, however, only 41% include financial measures in assessing overall benefits delivered by the outsourcing contract at the board level.
        • IT Outsourcing is being selectively and partially reversed by some organizations – especially in the areas of IT architecture, planning, and project management
        • Well over a majority of IT projects deliver on less than 75% of their business case benefits
        • Almost 50% of respondents reported project failure costs ranging from $500k to over $5M
  • 6. Current Business and Regulatory Issues that Impact IT Auditors , cont.
    • Business risks and regulatory pressures
      • Fortune 1000 companies expressed key Privacy related concerns:
        • Reputation damage 64%
        • Customer loss 44%
        • Privacy issues to grow in scope and scale 87%
        • High profile lawsuits expected 55%
    • Non-IT senior management involvement
      • Over 75% of senior executives say that they are not prepared to address new technologies, and over 80% are not prepared to address the manual workarounds produced by legacy systems
      • The finance function is involved in IT investment decisions about 90% of the time
  • 7. Current Business and Regulatory Issues that Impact IT Auditors , cont.
    • Post – SOX control misalignment
      • Over-specification, lack of automation and controls
        • IT controls posed the greatest challenge to 2005 SOX compliance efforts
        • Over 70% estimated that more than 60% of their controls were manual
      • Disparate underlying systems and processes
        • Over 60 % of companies surveyed globally were using dissimilar systems and spreadsheets/manual processes in their financial reporting process
        • Over 50% of the companies plan to implement a new IT system within the next 2 years
  • 8. Current Business and Regulatory Issues that Impact IT Auditors , cont.
    • Sarbanes Oxley Impact
      • Greater scrutiny of financial accounting and reporting processes
      • Significantly Increased Focus on the IT controls impacting external financial reporting – general controls and application controls
      • More focus on the end-to-end business cycles, such as order to cash, purchase to pay, customer relationship management, supply chain management
      • Significantly increased focus on compliance and ethics
  • 9. Current Business and Regulatory Issues that Impact IT Auditors , cont.
    • Changing Business Models
      • Many different models – shared services, outsourcing and off-shoring.
      • Significantly increased use of third parties for core functions
    • Technology Changes
      • ERP new releases; Business Intelligence; Service Oriented Architectures are delivering increased functionality and reporting capabilities.
      • The way business processes function and the embedded control features are changing.
  • 10. Changes in the IT Audit Profession
    • Skills Needed by Today’s IT Audit Professional
  • 11. Skills Needed by Today’s IT Audit Professional
    • Sarbanes Oxley / Regulations
      • Increased Knowledge of external financial reporting, accounting / audit requirements and financial reporting processes so that IT controls can be prioritized and evaluated in a manner that can be understood by key constituents – external auditors, CFO’s and key finance managers.
      • Increased understanding of compliance and ethics programs.
      • Increased Understanding of legal and regulatory requirements – contractual responsibilities relative to Third Parties, data protection and privacy laws .
  • 12. Skills Needed by Today’s IT Audit Professional, cont.
    • Changing Business Strategies and New Business Models
      • Increased Knowledge of Business Objectives and Strategies so IT functions, capabilities and controls can be considered within a Business context and prioritized based on business impact.
      • Increased understanding of alternative business models – e.g. outsourcing, off-shoring and shared services so that IT controls are understood and evaluated as the business model changes and relative to third party business relationships.
      • Increased Knowledge of global business issues – population shifts, use of global business models, cultural and regulatory differences.
  • 13. Skills Needed by Today’s IT Audit Professional, cont.
    • Technology Changes
      • As technologies provide enhanced end-to-end solutions, an increased understanding of business cycles and concepts, such as order to cash, purchase to pay, customer relationship management, supply chain management – so that IT controls are considered and evaluated at the process level across the enterprise.
      • Increased understanding of evolving technology trends – Service Oriented Architecture, Business Intelligence – so that IT control concepts are considered.
  • 14. Skills Needed by Today’s IT Audit Professional, cont.
    • Audit Integration
      • Increased Knowledge of IT Management and Control frameworks – ITIL, COBIT so that IT management and controls are understood from all dimensions and can be evaluated holistically.
      • Knowledge of non-IT audit requirements, so that IT audits can be integrated with audits that have operational, financial or regulatory objectives.
      • Communication skills to relate to a more varied set of constituents – Financial officers, legal counsel, third party relationships.
  • 15. Presenter’s contact details Stephen G. Hasty, Jr. KPMG LLP (704) 371-5234 [email_address] www.kpmg.com The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavor to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act on such information without appropriate professional advice after a thorough examination of the particular situation. ©2006 KPMG LLP, the U.S. member firm of KPMG International, a Swiss cooperative. All rights reserved.