Introduction to IT AuditingIyadMourtada, CIA, CFE, CMA, CPLP, M.A.
Information security remains a critical risk
Information security remains a critical risk
Understand New Risks
Governance, Risk management and Compliance (GRC)  “A system of people, processes and technology  that enables an organizat...
Governance, Risk management and Compliance (GRC)
Certified Information Systems Auditor (CISA)
- More than 87,000 professionals in over 150 countrieshave earned the CISA designation since its inception in1978.- Consis...
- More than 87,000 professionals in over 150 countrieshave earned the CISA designation since its inception in1978.- Consis...
Intro to IT Auditing
Intro to IT Auditing
Intro to IT Auditing
Intro to IT Auditing
Upcoming SlideShare
Loading in...5
×

Intro to IT Auditing

525

Published on

Published in: Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
525
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
38
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • The Problem with outsourcing If the organization decided to outsource its internal audit function, they should really consider how this transition will happen. (Internal Audit Provider goals may increase engagements, make money from the process, while the objectives of the organization is assess internal control and risks)
  • The Problem with outsourcing If the organization decided to outsource its internal audit function, they should really consider how this transition will happen. (Internal Audit Provider goals may increase engagements, make money from the process, while the objectives of the organization is assess internal control and risks)
  • Widespread interest in GRC was sparked by the US Sarbanes-Oxley Act and the need for US listed companies to design and implement suitable governance controls for SOX compliance, but the focus of GRC has since shifted towards adding business value through improving operational decision making and strategic planning. It therefore has relevance beyond the SOX world.Governance, Risk, and Compliance or "GRC" is an increasingly recognized term that reflects a new way in which organizations are adopting an integrated approach to these aspects of their business.Automate the processes that company use based on the policy to ensure compliance
  • The scope of internal auditing has grown significantly, from finance to regulatory compliance to risk management to operations. The key today is for organizations to identify meaningful ways to use resources devoted to auditing andimprovingbusiness performance and create more value for the organization.Internal auditors have been adopting GRC software that can easily link information about the company’s organization, efficiency, and risk profile with business process knowledge and how these processes relate to risk and control objectives.
  • Intro to IT Auditing

    1. 1. Introduction to IT AuditingIyadMourtada, CIA, CFE, CMA, CPLP, M.A.
    2. 2. Information security remains a critical risk
    3. 3. Information security remains a critical risk
    4. 4. Understand New Risks
    5. 5. Governance, Risk management and Compliance (GRC) “A system of people, processes and technology that enables an organization to understand and prioritize stakeholder expectations; set business objectives that are congruent with values and risks; achieve objectives while optimizing risk profile and protecting value; operate within legal, contractual, internal, social and ethical boundaries; provide relevant, reliable and timely information to appropriate stakeholders; and enable the measurement of the performance and effectiveness of the system.”Norman Marks
    6. 6. Governance, Risk management and Compliance (GRC)
    7. 7. Certified Information Systems Auditor (CISA)
    8. 8. - More than 87,000 professionals in over 150 countrieshave earned the CISA designation since its inception in1978.- Consistently ranked as one of the highest paying andsought-after IT certifications.- Considered a pre-requisite by many companies andgovernmental agencies.- Accredited by the American National StandardsInstitute (ANSI) under ISO/IEC 17024, an internationalaccreditation.- The U.S. Department of Defense (DoD) 8570.01-M“Information Assurance Workforce ImprovementProgram” manual named CISA certifications amongthose approved for DoD information assurance (IA)professionals.
    9. 9. - More than 87,000 professionals in over 150 countrieshave earned the CISA designation since its inception in1978.- Consistently ranked as one of the highest paying andsought-after IT certifications.- Considered a pre-requisite by many companies andgovernmental agencies.- Accredited by the American National StandardsInstitute (ANSI) under ISO/IEC 17024, an internationalaccreditation.- The U.S. Department of Defense (DoD) 8570.01-M“Information Assurance Workforce ImprovementProgram” manual named CISA certifications amongthose approved for DoD information assurance (IA)professionals.
    1. A particular slide catching your eye?

      Clipping is a handy way to collect important slides you want to go back to later.

    ×