SlideShare a Scribd company logo

Technology Audits- Today's Concerns , Tomorrow's Challenges

B
Biju Nair

Had the opportunity to speak at the Information Governance Forum 2017 organised by ISACA UAE Chapter. It was a great event in which the contributions of professionals in the fields of Information Security, Audit & Risk Management were recognized through ISACA Excellence Awards 2017. My talk was on the challenges I face as a Chief Audit Executive on how to manage Technology Audits effectively in an ever changing IT environment.

Leadership & Management
1 of 15
Download to read offline
Technology Audits Today’s Concerns - Tomorrow’s Challenges Biju Nair 26 April 2017 1IGF- 2017, ISACA UAE Chapter
AGENDA • Challenges of Auditing IT Controls in an ever changing IT environment. • Auditor’s role in balancing customer convenience with the right controls around digital products. • Block chain and distributed ledger technology: What will this and other evolving topics mean for audit? • How much of Technology Audit is enough to give a reasonable assurance to share holders? 26 April , 2017 2IGF- 2017, ISACA UAE Chapter
New Security Challenges every day for the organisation.. 326 April 2017
Challenges for the Board Audit Committees 4 Source: KPMG 2017 Global Audit Committee Pulse survey Audit Committees’ Top Challenges for 2017 26 April 2017
Challenges for the Internal Audit departments.. 5 Source: KPMG – Internal Audit – Top 10 considerations for 2017 . 26 April 2017
IT Audits – Key Concerns 6 Source: Protivity – IT Audit Best Practices Survey report. 26 April 2017
So where does all this leave the Auditors? • Auditors are in a perennial exploration to add value to the organsiation at the same time giving reasonable assurance on the control environment to the shareholders and Board of Directors. • To Achieve this Auditors should, • have in-depth knowledge of the business and the macro risks. • complete understanding of the underlying processes • analyse the risks involved at each step of the process • review the existing controls against each risk factors • provide quality audit reports to address the control gaps • be proactive in anticipating risks and help business to be prepared in a timely manner against such future risks. “ EASY TO PREACH , BUT DIFFICULT TO PRACTICE “ 726 April 2017
New Technological developments keeping auditors busy.. Cloud… Virtualisation… Mobility…. Agile & Scrum.. DevOps.. DLPs.. EndPoint Security.. Ransomware… BitCoins.. BlockChains.. Cognitive Security.. APTs & UTMs.. Threat intelligence, Artificial Intelligence & Behavioral analysis.. 826 April 2017
Blockchains and the Auditor • More than 700 Companies have entered the Blockchain arena of which at least 150 have solutions at implementation stages ( Source PWC @ World Blockchain forum in UAE) • Dubai has a Blockchain Strategy with a vision to have atleast 1000 usecases to be implemented using Blockchain by 2020. • Dubai Future Foundation & Smart Dubai Office lead the initiative. • Banks under the UBF (UAE Banks’ Federation) is working on a concept of Block Chain based KYC documentation. • Banks are piloting use cases like Cheque validation, Cross border remittances, TradeFinance & Logistics solutions using Blockchains. 926 April 2017
Business Challenges.. • It is not just the auditors who face challenges to catch up with the rapid growth in technology. • The Business always plays the catch-up game. • Banking in particular is seeing a transformation with more Millennials coming to banks’ core customer bases. “ I want a Bank where everything can happen through my phone. I want a set of services that are exclusively designed for me. I do not want to browse through several screens or menus that are irrelevant for me “ - And all these I need to do from my phone , which is of course jailbroken… “ BALANCE BETWEEN SECURITY CONTROLS & CUSTOMER CONVENIENCE“ 7 May, 2017 10PROJECT NAME
Balancing Controls & Convenience – say “NO” to one size fits all approach 11 Source- McKinsey Digital Survey 2016 26 April 2017
Art of managing an effective IT Audit function.. • How many IT Auditors and how many IT Audits? • IT Specific audits or Integrated audits? • Continuous Auditing or Risk based Annual Audit plans? • Can Audits leverage on Self Assessments.( CSA)? • Rely on external skills or develop internal skills? • Can IT Audit be Outsourced or Co-Sourced ? “ANSWERS DEPEND ON THE TECHNOLOGICAL MATURITY & ORGANISATIONAL DYNAMICS OF THE ORGANISATION “ 1226 April 2017
IT Audit Resource Organisation– the current status 26 April 2017 13 Source – ISACA & Protivity – 6th Annual Survey on IT Audit Best Practices
Conclusions • Mapping of IT Audit deliverables to Business Goals is key to ensure Value Added Audits. • IT Audit Functions, Internal Audit Departments & Board Audit Committees should be in sync on the key focus areas of Technology risks. • Continuing Professional Education is mandatory for IT Audit Professionals at all levels to stay relevant in their profession. • There is no “one size fits all” when it comes to recommending controls. • IT Audit Function is out of its Infancy, but is yet to achieve maturity. 7 May, 2017 14PROJECT NAME
7 May, 2017 15PROJECT NAME Thank You LinkedIn – bijurs Twitter – bijurs

Recommended

NUS-ISS Learning Day 2018- Business agility for business leaders
NUS-ISS Learning Day 2018- Business agility for business leadersNUS-ISS Learning Day 2018- Business agility for business leaders
NUS-ISS Learning Day 2018- Business agility for business leadersNUS-ISS
 
Presentation at Fintech Summit
Presentation at Fintech SummitPresentation at Fintech Summit
Presentation at Fintech Summitgenesesoftware
 
Mark Sage (AREA): Status of the AR in Enterprise Ecosystem and What Can We Do...
Mark Sage (AREA): Status of the AR in Enterprise Ecosystem and What Can We Do...Mark Sage (AREA): Status of the AR in Enterprise Ecosystem and What Can We Do...
Mark Sage (AREA): Status of the AR in Enterprise Ecosystem and What Can We Do...AugmentedWorldExpo
 
Real time analytics-inthe_cloud
Real time analytics-inthe_cloudReal time analytics-inthe_cloud
Real time analytics-inthe_cloudActian Corporation
 
Digital Disruption, ET Global Supply Chain Summit, April 2017
Digital Disruption, ET Global Supply Chain Summit, April 2017Digital Disruption, ET Global Supply Chain Summit, April 2017
Digital Disruption, ET Global Supply Chain Summit, April 2017Amit Verma
 
Ethical AI at VDAB, presented by Vincent Buekenhout (Ethical AI Lead, VDAB) a...
Ethical AI at VDAB, presented by Vincent Buekenhout (Ethical AI Lead, VDAB) a...Ethical AI at VDAB, presented by Vincent Buekenhout (Ethical AI Lead, VDAB) a...
Ethical AI at VDAB, presented by Vincent Buekenhout (Ethical AI Lead, VDAB) a...Patrick Van Renterghem
 
EdGE Networks in the Media | 2017
EdGE Networks in the Media | 2017EdGE Networks in the Media | 2017
EdGE Networks in the Media | 2017EdGE NetWorks
 
Keeping the Partners Honest Draft 2
Keeping the Partners Honest Draft 2Keeping the Partners Honest Draft 2
Keeping the Partners Honest Draft 2Catherine Skate
 

Recommended

NUS-ISS Learning Day 2018- Business agility for business leaders
NUS-ISS Learning Day 2018- Business agility for business leadersNUS-ISS Learning Day 2018- Business agility for business leaders
NUS-ISS Learning Day 2018- Business agility for business leadersNUS-ISS
 
Presentation at Fintech Summit
Presentation at Fintech SummitPresentation at Fintech Summit
Presentation at Fintech Summitgenesesoftware
 
Mark Sage (AREA): Status of the AR in Enterprise Ecosystem and What Can We Do...
Mark Sage (AREA): Status of the AR in Enterprise Ecosystem and What Can We Do...Mark Sage (AREA): Status of the AR in Enterprise Ecosystem and What Can We Do...
Mark Sage (AREA): Status of the AR in Enterprise Ecosystem and What Can We Do...AugmentedWorldExpo
 
Real time analytics-inthe_cloud
Real time analytics-inthe_cloudReal time analytics-inthe_cloud
Real time analytics-inthe_cloudActian Corporation
 
Digital Disruption, ET Global Supply Chain Summit, April 2017
Digital Disruption, ET Global Supply Chain Summit, April 2017Digital Disruption, ET Global Supply Chain Summit, April 2017
Digital Disruption, ET Global Supply Chain Summit, April 2017Amit Verma
 
Ethical AI at VDAB, presented by Vincent Buekenhout (Ethical AI Lead, VDAB) a...
Ethical AI at VDAB, presented by Vincent Buekenhout (Ethical AI Lead, VDAB) a...Ethical AI at VDAB, presented by Vincent Buekenhout (Ethical AI Lead, VDAB) a...
Ethical AI at VDAB, presented by Vincent Buekenhout (Ethical AI Lead, VDAB) a...Patrick Van Renterghem
 
EdGE Networks in the Media | 2017
EdGE Networks in the Media | 2017EdGE Networks in the Media | 2017
EdGE Networks in the Media | 2017EdGE NetWorks
 
Keeping the Partners Honest Draft 2
Keeping the Partners Honest Draft 2Keeping the Partners Honest Draft 2
Keeping the Partners Honest Draft 2Catherine Skate
 
SAS Institute: Big data and smarter analytics
SAS Institute: Big data and smarter analyticsSAS Institute: Big data and smarter analytics
SAS Institute: Big data and smarter analyticsNAFCU Services Corporation
 
Business as Unusual: Are You Ready?
Business as Unusual: Are You Ready?Business as Unusual: Are You Ready?
Business as Unusual: Are You Ready?Training Industry Conference & Expo
 
Implementing a Security Management Framework
Implementing a Security Management FrameworkImplementing a Security Management Framework
Implementing a Security Management FrameworkJoseph Wynn
 
IS and IT Auditor Roles in Today's New Economy
IS and IT Auditor Roles in Today's New EconomyIS and IT Auditor Roles in Today's New Economy
IS and IT Auditor Roles in Today's New EconomyGoutama Bachtiar
 
Cisco Connect 2018 Vietnam - Cisco services
Cisco Connect 2018 Vietnam - Cisco servicesCisco Connect 2018 Vietnam - Cisco services
Cisco Connect 2018 Vietnam - Cisco servicesNetworkCollaborators
 
[Cisco Connect 2018 - Vietnam] Jinjun cai print -cisco connect 2018 vn-cisc...
[Cisco Connect 2018 - Vietnam] Jinjun cai print -cisco connect 2018 vn-cisc...[Cisco Connect 2018 - Vietnam] Jinjun cai print -cisco connect 2018 vn-cisc...
[Cisco Connect 2018 - Vietnam] Jinjun cai print -cisco connect 2018 vn-cisc...Nur Shiqim Chok
 
CISSP Online & Classroom Training & Certification Course - ievision.org
CISSP Online & Classroom Training & Certification Course - ievision.orgCISSP Online & Classroom Training & Certification Course - ievision.org
CISSP Online & Classroom Training & Certification Course - ievision.orgIEVISION IT SERVICES Pvt. Ltd
 
AI for Analysts June 2016
AI for Analysts June 2016AI for Analysts June 2016
AI for Analysts June 2016Boulder Equity Analytics
 
ASK Finance.pptx
ASK Finance.pptxASK Finance.pptx
ASK Finance.pptxnikhil394064
 
Cisco Connect 2018 Singapore - Do more than keep the lights on
Cisco Connect 2018 Singapore - Do more than keep the lights onCisco Connect 2018 Singapore - Do more than keep the lights on
Cisco Connect 2018 Singapore - Do more than keep the lights onNetworkCollaborators
 
Cisco Connect 2018 Philippines - do more than keeping the lights on
Cisco Connect 2018 Philippines - do more than keeping the lights onCisco Connect 2018 Philippines - do more than keeping the lights on
Cisco Connect 2018 Philippines - do more than keeping the lights onNetworkCollaborators
 
Cisco Connect 2018 Indonesia - Do More Than Keep The Lights On
Cisco Connect 2018 Indonesia - Do More Than Keep The Lights OnCisco Connect 2018 Indonesia - Do More Than Keep The Lights On
Cisco Connect 2018 Indonesia - Do More Than Keep The Lights OnNetworkCollaborators
 
[Cisco Connect 2018 - Vietnam] Pauline hampshire changing the security equa...
[Cisco Connect 2018 - Vietnam] Pauline hampshire changing the security equa...[Cisco Connect 2018 - Vietnam] Pauline hampshire changing the security equa...
[Cisco Connect 2018 - Vietnam] Pauline hampshire changing the security equa...Nur Shiqim Chok
 
Data is not the new snake oil
Data is not the new snake oilData is not the new snake oil
Data is not the new snake oilAkshay Regulagedda
 
COBIT Approach to Maintain Healthy Cyber Security Status Using NIST - CSF
COBIT Approach to Maintain Healthy Cyber Security Status Using NIST - CSF COBIT Approach to Maintain Healthy Cyber Security Status Using NIST - CSF
COBIT Approach to Maintain Healthy Cyber Security Status Using NIST - CSF aqel aqel
 
[Cisco Connect 2018 - Vietnam] Pauline hampshire vietnam cisco connect with...
[Cisco Connect 2018 - Vietnam] Pauline hampshire vietnam cisco connect with...[Cisco Connect 2018 - Vietnam] Pauline hampshire vietnam cisco connect with...
[Cisco Connect 2018 - Vietnam] Pauline hampshire vietnam cisco connect with...Nur Shiqim Chok
 
Better Software is Better than Worse Software - Michael Coté
Better Software is Better than Worse Software - Michael CotéBetter Software is Better than Worse Software - Michael Coté
Better Software is Better than Worse Software - Michael CotéVMware Tanzu
 
Roubini ThoughtLab-Cisco Wealth 2021-Go Digital or Bust Webinar January 31, 2017
Roubini ThoughtLab-Cisco Wealth 2021-Go Digital or Bust Webinar January 31, 2017Roubini ThoughtLab-Cisco Wealth 2021-Go Digital or Bust Webinar January 31, 2017
Roubini ThoughtLab-Cisco Wealth 2021-Go Digital or Bust Webinar January 31, 2017Econsult Solutions, Inc.
 
Cissp Training |IEVISION
Cissp Training |IEVISION Cissp Training |IEVISION
Cissp Training |IEVISION IEVISION IT SERVICES Pvt. Ltd
 
Cissp training and certification in mumbai
Cissp training and certification in mumbaiCissp training and certification in mumbai
Cissp training and certification in mumbaiIEVISION IT SERVICES Pvt. Ltd
 
W.H.Bender Quote 62 - Always strive to be a Hospitality Service professional
W.H.Bender Quote 62 - Always strive to be a Hospitality Service professionalW.H.Bender Quote 62 - Always strive to be a Hospitality Service professional
W.H.Bender Quote 62 - Always strive to be a Hospitality Service professionalWilliam (Bill) H. Bender, FCSI
 
Beyond the Codes_Repositioning towards sustainable development
Beyond the Codes_Repositioning towards sustainable developmentBeyond the Codes_Repositioning towards sustainable development
Beyond the Codes_Repositioning towards sustainable developmentNimot Muili
 

More Related Content

Similar to Technology Audits- Today's Concerns , Tomorrow's Challenges

Implementing a Security Management Framework
Implementing a Security Management FrameworkImplementing a Security Management Framework
Implementing a Security Management FrameworkJoseph Wynn
 
IS and IT Auditor Roles in Today's New Economy
IS and IT Auditor Roles in Today's New EconomyIS and IT Auditor Roles in Today's New Economy
IS and IT Auditor Roles in Today's New EconomyGoutama Bachtiar
 
Cisco Connect 2018 Vietnam - Cisco services
Cisco Connect 2018 Vietnam - Cisco servicesCisco Connect 2018 Vietnam - Cisco services
Cisco Connect 2018 Vietnam - Cisco servicesNetworkCollaborators
 
[Cisco Connect 2018 - Vietnam] Jinjun cai print -cisco connect 2018 vn-cisc...
[Cisco Connect 2018 - Vietnam] Jinjun cai print -cisco connect 2018 vn-cisc...[Cisco Connect 2018 - Vietnam] Jinjun cai print -cisco connect 2018 vn-cisc...
[Cisco Connect 2018 - Vietnam] Jinjun cai print -cisco connect 2018 vn-cisc...Nur Shiqim Chok
 
CISSP Online & Classroom Training & Certification Course - ievision.org
CISSP Online & Classroom Training & Certification Course - ievision.orgCISSP Online & Classroom Training & Certification Course - ievision.org
CISSP Online & Classroom Training & Certification Course - ievision.orgIEVISION IT SERVICES Pvt. Ltd
 
Cisco Connect 2018 Singapore - Do more than keep the lights on
Cisco Connect 2018 Singapore - Do more than keep the lights onCisco Connect 2018 Singapore - Do more than keep the lights on
Cisco Connect 2018 Singapore - Do more than keep the lights onNetworkCollaborators
 
Cisco Connect 2018 Philippines - do more than keeping the lights on
Cisco Connect 2018 Philippines - do more than keeping the lights onCisco Connect 2018 Philippines - do more than keeping the lights on
Cisco Connect 2018 Philippines - do more than keeping the lights onNetworkCollaborators
 
Cisco Connect 2018 Indonesia - Do More Than Keep The Lights On
Cisco Connect 2018 Indonesia - Do More Than Keep The Lights OnCisco Connect 2018 Indonesia - Do More Than Keep The Lights On
Cisco Connect 2018 Indonesia - Do More Than Keep The Lights OnNetworkCollaborators
 
[Cisco Connect 2018 - Vietnam] Pauline hampshire changing the security equa...
[Cisco Connect 2018 - Vietnam] Pauline hampshire changing the security equa...[Cisco Connect 2018 - Vietnam] Pauline hampshire changing the security equa...
[Cisco Connect 2018 - Vietnam] Pauline hampshire changing the security equa...Nur Shiqim Chok
 
COBIT Approach to Maintain Healthy Cyber Security Status Using NIST - CSF
COBIT Approach to Maintain Healthy Cyber Security Status Using NIST - CSF COBIT Approach to Maintain Healthy Cyber Security Status Using NIST - CSF
COBIT Approach to Maintain Healthy Cyber Security Status Using NIST - CSF aqel aqel
 
[Cisco Connect 2018 - Vietnam] Pauline hampshire vietnam cisco connect with...
[Cisco Connect 2018 - Vietnam] Pauline hampshire vietnam cisco connect with...[Cisco Connect 2018 - Vietnam] Pauline hampshire vietnam cisco connect with...
[Cisco Connect 2018 - Vietnam] Pauline hampshire vietnam cisco connect with...Nur Shiqim Chok
 
Better Software is Better than Worse Software - Michael Coté
Better Software is Better than Worse Software - Michael CotéBetter Software is Better than Worse Software - Michael Coté
Better Software is Better than Worse Software - Michael CotéVMware Tanzu
 
Roubini ThoughtLab-Cisco Wealth 2021-Go Digital or Bust Webinar January 31, 2017
Roubini ThoughtLab-Cisco Wealth 2021-Go Digital or Bust Webinar January 31, 2017Roubini ThoughtLab-Cisco Wealth 2021-Go Digital or Bust Webinar January 31, 2017
Roubini ThoughtLab-Cisco Wealth 2021-Go Digital or Bust Webinar January 31, 2017Econsult Solutions, Inc.
 

Similar to Technology Audits- Today's Concerns , Tomorrow's Challenges (20)

SAS Institute: Big data and smarter analytics
SAS Institute: Big data and smarter analyticsSAS Institute: Big data and smarter analytics
SAS Institute: Big data and smarter analytics
 
Business as Unusual: Are You Ready?
Business as Unusual: Are You Ready?Business as Unusual: Are You Ready?
Business as Unusual: Are You Ready?
 
Implementing a Security Management Framework
Implementing a Security Management FrameworkImplementing a Security Management Framework
Implementing a Security Management Framework
 
IS and IT Auditor Roles in Today's New Economy
IS and IT Auditor Roles in Today's New EconomyIS and IT Auditor Roles in Today's New Economy
IS and IT Auditor Roles in Today's New Economy
 
Cisco Connect 2018 Vietnam - Cisco services
Cisco Connect 2018 Vietnam - Cisco servicesCisco Connect 2018 Vietnam - Cisco services
Cisco Connect 2018 Vietnam - Cisco services
 
[Cisco Connect 2018 - Vietnam] Jinjun cai print -cisco connect 2018 vn-cisc...
[Cisco Connect 2018 - Vietnam] Jinjun cai print -cisco connect 2018 vn-cisc...[Cisco Connect 2018 - Vietnam] Jinjun cai print -cisco connect 2018 vn-cisc...
[Cisco Connect 2018 - Vietnam] Jinjun cai print -cisco connect 2018 vn-cisc...
 
CISSP Online & Classroom Training & Certification Course - ievision.org
CISSP Online & Classroom Training & Certification Course - ievision.orgCISSP Online & Classroom Training & Certification Course - ievision.org
CISSP Online & Classroom Training & Certification Course - ievision.org
 
AI for Analysts June 2016
AI for Analysts June 2016AI for Analysts June 2016
AI for Analysts June 2016
 
ASK Finance.pptx
ASK Finance.pptxASK Finance.pptx
ASK Finance.pptx
 
Cisco Connect 2018 Singapore - Do more than keep the lights on
Cisco Connect 2018 Singapore - Do more than keep the lights onCisco Connect 2018 Singapore - Do more than keep the lights on
Cisco Connect 2018 Singapore - Do more than keep the lights on
 
Cisco Connect 2018 Philippines - do more than keeping the lights on
Cisco Connect 2018 Philippines - do more than keeping the lights onCisco Connect 2018 Philippines - do more than keeping the lights on
Cisco Connect 2018 Philippines - do more than keeping the lights on
 
Cisco Connect 2018 Indonesia - Do More Than Keep The Lights On
Cisco Connect 2018 Indonesia - Do More Than Keep The Lights OnCisco Connect 2018 Indonesia - Do More Than Keep The Lights On
Cisco Connect 2018 Indonesia - Do More Than Keep The Lights On
 
[Cisco Connect 2018 - Vietnam] Pauline hampshire changing the security equa...
[Cisco Connect 2018 - Vietnam] Pauline hampshire changing the security equa...[Cisco Connect 2018 - Vietnam] Pauline hampshire changing the security equa...
[Cisco Connect 2018 - Vietnam] Pauline hampshire changing the security equa...
 
Data is not the new snake oil
Data is not the new snake oilData is not the new snake oil
Data is not the new snake oil
 
COBIT Approach to Maintain Healthy Cyber Security Status Using NIST - CSF
COBIT Approach to Maintain Healthy Cyber Security Status Using NIST - CSF COBIT Approach to Maintain Healthy Cyber Security Status Using NIST - CSF
COBIT Approach to Maintain Healthy Cyber Security Status Using NIST - CSF
 
[Cisco Connect 2018 - Vietnam] Pauline hampshire vietnam cisco connect with...
[Cisco Connect 2018 - Vietnam] Pauline hampshire vietnam cisco connect with...[Cisco Connect 2018 - Vietnam] Pauline hampshire vietnam cisco connect with...
[Cisco Connect 2018 - Vietnam] Pauline hampshire vietnam cisco connect with...
 
Better Software is Better than Worse Software - Michael Coté
Better Software is Better than Worse Software - Michael CotéBetter Software is Better than Worse Software - Michael Coté
Better Software is Better than Worse Software - Michael Coté
 
Roubini ThoughtLab-Cisco Wealth 2021-Go Digital or Bust Webinar January 31, 2017
Roubini ThoughtLab-Cisco Wealth 2021-Go Digital or Bust Webinar January 31, 2017Roubini ThoughtLab-Cisco Wealth 2021-Go Digital or Bust Webinar January 31, 2017
Roubini ThoughtLab-Cisco Wealth 2021-Go Digital or Bust Webinar January 31, 2017
 
Cissp Training |IEVISION
Cissp Training |IEVISION Cissp Training |IEVISION
Cissp Training |IEVISION
 
Cissp training and certification in mumbai
Cissp training and certification in mumbaiCissp training and certification in mumbai
Cissp training and certification in mumbai
 

Recently uploaded

W.H.Bender Quote 62 - Always strive to be a Hospitality Service professional
W.H.Bender Quote 62 - Always strive to be a Hospitality Service professionalW.H.Bender Quote 62 - Always strive to be a Hospitality Service professional
W.H.Bender Quote 62 - Always strive to be a Hospitality Service professionalWilliam (Bill) H. Bender, FCSI
 
Beyond the Codes_Repositioning towards sustainable development
Beyond the Codes_Repositioning towards sustainable developmentBeyond the Codes_Repositioning towards sustainable development
Beyond the Codes_Repositioning towards sustainable developmentNimot Muili
 
digital Human resource management presentation.pdf
digital Human resource management presentation.pdfdigital Human resource management presentation.pdf
digital Human resource management presentation.pdfArtiSrivastava23
 
internship thesis pakistan aeronautical complex kamra
internship thesis pakistan aeronautical complex kamrainternship thesis pakistan aeronautical complex kamra
internship thesis pakistan aeronautical complex kamraAllTops
 
Dealing with Poor Performance - get the full picture from 3C Performance Mana...
Dealing with Poor Performance - get the full picture from 3C Performance Mana...Dealing with Poor Performance - get the full picture from 3C Performance Mana...
Dealing with Poor Performance - get the full picture from 3C Performance Mana...Hedda Bird
 
Independent Escorts Vikaspuri / 9899900591 High Profile Escort Service in Delhi
Independent Escorts Vikaspuri / 9899900591 High Profile Escort Service in DelhiIndependent Escorts Vikaspuri / 9899900591 High Profile Escort Service in Delhi
Independent Escorts Vikaspuri / 9899900591 High Profile Escort Service in Delhiguptaswati8536
 
Leaders enhance communication by actively listening, providing constructive f...
Leaders enhance communication by actively listening, providing constructive f...Leaders enhance communication by actively listening, providing constructive f...
Leaders enhance communication by actively listening, providing constructive f...Ram V Chary
 
The Psychology Of Motivation - Richard Brown
The Psychology Of Motivation - Richard BrownThe Psychology Of Motivation - Richard Brown
The Psychology Of Motivation - Richard BrownSandaliGurusinghe2
 
Reviewing and summarization of university ranking system to.pptx
Reviewing and summarization of university ranking system to.pptxReviewing and summarization of university ranking system to.pptx
Reviewing and summarization of university ranking system to.pptxAss.Prof. Dr. Mogeeb Mosleh
 
Strategic Management, Vision Mission, Internal Analsysis
Strategic Management, Vision Mission, Internal AnalsysisStrategic Management, Vision Mission, Internal Analsysis
Strategic Management, Vision Mission, Internal Analsysistanmayarora45
 
Safety T fire missions army field Artillery
Safety T fire missions army field ArtillerySafety T fire missions army field Artillery
Safety T fire missions army field ArtilleryKennethSwanberg
 
Agile Coaching Change Management Framework.pptx
Agile Coaching Change Management Framework.pptxAgile Coaching Change Management Framework.pptx
Agile Coaching Change Management Framework.pptxalinstan901
 
How Software Developers Destroy Business Value.pptx
How Software Developers Destroy Business Value.pptxHow Software Developers Destroy Business Value.pptx
How Software Developers Destroy Business Value.pptxAaron Stannard
 
Marketing Management 16th edition by Philip Kotler test bank.docx
Marketing Management 16th edition by Philip Kotler test bank.docxMarketing Management 16th edition by Philip Kotler test bank.docx
Marketing Management 16th edition by Philip Kotler test bank.docxssuserf63bd7
 
International Ocean Transportation p.pdf
International Ocean Transportation p.pdfInternational Ocean Transportation p.pdf
International Ocean Transportation p.pdfAlejandromexEspino
 

Recently uploaded (17)

W.H.Bender Quote 62 - Always strive to be a Hospitality Service professional
W.H.Bender Quote 62 - Always strive to be a Hospitality Service professionalW.H.Bender Quote 62 - Always strive to be a Hospitality Service professional
W.H.Bender Quote 62 - Always strive to be a Hospitality Service professional
 
Beyond the Codes_Repositioning towards sustainable development
Beyond the Codes_Repositioning towards sustainable developmentBeyond the Codes_Repositioning towards sustainable development
Beyond the Codes_Repositioning towards sustainable development
 
digital Human resource management presentation.pdf
digital Human resource management presentation.pdfdigital Human resource management presentation.pdf
digital Human resource management presentation.pdf
 
internship thesis pakistan aeronautical complex kamra
internship thesis pakistan aeronautical complex kamrainternship thesis pakistan aeronautical complex kamra
internship thesis pakistan aeronautical complex kamra
 
Dealing with Poor Performance - get the full picture from 3C Performance Mana...
Dealing with Poor Performance - get the full picture from 3C Performance Mana...Dealing with Poor Performance - get the full picture from 3C Performance Mana...
Dealing with Poor Performance - get the full picture from 3C Performance Mana...
 
Intro_University_Ranking_Introduction.pptx
Intro_University_Ranking_Introduction.pptxIntro_University_Ranking_Introduction.pptx
Intro_University_Ranking_Introduction.pptx
 
Independent Escorts Vikaspuri / 9899900591 High Profile Escort Service in Delhi
Independent Escorts Vikaspuri / 9899900591 High Profile Escort Service in DelhiIndependent Escorts Vikaspuri / 9899900591 High Profile Escort Service in Delhi
Independent Escorts Vikaspuri / 9899900591 High Profile Escort Service in Delhi
 
Leaders enhance communication by actively listening, providing constructive f...
Leaders enhance communication by actively listening, providing constructive f...Leaders enhance communication by actively listening, providing constructive f...
Leaders enhance communication by actively listening, providing constructive f...
 
Abortion pills in Jeddah |• +966572737505 ] GET CYTOTEC
Abortion pills in Jeddah |• +966572737505 ] GET CYTOTECAbortion pills in Jeddah |• +966572737505 ] GET CYTOTEC
Abortion pills in Jeddah |• +966572737505 ] GET CYTOTEC
 
The Psychology Of Motivation - Richard Brown
The Psychology Of Motivation - Richard BrownThe Psychology Of Motivation - Richard Brown
The Psychology Of Motivation - Richard Brown
 
Reviewing and summarization of university ranking system to.pptx
Reviewing and summarization of university ranking system to.pptxReviewing and summarization of university ranking system to.pptx
Reviewing and summarization of university ranking system to.pptx
 
Strategic Management, Vision Mission, Internal Analsysis
Strategic Management, Vision Mission, Internal AnalsysisStrategic Management, Vision Mission, Internal Analsysis
Strategic Management, Vision Mission, Internal Analsysis
 
Safety T fire missions army field Artillery
Safety T fire missions army field ArtillerySafety T fire missions army field Artillery
Safety T fire missions army field Artillery
 
Agile Coaching Change Management Framework.pptx
Agile Coaching Change Management Framework.pptxAgile Coaching Change Management Framework.pptx
Agile Coaching Change Management Framework.pptx
 
How Software Developers Destroy Business Value.pptx
How Software Developers Destroy Business Value.pptxHow Software Developers Destroy Business Value.pptx
How Software Developers Destroy Business Value.pptx
 
Marketing Management 16th edition by Philip Kotler test bank.docx
Marketing Management 16th edition by Philip Kotler test bank.docxMarketing Management 16th edition by Philip Kotler test bank.docx
Marketing Management 16th edition by Philip Kotler test bank.docx
 
International Ocean Transportation p.pdf
International Ocean Transportation p.pdfInternational Ocean Transportation p.pdf
International Ocean Transportation p.pdf
 

Technology Audits- Today's Concerns , Tomorrow's Challenges

  • 1. Technology Audits Today’s Concerns - Tomorrow’s Challenges Biju Nair 26 April 2017 1IGF- 2017, ISACA UAE Chapter
  • 2. AGENDA • Challenges of Auditing IT Controls in an ever changing IT environment. • Auditor’s role in balancing customer convenience with the right controls around digital products. • Block chain and distributed ledger technology: What will this and other evolving topics mean for audit? • How much of Technology Audit is enough to give a reasonable assurance to share holders? 26 April , 2017 2IGF- 2017, ISACA UAE Chapter
  • 3. New Security Challenges every day for the organisation.. 326 April 2017
  • 4. Challenges for the Board Audit Committees 4 Source: KPMG 2017 Global Audit Committee Pulse survey Audit Committees’ Top Challenges for 2017 26 April 2017
  • 5. Challenges for the Internal Audit departments.. 5 Source: KPMG – Internal Audit – Top 10 considerations for 2017 . 26 April 2017
  • 6. IT Audits – Key Concerns 6 Source: Protivity – IT Audit Best Practices Survey report. 26 April 2017
  • 7. So where does all this leave the Auditors? • Auditors are in a perennial exploration to add value to the organsiation at the same time giving reasonable assurance on the control environment to the shareholders and Board of Directors. • To Achieve this Auditors should, • have in-depth knowledge of the business and the macro risks. • complete understanding of the underlying processes • analyse the risks involved at each step of the process • review the existing controls against each risk factors • provide quality audit reports to address the control gaps • be proactive in anticipating risks and help business to be prepared in a timely manner against such future risks. “ EASY TO PREACH , BUT DIFFICULT TO PRACTICE “ 726 April 2017
  • 8. New Technological developments keeping auditors busy.. Cloud… Virtualisation… Mobility…. Agile & Scrum.. DevOps.. DLPs.. EndPoint Security.. Ransomware… BitCoins.. BlockChains.. Cognitive Security.. APTs & UTMs.. Threat intelligence, Artificial Intelligence & Behavioral analysis.. 826 April 2017
  • 9. Blockchains and the Auditor • More than 700 Companies have entered the Blockchain arena of which at least 150 have solutions at implementation stages ( Source PWC @ World Blockchain forum in UAE) • Dubai has a Blockchain Strategy with a vision to have atleast 1000 usecases to be implemented using Blockchain by 2020. • Dubai Future Foundation & Smart Dubai Office lead the initiative. • Banks under the UBF (UAE Banks’ Federation) is working on a concept of Block Chain based KYC documentation. • Banks are piloting use cases like Cheque validation, Cross border remittances, TradeFinance & Logistics solutions using Blockchains. 926 April 2017
  • 10. Business Challenges.. • It is not just the auditors who face challenges to catch up with the rapid growth in technology. • The Business always plays the catch-up game. • Banking in particular is seeing a transformation with more Millennials coming to banks’ core customer bases. “ I want a Bank where everything can happen through my phone. I want a set of services that are exclusively designed for me. I do not want to browse through several screens or menus that are irrelevant for me “ - And all these I need to do from my phone , which is of course jailbroken… “ BALANCE BETWEEN SECURITY CONTROLS & CUSTOMER CONVENIENCE“ 7 May, 2017 10PROJECT NAME
  • 11. Balancing Controls & Convenience – say “NO” to one size fits all approach 11 Source- McKinsey Digital Survey 2016 26 April 2017
  • 12. Art of managing an effective IT Audit function.. • How many IT Auditors and how many IT Audits? • IT Specific audits or Integrated audits? • Continuous Auditing or Risk based Annual Audit plans? • Can Audits leverage on Self Assessments.( CSA)? • Rely on external skills or develop internal skills? • Can IT Audit be Outsourced or Co-Sourced ? “ANSWERS DEPEND ON THE TECHNOLOGICAL MATURITY & ORGANISATIONAL DYNAMICS OF THE ORGANISATION “ 1226 April 2017
  • 13. IT Audit Resource Organisation– the current status 26 April 2017 13 Source – ISACA & Protivity – 6th Annual Survey on IT Audit Best Practices
  • 14. Conclusions • Mapping of IT Audit deliverables to Business Goals is key to ensure Value Added Audits. • IT Audit Functions, Internal Audit Departments & Board Audit Committees should be in sync on the key focus areas of Technology risks. • Continuing Professional Education is mandatory for IT Audit Professionals at all levels to stay relevant in their profession. • There is no “one size fits all” when it comes to recommending controls. • IT Audit Function is out of its Infancy, but is yet to achieve maturity. 7 May, 2017 14PROJECT NAME
  • 15. 7 May, 2017 15PROJECT NAME Thank You LinkedIn – bijurs Twitter – bijurs