This document provides an overview of proposed revisions to the International Code of Ethics for Professional Accountants (Code) related to technology. It begins with background on recognizing the transformative effects of technology and the need to address ethics implications. An overview of the revisions is presented, which are informed by prior reports and surveys. Key focus areas of the revisions include enhancing the relevance of the Code for the digital age, addressing competence and skills for technology, and strengthening independence requirements for technology-related services. The revisions are intended to help ensure the Code remains fit for purpose as technologies evolve. Comments on the exposure draft are due by June 20, 2022.
The document provides an overview of technology auditing and internal auditing processes. It discusses:
1. The objectives and composition of technology audits, which identify potential issues, assess capabilities, and optimize technology use.
2. The types of audits - internal audits assess processes, external audits are implemented by external parties, and continuous auditing is ongoing.
3. The steps for internal audits, which include developing audit strategies, planning specific audits, conducting audits, communicating results, and advising on improvements.
Capability assessment of IT Governance using COBIT 4 Process Assessment Model (PAM). Presented for Information System Department, Universitas Bakrie - Indonesia
The document summarizes a technology audit process conducted by Inspace that assesses an organization's IT infrastructure and utilization in three tiers:
1. Understanding business goals and mapping current IT deployment
2. Detailed study of hardware, software, security, processes, and user experience
3. Producing a report with recommendations to optimize ROI, including productivity, security, and cost benefits.
The audit examines areas like networking, servers, backup systems, desktops and more to evaluate performance and identify issues impacting systems and business operations. Recommendations aim to improve efficiency and uptime through industry best practices.
Understanding IT Strategy, Sourcing and Vendor RelationshipsGoutama Bachtiar
This document discusses IT strategy, sourcing, and vendor relationships. It covers key topics such as:
1. Aligning IT strategy with business strategy and exploring different IT governance models.
2. Examining IT operating plans and sourcing strategies, including discussions of outsourcing, offshoring, and the outsourcing lifecycle.
3. Important considerations for commencing relationships with IT vendors, including vendor selection, contracts, and financial stability.
IT Governance – The missing compass in a technology changing worldPECB
Oladapo Ogundeji, CTO of Digital Jewels Ltd, gave a presentation on IT governance and its importance in today's technology changing world. He discussed that IT governance provides a formal process to define IT strategy and oversee its execution to achieve business goals. It also helps balance priorities like maximizing returns, increasing agility, and mitigating risks. Ogundeji covered frameworks like COBIT 5 and ISO 38500 that provide guidance on implementing IT governance and highlighted critical success factors like executive commitment, focus on execution, and competence in resources.
Valuing Information Management and IT ArchitectureGoutama Bachtiar
Delivered in guest lecture session for International Business Accounting Program, Faculty of Business and Management, Petra Christian University, Surabaya, East Java, Indonesia.
Understanding IT Governance and Risk Managementjiricejka
Describes IT Governance Holistic Framework for establishing transparent relation between Business and IT environment.
Describes Governance services and Risk Management Methods
The document provides an overview of technology auditing and internal auditing processes. It discusses:
1. The objectives and composition of technology audits, which identify potential issues, assess capabilities, and optimize technology use.
2. The types of audits - internal audits assess processes, external audits are implemented by external parties, and continuous auditing is ongoing.
3. The steps for internal audits, which include developing audit strategies, planning specific audits, conducting audits, communicating results, and advising on improvements.
Capability assessment of IT Governance using COBIT 4 Process Assessment Model (PAM). Presented for Information System Department, Universitas Bakrie - Indonesia
The document summarizes a technology audit process conducted by Inspace that assesses an organization's IT infrastructure and utilization in three tiers:
1. Understanding business goals and mapping current IT deployment
2. Detailed study of hardware, software, security, processes, and user experience
3. Producing a report with recommendations to optimize ROI, including productivity, security, and cost benefits.
The audit examines areas like networking, servers, backup systems, desktops and more to evaluate performance and identify issues impacting systems and business operations. Recommendations aim to improve efficiency and uptime through industry best practices.
Understanding IT Strategy, Sourcing and Vendor RelationshipsGoutama Bachtiar
This document discusses IT strategy, sourcing, and vendor relationships. It covers key topics such as:
1. Aligning IT strategy with business strategy and exploring different IT governance models.
2. Examining IT operating plans and sourcing strategies, including discussions of outsourcing, offshoring, and the outsourcing lifecycle.
3. Important considerations for commencing relationships with IT vendors, including vendor selection, contracts, and financial stability.
IT Governance – The missing compass in a technology changing worldPECB
Oladapo Ogundeji, CTO of Digital Jewels Ltd, gave a presentation on IT governance and its importance in today's technology changing world. He discussed that IT governance provides a formal process to define IT strategy and oversee its execution to achieve business goals. It also helps balance priorities like maximizing returns, increasing agility, and mitigating risks. Ogundeji covered frameworks like COBIT 5 and ISO 38500 that provide guidance on implementing IT governance and highlighted critical success factors like executive commitment, focus on execution, and competence in resources.
Valuing Information Management and IT ArchitectureGoutama Bachtiar
Delivered in guest lecture session for International Business Accounting Program, Faculty of Business and Management, Petra Christian University, Surabaya, East Java, Indonesia.
Understanding IT Governance and Risk Managementjiricejka
Describes IT Governance Holistic Framework for establishing transparent relation between Business and IT environment.
Describes Governance services and Risk Management Methods
This document discusses key considerations for IT internal audits related to information security and business continuity management. It outlines several audits that an IT internal audit function can perform to evaluate an organization's information security strategy and program, including assessments of the information security program, the threat and vulnerability management program, and performing vulnerability assessments. It also discusses how business continuity has increased in importance given disruptions from events like natural disasters and infrastructure failures, and the need for organizations to have effective business continuity management. The document provides context around risks to information from both internal and external threats and how IT internal audit can help evaluate controls.
Info-Tech is the most innovative firm in the industry, and we pride ourselves on delivering better research than anyone.
Become a member and unlock a range of data-driven tools and resources to drive systematic IT improvement.
The document provides information about an upcoming training on IT Governance to be delivered by Goutama Bachtiar. It includes details about the trainer's background and experience in IT advisory, consulting, auditing, and education. The training objectives are to address key knowledge areas related to IT Governance domains such as framework, strategy alignment, value delivery, risk management, and performance measurement. The targeted participants are corporate and IT management, IT auditors, and senior IT management. The training agenda covers various topics around governance vs management, frameworks, strategy, value, risk, performance and more. It also discusses the ISACA CGEIT certification domains that the training maps to.
Strategic IT Governance defines the formal process of aligning an organization's IT strategy with its overall business goals and overseeing execution. IT governance is important for regulatory compliance, competitive advantage, supporting enterprise goals, innovation, increasing intangible assets, and reducing risk. Effective IT governance involves strategic alignment, value delivery, risk management, resource management, and performance measurement. It requires involvement from leaders, managers, executives, boards, and stakeholders. Challenges include lack of business strategy alignment, ineffective project management, and lack of transparency and controls. Frameworks like COBIT and ITIL can help with governance, and balanced scorecards are effective for performance measurement.
This document discusses key aspects of developing an IT strategy, including:
1. The importance of aligning an organization's IT strategy with its overall business strategy.
2. The process of developing an IT strategy involves analyzing the current and future IT environments, capabilities, and needs to support the business strategy.
3. IT strategies should address opportunities, threats, the IT organization, external forces, internal capabilities, and milestones to achieve the strategy.
4. Developing an effective IT strategy requires factors like revisiting the business model, getting the right people involved, balancing investment opportunities, and managing risks.
This document provides an overview of IT strategy and governance for executives. It discusses the importance of aligning IT with business strategy and having proper governance structures in place. Key points include:
- IT strategy should define how technology will support business goals and priorities through investments, applications, and infrastructure.
- IT governance ensures IT goals are met, risks mitigated, and value delivered to business. It focuses on strategic alignment, value delivery, risk management, resource management, and performance.
- Common pitfalls of IT strategy include lack of ownership, not tracking progress, failing to realize ROI, and not having proper governance structures.
- Strong IT governance with board oversight and an IT steering committee is needed to successfully
Managing human resources at data centers 1.0aqel aqel
This presentation discusses set of topics related to human resources (HR) who are working in data-centers. A common HR life cycle approach was followed that starts by hiring, developing and/or managing, and ending by transitioning datacenter worker to a new stage that might include rotating to another job within the organization.
HR Planning is based on business requirements, nature of technology implemented and available budgets. Some best practices for hiring and managing human resources were discussed including organizing, motivation and risks optimization. The paper includes lots of globally accredited best practices and controls that facilitate operations excellence.
Businesses today are more dependent on technology than ever. And, more than ever, they're looking to IT for ways to improve employee productivity, customer service and innovation. The challenge is that in order to achieve results with technology, IT and the business have to work collaboratively.
IT needs to be able to develop the right relationships and communicate with different stakeholders from a business perspective - not a technical one. As a result, the transformation of the IT department has become a top-level priority for many leading organizations. At the same time, business leaders need to strengthen their business technology IQ and play a more significant role in the governance of IT.
Learning and development professional Michelle Moore fills you in on the skills and knowledge required to help IT and the business collaborate and perform in this new environment. She will also share industry best practices for making the transition.
COBIT provides a framework for IT governance and control that aims to ensure IT is aligned with business objectives and risks are managed appropriately. It defines four domains - plan and organize, acquire and implement, deliver and support, and monitor and evaluate - that cover 34 IT processes. For each process, COBIT establishes control objectives and requirements to help management implement controls and provide assurance that business goals will be achieved through the optimal and secure use of IT resources.
This document discusses the benefits of aligning IT and business risk management. Key benefits include better understanding technology risks, quantifying business impacts, more effective risk management, and improved collaboration between IT and business. The document also identifies challenges to alignment like complex existing environments and accelerated change. Signs of misalignment include technology risk reporting just for compliance and metrics expressed only in IT terms. Different types of misalignment are described. Case studies from large banks demonstrate approaches to improve alignment through mapping IT services to business services and better communication. Lessons learned emphasize defining requirements upfront and avoiding information overload.
The document discusses several frameworks for IT governance - COBIT, ITIL, and Val IT. It describes the key components and benefits of each framework. COBIT focuses on controls and metrics for IT processes, while ITIL provides guidance on service delivery and support. Using the frameworks together can provide a comprehensive approach to IT governance that establishes what should be done as well as how.
15. Brian Bailey presentation 2 DQ Asia Pacific 2010Brian Bailey
This document discusses managing change to improve organizational results through better management of people, processes, and technology. It provides examples of recordkeeping failures that caused major issues. A case study outlines how one organization engaged employees and implemented governance to address data quality problems. The document advocates a holistic approach considering people, processes, content and technology, and references resources for digital recordkeeping standards.
This document provides guidance on using data analytics for internal auditing. It discusses key concepts like defining data analysis, getting data from various sources, choosing the right data analysis software, developing a data analysis methodology, and examples of data analytics techniques for analyzing journal entries and employee expenses. The document also covers best practices for critical success factors and infrastructure needed to support an effective data analytics program.
Keller Graduate School of Management class - PM600 - this was the final presentation - created and presented by Scott Lang & Rajeshwer Subramanian
We were a 2 man team working over the length of the course creating and developing this project.
Hoping to show presentation skills and the understanding of the principles of project management
The document discusses the importance of aligning IT strategy with business strategy. It notes that a survey found this to be the top issue facing executives. Another study identified ensuring alignment and prioritizing IT investments according to business needs as the most important factors for business success. However, around half of respondents did not have a formal governance process for alignment. The document argues that ultimate responsibility for IT strategy should rest with business leadership, as IT exists to support the business, not as an end in itself. A lack of alignment can lead to higher costs, missed opportunities, and inability to achieve full business potential.
Assessing the Impact of a Disruption: Building an Effective Business Impact A...PECB
Many organizations have adopted the ISO 22301 standard for their business continuity management systems. Recently, ISO has released the new ISO 22317 Standard for Business Impact Analysis. In this webinar, learn about several different strategies to build an effective BIA that will help you advance your business continuity strategies.
Presenter:
This webinar was presented by Bryan Strawser, Principal Consultant & CEO at Bryghtpath LLC, who has more than 21 years of experience.
Link of the recorded webinar published on YouTube: https://youtu.be/19r2u3zJp1o
This presentation is intended to assist CIO's with setting up a formal IT Governance model for their college or university. There are two companion files also in Slideshare linked at the end of an IT Governance Committee Charter and an IT Project Governance Guideline.
IT Governance aims to align IT initiatives with business objectives, prioritize projects based on benefits and ROI, organize related projects to avoid duplication, lower total costs of ownership, and provide visibility into decision making processes. The proposed product enables informed IT investment decisions through a collaborative platform, sourcing required information from within organizations or decision makers' experiences. It ensures all relevant aspects and information are considered in analysis to make informed decisions and tracks key aspects with full visibility of decision making. The models provided are based on extensive research and can be enhanced over time as more decisions are made, growing with the organization.
IT Governance Vs IT Management Presentation V0.1Richard Willis
IT governance involves establishing responsibility and accountability for major IT decisions and ensuring IT strategy alignment with business strategy. Effective IT governance increases profitability and shareholder returns. Frameworks like COBIT, ITIL, and ISO/IEC 38500 provide best practices for IT governance and management. IT governance is concerned with strategic decision making while IT management focuses on operational excellence. Organizations can assess their IT governance maturity to continually improve practices over time.
Give Your Company the Competitive Edge by Means of an IT AuditEES Africa (Pty) Ltd
With increasing technological developments and competition, companies are looking at ways to enhance and optimise their information technology (IT) systems and technical infrastructure. An information technology audit, also referred to as a technical infrastructure audit, is an invaluable process to undertake to accomplish this.
It examines IT governance and how a company’s IT environment performs against best practice and emerging, leading edge technology. It does this by scrutinising information systems, their inputs, outputs and processing, capabilities and performance
A program description of an IT governance methodology for large and small programs where COBIT or ITIL may not be in your plans.
More at www.sqpegconsulting.com, Square Peg Consulting
John Goodpasture, PMP
This document discusses key considerations for IT internal audits related to information security and business continuity management. It outlines several audits that an IT internal audit function can perform to evaluate an organization's information security strategy and program, including assessments of the information security program, the threat and vulnerability management program, and performing vulnerability assessments. It also discusses how business continuity has increased in importance given disruptions from events like natural disasters and infrastructure failures, and the need for organizations to have effective business continuity management. The document provides context around risks to information from both internal and external threats and how IT internal audit can help evaluate controls.
Info-Tech is the most innovative firm in the industry, and we pride ourselves on delivering better research than anyone.
Become a member and unlock a range of data-driven tools and resources to drive systematic IT improvement.
The document provides information about an upcoming training on IT Governance to be delivered by Goutama Bachtiar. It includes details about the trainer's background and experience in IT advisory, consulting, auditing, and education. The training objectives are to address key knowledge areas related to IT Governance domains such as framework, strategy alignment, value delivery, risk management, and performance measurement. The targeted participants are corporate and IT management, IT auditors, and senior IT management. The training agenda covers various topics around governance vs management, frameworks, strategy, value, risk, performance and more. It also discusses the ISACA CGEIT certification domains that the training maps to.
Strategic IT Governance defines the formal process of aligning an organization's IT strategy with its overall business goals and overseeing execution. IT governance is important for regulatory compliance, competitive advantage, supporting enterprise goals, innovation, increasing intangible assets, and reducing risk. Effective IT governance involves strategic alignment, value delivery, risk management, resource management, and performance measurement. It requires involvement from leaders, managers, executives, boards, and stakeholders. Challenges include lack of business strategy alignment, ineffective project management, and lack of transparency and controls. Frameworks like COBIT and ITIL can help with governance, and balanced scorecards are effective for performance measurement.
This document discusses key aspects of developing an IT strategy, including:
1. The importance of aligning an organization's IT strategy with its overall business strategy.
2. The process of developing an IT strategy involves analyzing the current and future IT environments, capabilities, and needs to support the business strategy.
3. IT strategies should address opportunities, threats, the IT organization, external forces, internal capabilities, and milestones to achieve the strategy.
4. Developing an effective IT strategy requires factors like revisiting the business model, getting the right people involved, balancing investment opportunities, and managing risks.
This document provides an overview of IT strategy and governance for executives. It discusses the importance of aligning IT with business strategy and having proper governance structures in place. Key points include:
- IT strategy should define how technology will support business goals and priorities through investments, applications, and infrastructure.
- IT governance ensures IT goals are met, risks mitigated, and value delivered to business. It focuses on strategic alignment, value delivery, risk management, resource management, and performance.
- Common pitfalls of IT strategy include lack of ownership, not tracking progress, failing to realize ROI, and not having proper governance structures.
- Strong IT governance with board oversight and an IT steering committee is needed to successfully
Managing human resources at data centers 1.0aqel aqel
This presentation discusses set of topics related to human resources (HR) who are working in data-centers. A common HR life cycle approach was followed that starts by hiring, developing and/or managing, and ending by transitioning datacenter worker to a new stage that might include rotating to another job within the organization.
HR Planning is based on business requirements, nature of technology implemented and available budgets. Some best practices for hiring and managing human resources were discussed including organizing, motivation and risks optimization. The paper includes lots of globally accredited best practices and controls that facilitate operations excellence.
Businesses today are more dependent on technology than ever. And, more than ever, they're looking to IT for ways to improve employee productivity, customer service and innovation. The challenge is that in order to achieve results with technology, IT and the business have to work collaboratively.
IT needs to be able to develop the right relationships and communicate with different stakeholders from a business perspective - not a technical one. As a result, the transformation of the IT department has become a top-level priority for many leading organizations. At the same time, business leaders need to strengthen their business technology IQ and play a more significant role in the governance of IT.
Learning and development professional Michelle Moore fills you in on the skills and knowledge required to help IT and the business collaborate and perform in this new environment. She will also share industry best practices for making the transition.
COBIT provides a framework for IT governance and control that aims to ensure IT is aligned with business objectives and risks are managed appropriately. It defines four domains - plan and organize, acquire and implement, deliver and support, and monitor and evaluate - that cover 34 IT processes. For each process, COBIT establishes control objectives and requirements to help management implement controls and provide assurance that business goals will be achieved through the optimal and secure use of IT resources.
This document discusses the benefits of aligning IT and business risk management. Key benefits include better understanding technology risks, quantifying business impacts, more effective risk management, and improved collaboration between IT and business. The document also identifies challenges to alignment like complex existing environments and accelerated change. Signs of misalignment include technology risk reporting just for compliance and metrics expressed only in IT terms. Different types of misalignment are described. Case studies from large banks demonstrate approaches to improve alignment through mapping IT services to business services and better communication. Lessons learned emphasize defining requirements upfront and avoiding information overload.
The document discusses several frameworks for IT governance - COBIT, ITIL, and Val IT. It describes the key components and benefits of each framework. COBIT focuses on controls and metrics for IT processes, while ITIL provides guidance on service delivery and support. Using the frameworks together can provide a comprehensive approach to IT governance that establishes what should be done as well as how.
15. Brian Bailey presentation 2 DQ Asia Pacific 2010Brian Bailey
This document discusses managing change to improve organizational results through better management of people, processes, and technology. It provides examples of recordkeeping failures that caused major issues. A case study outlines how one organization engaged employees and implemented governance to address data quality problems. The document advocates a holistic approach considering people, processes, content and technology, and references resources for digital recordkeeping standards.
This document provides guidance on using data analytics for internal auditing. It discusses key concepts like defining data analysis, getting data from various sources, choosing the right data analysis software, developing a data analysis methodology, and examples of data analytics techniques for analyzing journal entries and employee expenses. The document also covers best practices for critical success factors and infrastructure needed to support an effective data analytics program.
Keller Graduate School of Management class - PM600 - this was the final presentation - created and presented by Scott Lang & Rajeshwer Subramanian
We were a 2 man team working over the length of the course creating and developing this project.
Hoping to show presentation skills and the understanding of the principles of project management
The document discusses the importance of aligning IT strategy with business strategy. It notes that a survey found this to be the top issue facing executives. Another study identified ensuring alignment and prioritizing IT investments according to business needs as the most important factors for business success. However, around half of respondents did not have a formal governance process for alignment. The document argues that ultimate responsibility for IT strategy should rest with business leadership, as IT exists to support the business, not as an end in itself. A lack of alignment can lead to higher costs, missed opportunities, and inability to achieve full business potential.
Assessing the Impact of a Disruption: Building an Effective Business Impact A...PECB
Many organizations have adopted the ISO 22301 standard for their business continuity management systems. Recently, ISO has released the new ISO 22317 Standard for Business Impact Analysis. In this webinar, learn about several different strategies to build an effective BIA that will help you advance your business continuity strategies.
Presenter:
This webinar was presented by Bryan Strawser, Principal Consultant & CEO at Bryghtpath LLC, who has more than 21 years of experience.
Link of the recorded webinar published on YouTube: https://youtu.be/19r2u3zJp1o
This presentation is intended to assist CIO's with setting up a formal IT Governance model for their college or university. There are two companion files also in Slideshare linked at the end of an IT Governance Committee Charter and an IT Project Governance Guideline.
IT Governance aims to align IT initiatives with business objectives, prioritize projects based on benefits and ROI, organize related projects to avoid duplication, lower total costs of ownership, and provide visibility into decision making processes. The proposed product enables informed IT investment decisions through a collaborative platform, sourcing required information from within organizations or decision makers' experiences. It ensures all relevant aspects and information are considered in analysis to make informed decisions and tracks key aspects with full visibility of decision making. The models provided are based on extensive research and can be enhanced over time as more decisions are made, growing with the organization.
IT Governance Vs IT Management Presentation V0.1Richard Willis
IT governance involves establishing responsibility and accountability for major IT decisions and ensuring IT strategy alignment with business strategy. Effective IT governance increases profitability and shareholder returns. Frameworks like COBIT, ITIL, and ISO/IEC 38500 provide best practices for IT governance and management. IT governance is concerned with strategic decision making while IT management focuses on operational excellence. Organizations can assess their IT governance maturity to continually improve practices over time.
Give Your Company the Competitive Edge by Means of an IT AuditEES Africa (Pty) Ltd
With increasing technological developments and competition, companies are looking at ways to enhance and optimise their information technology (IT) systems and technical infrastructure. An information technology audit, also referred to as a technical infrastructure audit, is an invaluable process to undertake to accomplish this.
It examines IT governance and how a company’s IT environment performs against best practice and emerging, leading edge technology. It does this by scrutinising information systems, their inputs, outputs and processing, capabilities and performance
A program description of an IT governance methodology for large and small programs where COBIT or ITIL may not be in your plans.
More at www.sqpegconsulting.com, Square Peg Consulting
John Goodpasture, PMP
Implementing Asset Management System with ISO 55001PECB
Over the past several years, the asset management industry has fundamentally changed shape, it is critically more important than ever before. ISO 55000 defines Asset management as the "coordinated activity of an organization to realize value from assets". In turn, Assets are defined as follows: "An asset is an item, thing or entity that has potential or actual value to an organization". This webinar explores ISO 55001 and Asset Lifecycle Management. Moreover, the webinars gives a brief introduction of the six elements into which ISO 55001 divides asset management system.
Main points covered:
• Explore ISO 55001
• Asset Lifecycle Management
• Explore the concept behind information Assets
• Who is an Asset Manager and what the responsibilities of an Asset Manager are
Presenter:
Orlando Olumide Odejide is a PECB Certified Trainer. He is an experienced Enterprise Architect and Programme Director working on various technology solutions for client in the Financial Services, Manufacturing and Public Sectors.
Link of the recorded session published on YouTube: https://youtu.be/hYaNNwQK1Ns
Technology intelligence (TI) aims to identify technological opportunities and threats that could impact a company's future growth and survival. It involves capturing and disseminating technological information for strategic planning and decision making. As technology lifecycles shorten and businesses globalize, effective TI capabilities are important for understanding changes in the external environment, facilitating strategic thinking, and enhancing a company's ability to respond to changes. TI can be internal, through a technology audit of a company's assets and capabilities, or external, through technology mapping. The purpose of a technology audit is to collect information on a company's technological level, understand its needs and capabilities, and prepare recommendations and an action plan to offer relevant services to help the company.
2016-06-08 FDA Inspection Readiness - Mikael Ydemikaelyde
The document discusses preparing for FDA inspections of computer systems and IT infrastructure. It outlines developing an IT compliance plan to ensure control of data, applications, infrastructure, procedures, suppliers, documented evidence, and personnel. The plan should identify any gaps and risks. Organizations should qualify IT systems, validate computerized systems, ensure data integrity, and monitor outsourced processes. Training personnel and periodically reviewing the quality management system are also important for inspection readiness. The speaker emphasizes developing evidence of implementing regulatory requirements to demonstrate control to inspectors.
The document discusses the key players and organizational structure for security in an enterprise. It outlines that the size of the security team depends on factors like the size of the enterprise, its systems environment, number of components, locations, and risk level. The security organization includes a Chief Information Officer, Chief Financial Officer, Security Officer, coordinators, and an Executive Committee for Security. The roles of each position are described at a high level.
This document outlines a proposed engagement framework between Taurus Global and a client to develop an IT strategy and roadmap for the client's healthcare organization. It involves a multi-phase approach including:
1) Defining business goals and IT requirements through workshops with stakeholders.
2) Developing a customized application portfolio and high-level IT roadmap aligned to the business goals.
3) Providing recommendations for an IT governance model, sourcing strategies, and setting up a PMO to oversee execution.
The goal is to establish a flexible, dynamic IT strategy that maximizes value for the healthcare organization and enables clinical transformation through digital technology.
Carlos Sousa has over 25 years of experience leading technology projects and ensuring alignment between business objectives and technology investments. He has a track record of successfully delivering projects on time and on budget across different industries. Sousa is passionate about strategy, governance, and results and has managed multi-million dollar budgets and teams of over 60 professionals.
This document summarizes a lecture on information systems and development. It discusses what different users of information want, including management wanting business intelligence and reduced costs, investors wanting profits, and customers wanting 24/7 availability. It also covers reasons why acquisitions of accounting information systems may fail, such as lack of management support or changing needs. Finally, it outlines a project management framework for IT projects including user participation, assigning responsibilities, and dividing projects into phases.
The WLS value proposition is:
-Extensive IT business experience and capability
-Demonstrated IT risk and compliance delivery
-Proven commercial experience with practical perspectives
-Low overhead compared to larger service providers results in a more competitive service
-Flexibility in service provision to reflect your business budgetary and resource requirements
In the current business environment, IT Suppliers have become integral part of the Customer organization and the IT environment and processes of IT Suppliers have a direct impact on the Customer Organization. Even though Operational responsibility might have got transferred to Supplier, but legal and regulatory responsibility will still be with Customer. Hence it is Customer’s responsibility to verify that appropriate controls are in effect to ensure that the organization fulfills its contractual obligations. This topic focuses on some of the key components and the best practices in auditing IT Suppliers for Compliance. It is aligned with one of the ISACA Research paper (Outsourced IT Environments Audit/Assurance Program) with additional information.
Control and audit of information System (hendri eka saputra)Hendri Eka Saputra
This document provides an overview of internal controls and information system auditing. It defines internal controls as processes designed to provide reasonable assurance of achieving objectives related to operations, financial reporting, and compliance. It discusses control objectives, components of internal controls including the control environment, risk assessment, control activities, information and communication, and monitoring. The document also covers the Foreign Corrupt Practices Act, types of financial reporting controls, segregation of duties, accounting systems, limitations of internal controls, and the role of internal controls in financial audits.
Module 2: Cyber-Crimes and Cyber Laws
Ethics for IT Workers and IT Users-IT Professionals-IT professional malpractice-IT , IT Act cyber
laws - Information Technology Act, 2000 (“IT Act”) - Digital Signature - Confidentiality, Integrity and Authenticity (CIA)
This document outlines the key steps for developing an effective IT strategy, including understanding the enterprise's direction, assessing the current IT environment and capabilities, defining target IT capabilities, conducting a gap analysis, developing a strategic plan and roadmap, and communicating the strategy. Some of the important activities described are analyzing the current and desired future states of business and IT, identifying goals and capabilities, and developing initiatives to address gaps and migrate systems from current to target environments over time. The overall purpose is to align IT with business objectives and priorities through a collaborative process of information gathering, planning, and consensus building.
Day 1: ICT Strategic Planning, Mr. Soufiane Ben Moussa, CTO, House of Commons...wepc2016
The challenges parliaments face are not simply ones of technology adoption; many are strategic and need to be addressed at a systemic level. To resolve this challenge, there needs to be a stronger focus on articulating, addressing and resolving the strategic barriers.
The document outlines objectives and tasks for information technology (IT) planning, management, operations, development, and security within an organization. The objectives are to establish tools to align IT with strategic goals, improve services, accountability, and security. Management tasks involve creating listener profiles to drive targeted content. IT operations will collect listener data to create data sources and transfer to a data warehouse for analysis. The purpose is to use business analytics to support operational decision-making and achieve business targets.
Info-Tech Research Group & Boardroom Events Value Prop PresentationHilary Carney Badoian
As a participant of Midmarket CIO Forum, you are given the opportunity to benefit from the Info-Tech offering (membership, advisory services, diagnostics & benchmarking, tools, templates including policies and job descriptions, vendor contract review and negotiations, and alignment tools) while having the overlay of the peer to peer vetting and communications. See the overview here and set up a call to speak in detail: https://calendly.com/MeetHilary/IT
The document discusses several case studies from Axis Technology Consulting. Each case study outlines a business challenge, the solution developed by Axis, and the impact. Examples of challenges addressed include implementing a global customer strategy, defining an end state vision, and provisioning a portfolio of projects. The solutions developed comprehensive strategies, established governance, and improved processes. The impacts included better alignment with business needs, increased efficiency, and enhanced decision making.
This document discusses policy development based on the COBIT framework. It provides an overview of COBIT, including that it is a globally accepted framework for IT governance and management consisting of 34 processes organized into 4 domains: planning and organization, acquisition and implementation, delivery and support, and monitoring. It also outlines the 7 key information criteria that COBIT addresses: effectiveness, efficiency, availability, integrity, confidentiality, reliability, and compliance.
Similar to Presentation on the Proposed Technology-related Revisions to the Code (20)
Este documento resume los Principios de Gobierno Corporativo del G20 y de la OCDE revisados, los cuales establecen estándares internacionales para una buena gobernanza corporativa. Se destaca que los Principios ahora incluyen un nuevo capítulo sobre sustentabilidad y resiliencia que promueve la divulgación de información relacionada con la sustentabilidad y el aseguramiento externo de esta información, y aclara que los consejos deben considerar oportunidades y riesgos materiales de sustentabilidad. El documento también resalta la
Este documento resume las perspectivas de los directores de empresas sobre los Principios de Gobierno Corporativo de la OCDE-G20. Mientras que la OCDE se enfoca en proteger a los accionistas e inversores, los directores ven el gobierno corporativo como un sistema para generar valor sostenible a largo plazo para la organización, sus partes interesadas y la sociedad. Algunas diferencias clave incluyen el rol del accionista, ya que los directores deben tomar decisiones de manera independiente, y el tratamiento de las partes interesadas, c
Experts from the International Auditing and Assurance Standards Board (IAASB), the European Commission (EC), the Committee of European Audit Oversight Bodies (CEAOB), assurance service providers, investors and the business community met to discuss the regulatory, policy and standard-setting path toward high-quality sustainability assurance.
Este documento presenta un resumen de la Norma Internacional de Contabilidad del Sector Público (NICSP) para la presentación de estados financieros en base de efectivo. La norma establece que los estados financieros deben incluir un estado de cobros y pagos en efectivo, políticas contables y notas explicativas. También recomienda revelar información sobre asistencia externa y de otro tipo recibida.
El documento presenta información sobre las Guías de Prácticas Recomendadas del IPSASB, incluyendo las GPR 1, 2 y 3. Resume los temas clave cubiertos por cada guía, como la presentación de información sobre sostenibilidad fiscal a largo plazo (GPR 1), el análisis y comentario de estados financieros (GPR 2), e información sobre rendimiento de servicios (GPR 3).
Este documento presenta un resumen del Marco Conceptual para la Información Financiera con Propósito General de las Entidades del Sector Público. Explica los objetivos y usuarios de la información financiera, las características cualitativas que debe cumplir, los elementos de los estados financieros, y los principios de reconocimiento y medición de activos y pasivos. También describe las características clave del sector público y las restricciones en la información incluida en los informes financieros.
Este documento proporciona una guía sobre la Norma Internacional de Contabilidad del Sector Público 33 (NICSP 33) sobre la adopción por primera vez de las Normas Internacionales de Contabilidad del Sector Público sobre la base de devengo. La NICSP 33 establece los requisitos para la preparación y presentación de los primeros estados financieros de una entidad cuando adopta las NICSP por primera vez. Incluye exenciones opcionales y exenciones que afectan la presentación razonable, así como requisitos de revelación durante el
Este documento trata sobre la contabilidad de las transacciones en moneda extranjera y las operaciones en el extranjero de las entidades del sector público. Explica conceptos como moneda funcional, reconocimiento inicial y posterior de partidas monetarias y no monetarias en moneda extranjera, y el tratamiento contable de las diferencias de cambio. También cubre los requisitos de revelación relacionados con la moneda extranjera.
Este documento presenta los requisitos para la presentación de información presupuestaria en las entidades del sector público. Establece que las entidades deben comparar los importes presupuestados con los importes reales, ya sea en columnas adicionales en los estados financieros o en un estado financiero separado, dependiendo de si la base del presupuesto y los estados financieros son comparables. También requiere notas de revelación que expliquen las diferencias entre el presupuesto original y el final, la base presupuestaria y de clasificación, el período
Este documento presenta las revelaciones de partes relacionadas según el Manual de Pronunciamientos de Contabilidad del Sector Público. Define parte relacionada como una entidad que puede controlar o influir significativamente a otra, y ofrece ejemplos como entidades asociadas y personal directivo clave. Explica que las revelaciones deben incluir la existencia de partes relacionadas, transacciones con ellas, y detalles sobre el personal clave de gestión para promover la transparencia y rendición de cuentas.
El documento presenta la información sobre el estado de flujos de efectivo. Explica que el estado de flujos de efectivo proporciona información sobre cómo una entidad genera y utiliza efectivo y tiene valor predictivo. Describe que el estado clasifica los flujos de efectivo en actividades operativas, de inversión y de financiación. También cubre conceptos como efectivo y equivalentes de efectivo, y los métodos directo e indirecto para preparar el estado.
Este documento presenta una introducción a los estados financieros requeridos para las entidades del sector público de acuerdo con las Normas Internacionales de Contabilidad para el Sector Público. Explica que los estados financieros deben incluir un estado de situación financiera, un estado de rendimiento financiero, un estado de cambios en los activos netos/patrimonio y un estado de flujo de efectivo, así como notas explicativas. También cubre conceptos clave como materialidad, presentación, revelación y clasificación corriente/no corriente
Este documento describe las combinaciones del sector público, incluidas las fusiones y adquisiciones. Una fusión ocurre cuando dos entidades se combinan sin que ninguna obtenga el control de la otra, mientras que una adquisición ocurre cuando una entidad obtiene el control de la otra. Las fusiones se contabilizan usando el método de contabilización de la unión de intereses modificado, mientras que las adquisiciones se contabilizan usando el método de adquisición.
Este documento proporciona una introducción a las Normas Internacionales de Contabilidad del Sector Público (NICSP) 34-38, que establecen los requisitos para la consolidación de estados financieros y la contabilización de inversiones en asociadas y negocios conjuntos. Explica los conceptos clave de control, influencia significativa y control conjunto, y cómo se aplican estas normas dependiendo del tipo de participación que tiene una entidad en otra. También resume los procedimientos de consolidación, contabilización de adquisiciones y disposiciones, y requis
Este documento proporciona requisitos de revelación para instrumentos financieros de acuerdo con el Manual de Pronunciamientos de Contabilidad del Sector Público. El objetivo es permitir que los usuarios evalúen la importancia de los instrumentos financieros para la situación financiera de la entidad y la naturaleza y alcance de los riesgos asociados. Se requiere revelar categorías de activos y pasivos financieros, partidas de ingresos y gastos, políticas contables, contabilidad de cobertura, valores razonables, prést
El documento habla sobre instrumentos financieros y coberturas. Explica que el objetivo de la contabilidad de coberturas es representar el efecto de las actividades de gestión de riesgos de una entidad. Las relaciones de cobertura pueden ser cobertura del valor razonable, cobertura de flujos de efectivo o cobertura de la inversión neta en el extranjero. También presenta dos ejemplos de cobertura de flujos de efectivo y cobertura del valor razonable.
1) El documento presenta conceptos básicos sobre instrumentos financieros de acuerdo con la NICSP 41. 2) Explica el reconocimiento, clasificación y medición posterior de activos y pasivos financieros. 3) También cubre temas como deterioro de activos financieros, préstamos en concesión y el modelo de pérdidas crediticias esperadas.
Este documento presenta los requisitos de revelación para instrumentos financieros según la NICSP 29. Se requiere revelar importes en libros, mediciones de valor razonable, ganancias y pérdidas, información sobre coberturas, préstamos en concesión y riesgos. También se debe revelar la clasificación y medición de activos y pasivos financieros de la entidad, así como tablas con importes en libros y valores razonables. Finalmente, se debe revelar información sobre el riesgo de crédito de los instrumentos derivados de
Este documento trata sobre instrumentos financieros, coberturas y derivados de acuerdo con la NICSP 29. Explica los conceptos de contabilidad de coberturas, cobertura de flujos de efectivo, cobertura de valor razonable, derivados e incluye ejemplos de cada uno. También define derivados implícitos y proporciona un ejemplo de swap de tasas de interés.
More from International Federation of Accountants (20)
BONKMILLON Unleashes Its Bonkers Potential on Solana.pdfcoingabbar
Introducing BONKMILLON - The Most Bonkers Meme Coin Yet
Let's be real for a second – the world of meme coins can feel like a bit of a circus at times. Every other day, there's a new token promising to take you "to the moon" or offering some groundbreaking utility that'll change the game forever. But how many of them actually deliver on that hype?
Seminar: Gender Board Diversity through Ownership NetworksGRAPE
Seminar on gender diversity spillovers through ownership networks at FAME|GRAPE. Presenting novel research. Studies in economics and management using econometrics methods.
[4:55 p.m.] Bryan Oates
OJPs are becoming a critical resource for policy-makers and researchers who study the labour market. LMIC continues to work with Vicinity Jobs’ data on OJPs, which can be explored in our Canadian Job Trends Dashboard. Valuable insights have been gained through our analysis of OJP data, including LMIC research lead
Suzanne Spiteri’s recent report on improving the quality and accessibility of job postings to reduce employment barriers for neurodivergent people.
Decoding job postings: Improving accessibility for neurodivergent job seekers
Improving the quality and accessibility of job postings is one way to reduce employment barriers for neurodivergent people.
2. Elemental Economics - Mineral demand.pdfNeal Brewster
After this second you should be able to: Explain the main determinants of demand for any mineral product, and their relative importance; recognise and explain how demand for any product is likely to change with economic activity; recognise and explain the roles of technology and relative prices in influencing demand; be able to explain the differences between the rates of growth of demand for different products.
Vicinity Jobs’ data includes more than three million 2023 OJPs and thousands of skills. Most skills appear in less than 0.02% of job postings, so most postings rely on a small subset of commonly used terms, like teamwork.
Laura Adkins-Hackett, Economist, LMIC, and Sukriti Trehan, Data Scientist, LMIC, presented their research exploring trends in the skills listed in OJPs to develop a deeper understanding of in-demand skills. This research project uses pointwise mutual information and other methods to extract more information about common skills from the relationships between skills, occupations and regions.
5 Tips for Creating Standard Financial ReportsEasyReports
Well-crafted financial reports serve as vital tools for decision-making and transparency within an organization. By following the undermentioned tips, you can create standardized financial reports that effectively communicate your company's financial health and performance to stakeholders.
"Does Foreign Direct Investment Negatively Affect Preservation of Culture in the Global South? Case Studies in Thailand and Cambodia."
Do elements of globalization, such as Foreign Direct Investment (FDI), negatively affect the ability of countries in the Global South to preserve their culture? This research aims to answer this question by employing a cross-sectional comparative case study analysis utilizing methods of difference. Thailand and Cambodia are compared as they are in the same region and have a similar culture. The metric of difference between Thailand and Cambodia is their ability to preserve their culture. This ability is operationalized by their respective attitudes towards FDI; Thailand imposes stringent regulations and limitations on FDI while Cambodia does not hesitate to accept most FDI and imposes fewer limitations. The evidence from this study suggests that FDI from globally influential countries with high gross domestic products (GDPs) (e.g. China, U.S.) challenges the ability of countries with lower GDPs (e.g. Cambodia) to protect their culture. Furthermore, the ability, or lack thereof, of the receiving countries to protect their culture is amplified by the existence and implementation of restrictive FDI policies imposed by their governments.
My study abroad in Bali, Indonesia, inspired this research topic as I noticed how globalization is changing the culture of its people. I learned their language and way of life which helped me understand the beauty and importance of cultural preservation. I believe we could all benefit from learning new perspectives as they could help us ideate solutions to contemporary issues and empathize with others.
Economic Risk Factor Update: June 2024 [SlideShare]Commonwealth
May’s reports showed signs of continued economic growth, said Sam Millette, director, fixed income, in his latest Economic Risk Factor Update.
For more market updates, subscribe to The Independent Market Observer at https://blog.commonwealth.com/independent-market-observer.
Abhay Bhutada, the Managing Director of Poonawalla Fincorp Limited, is an accomplished leader with over 15 years of experience in commercial and retail lending. A Qualified Chartered Accountant, he has been pivotal in leveraging technology to enhance financial services. Starting his career at Bank of India, he later founded TAB Capital Limited and co-founded Poonawalla Finance Private Limited, emphasizing digital lending. Under his leadership, Poonawalla Fincorp achieved a 'AAA' credit rating, integrating acquisitions and emphasizing corporate governance. Actively involved in industry forums and CSR initiatives, Abhay has been recognized with awards like "Young Entrepreneur of India 2017" and "40 under 40 Most Influential Leader for 2020-21." Personally, he values mindfulness, enjoys gardening, yoga, and sees every day as an opportunity for growth and improvement.
Who Is the Largest Producer of Soybean in India Now.pdf
Presentation on the Proposed Technology-related Revisions to the Code
1. Rich Huesken, IESBA Member and Task Force Chair
Greg Driscoll, IESBA Technical Advisor and Task Force
Member
April 5, 2022
Proposed Technology-related
Revisions to the Code
2. 1) Background
2) Overview of revisions
3) Deep dive into specific revisions
4) Questions and Answers
2
3. • Profession and others
recognizing pressing need to
understand and address
transformative effects of
technology
– Strategic imperatives?
– Impact on business models?
– Threats and opportunities?
• Ethics implications for the
profession?
– AI, Blockchain, Cybersecurity,
Big Data, IoT, Cloud-based
services, …
3
The Digital Age
4. Technology
Revisions
Informed by:
• Phase 1 Report
• Role and Mindset project
• NAS project
• Two global surveys on
“complexity” and “auditor
independence”
• Stakeholder outreach to
date
“…generally, the Code currently provides high level,
principles-based guidance for most technology-related eth
issues that professional accountants and firms might
encounter...”
4
Phase 1 report available here
5. IESBA Technology Workstreams
2. Undertake Fact Finding
Monitor evolving technologies; consider any new
ethics and independence issues
Involves desktop research and stakeholder
engagement
Informs development of Technology ED/ finalization of
Technology revisions, and to recommend other
actions that might be taken by IESBA and others
3. Develop technology-related guidance
and thought leadership
Responsive to stakeholder calls for guidance
Collaboration with others, including IFAC and national
standards setters (e.g., ICAS, CPA Canada, APESB,
JICPA)
1. Propose technology-related
revisions to the Code
(Technology Project)
Goal is to ensure that Code remains relevant
and fit for purpose
Builds on strong overarching requirements in
the extant Code
Will retain extant Code’s principles-based
approach
Approval of Exposure Draft (ED) in
December 2021
• Follow the Technology Project here
• Access the Technology Focus Page for
various thought leadership and other
resources
6. Enhancing the Relevance of the Code
• Guides the ethical mindset
and behavior of PAs in
business and in public
practice
• Deals with changes brought
by technology in business
and professional services
(i.e., work processes and the
content of the services
provided)
• Stakeholders are encouraged
to submit comments
Comment period deadline:
June 20, 2022
7. Draws attention to the
competence,
confidentiality, &
leadership imperatives
of the digital age
Considers the ethical
threats from reliance
on the output of
technology & complex
circumstances
Addresses the ethical
dimension of reliance
on, or use of, the
output of technology
Strengthens auditor
independence for
technology-related
services & business
relationships
Applies to assurance on
non-financial
information (i.e. ESG
disclosures)
Overview of Proposed
Technology Enhancements
9. Role & Mindset: Technology Enhancements
• Professional competence requires a continuing awareness and
an understanding of relevant technical, professional, business
and technology-related developments
• Exercise of professional or business judgment can be
compromised by undue influence of, or undue reliance on,
individuals, organizations, technology or other factors
• Bias affects the exercise of professional judgment when
identifying, evaluating and addressing threats to compliance
with the fundamental principles
‒ e.g., Automation bias, which is a tendency to favor output
generated from automated systems, even when human reasoning
or contradictory information raises questions as to whether such
output is reliable or fit for purpose
Already Effective
10. Professional Skills Needed
113.1 A1
Serving clients and employing
organizations with professional
competence requires:
(a) tThe exercise of sound
judgment in applying professional
knowledge and skills; and
(b) The application of
interpersonal, communication and
organizational skills when
undertaking professional activities.
Rationale
• Emphasizes the types of
professional skills needed by PAs
in the digital age
• Builds on Role & Mindset
technology enhancements
• Based on specific learning
outcomes of international education
standards:
Form the basis for CPD and incoming
qualification programs for PAs
Were recently revised to reflect skills needed
by PAs in the digital age
11. Sufficiency of Information Provided
R113.3
Where appropriate, a
professional accountant shall
make clients, the employing
organization, or other users of
the accountant’s professional
services or activities, aware of
the limitations inherent in the
services or activities and
provide them with sufficient
information to understand the
implications of those limitations.
Rationale
• Trust arises from being
transparent to stakeholders
• Addresses implicit tension
between being “transparent”
and maintaining “confidentiality”
• Objective is so stakeholders
have the information necessary
to understand the implications
of limitations inherent in a PA’s
services or activities
12. Confidentiality and Data Governance
Glossary: Confidential information
Any information, data or other material in
whatever form or medium (including written,
electronic, visual or oral) that is not in the public
domain.
114.1 A12
Maintaining the confidentiality of information
acquired in the course of professional and
business relationships involves the professional
accountant taking appropriate action to secure
such information in the course of its collection,
use, transfer, storage, dissemination and lawful
destruction.
Rationale
• Recognizes the
increase in data
across all mediums,
and ease of access
to such data
• Emphasizes the
importance of
maintaining
confidentiality
throughout the data
governance cycle
13. Complex Circumstances
120.13 A1
The circumstances in which
professional accountants carry
out professional activities vary
considerably. Some
professional activities might
involve complex circumstances
that increase the challenges
when identifying, evaluating and
addressing threats to
compliance with the
fundamental principles.
Complex Circumstances (1)
14. 120.13 A2
Complex circumstances arise where the relevant facts and circumstances involve:
(a) Elements that are uncertain; and
(b) Multiple variables and assumptions,
which are interconnected or interdependent. Such facts and circumstances might also be rapidly changing.
120.13 A3
Managing the evolving interaction of such facts and circumstances as they develop assists the
professional accountant to mitigate the challenges arising from complex circumstances. This might include:
• Consulting with others, including experts, to ensure appropriate challenge and additional input as part of
the evaluation process.
• Using technology to analyze relevant data to better inform the accountant’s judgment.
• Making the firm or employing organization and, if appropriate, relevant stakeholders aware of the
inherent uncertainties or difficulties arising from the facts and circumstances.
• Monitoring any developments or changes in the facts and circumstances and assessing whether they
might impact any judgments the accountant has made.
Complex Circumstances (2)
15. Rationale
• Trust arises from ethical
behavior
• Ethical culture within an
organization enhances
the effective application
of ethical principles
• Prompts leaders and
PAs to demonstrate
ethical behavior in
professional or business
relationships
Ethical Leadership
120.143 A3
Professional accountants are
expected to:
(a) eEncourage and promote an
ethics-based culture in their
organization, taking into account their
position and seniority; and.
(b) Demonstrate ethical behavior in
dealings with business organizations
and individuals with which they or their
firm or employing organization has a
professional or business relationship.
16. 16
Technology and the Conceptual Framework
200.6 A2
The use of technology is a specific circumstance that might create
threats to compliance with the fundamental principles. Considerations
that are relevant when identifying such threats when a professional
accountant relies upon the output from technology include:
• Whether information about how the technology functions is
available to the accountant.
• Whether the technology is appropriate for the purpose for which it
is to be used.
• Whether the accountant has the professional competence to
understand, use and explain the output from the technology.
• Whether the technology incorporates expertise or judgments of the
accountant or the employing organization.
• Whether the technology was designed or developed by the
accountant or employing organization and therefore might create a
self-interest or self-review threat.
Technology cuts across
all FPs and CF
Similar guidance for
PAPPs
17. 220.7 A2
Factors to consider in determining whether reliance on the output of technology is reasonable
include:
• The nature of the activity to be performed by the technology.
• The expected use of, or extent of reliance on, the output from the technology.
• The professional accountant’s ability to understand the output from the technology for the context
in which it is to be used.
• Whether the technology is established and effective for the purpose intended.
• Whether new technology has been appropriately tested and evaluated for the purpose intended.
• The reputation of the developer of the technology if acquired from or developed by an external
vendor.
• The employing organization’s oversight of the design, development, implementation, operation,
maintenance, monitoring or updating of the technology.
• The appropriateness of the inputs to the technology, including data and any related decisions.
Relying on the Output of Technology Similar guidance for
PAPPs
19. Those Charged with Governance (TCWG)
• Facilitate and promote more robust engagement between
auditors and TCWG regarding NAS and fees for PIEs
• Requires concurrence from TCWG before providing NAS
to the PIE, the PIE’s parent and subsidiaries, whether
unlisted or listed:
PIE Audit
Client
Parent
Controlled entities
Effective December
2022
Communication
with TCWG – PIE
Audit Client
3-MINUTE
VIDEO
AVAILABLE
20. Communication with TCWG – PIE Audit Clients (2)
The nature and scope of the proposed NAS
The basis and amount of the proposed fee
Whether the firm has identified any threats to
independence that might be created by the
proposed NAS, the basis for the firm’s
assessment that the threats are at an
acceptable level, or the actions the firm might
take to eliminate or reduce any threats to an
acceptable level
Whether the combined effect of providing
multiple NAS creates threats or changes the
level of previously identified threats
Examples of
information to
communicate
with TCWG –
PIE Audit Client
Effective December
2022
21. Strengthened Guardrails on Independence (1)
• NAS that
might create a
self-review
threat
• Prohibited for
PIE audit
clients
Before providing a non-assurance service to an audit
client, a firm or a network firm shall determine whether
the provision of that service might create a self-review
threat by evaluating whether there is a risk that:
• The results of the service will form part of or affect
the accounting records, the internal controls over
financial reporting, or the financial statements on
which the firm will express an opinion; and
• In the course of the audit of those financial statements
on which the firm will express an opinion, the audit
team will evaluate or rely on any judgments made
or activities performed by the firm or network firm
when providing the service.
Effective December
2022
22. Strengthened Guardrails on Independence (2)
Technology-
related NAS
Under revised NAS provisions:
• Firms to consider the manner in which a NAS is to be
provided in identifying and evaluating threats to
independence
• New guidance explains how to determine “routine or
mechanical” accounting and bookkeeping services
• Prohibition on services that might create a self-review
threat (SRT) for PIE audit clients
• Prohibition on services involving designing or
implementing IT systems for PIE audit clients that:
(1) Form part of the internal control over financial
reporting; or
(2) Generate information for the client’s accounting
records or financial statements
Effective December
2022
23. IT Systems Services
606.2 A1
IT systems services comprise a broad range of
services including:
• Designing or developing hardware or software IT
systems.
• Implementing IT systems, including installation,
configuration, interfacing, or customization.
• Operating, maintaining, monitoring, or updating
IT systems.
• Collecting or storing data or managing (directly or
indirectly) the hosting of data on behalf of the
audit client.
Rationale
• Clarifies the range
of IT systems
services where the
Code’s International
Independence
Standards (IIS) are
applicable
• Builds on revised
NAS provisions
24. 606.3 A1
Examples of IT systems services that result in the
assumption of a management responsibility include
where a firm or a network firm:
• Provides services in relation to the hosting (directly or
indirectly) of an audit client’s data.
• Operates an audit client’s network security, business
continuity or disaster recovery function.
606.3 A2
The collection, receipt and retention of data provided
by an audit client to enable the provision of a
permissible service to that client does not result in an
assumption of management responsibility.
Services in relation to Hosting
Rationale
• Prohibits services related
to hosting for all audit
clients due to assumption
of management
responsibility
• Distinguishes the receipt
and retention of data
provided by an audit client
in the course of providing a
permissible service
25. Examples that Might Create a Self-review Threat
606.4 A3
Examples of IT systems services that might create a self-review threat when
they form part of or affect an audit client’s accounting records or system of
internal control over financial reporting include:
• Designing, developing, implementing, operating, maintaining, monitoring or
updating IT systems.
• Supporting an audit client’s IT systems, including network and software
applications.
• Implementing accounting or financial information reporting software, whether or
not it was developed by the firm or a network firm.
Prohibited for PIE audit
clients
26. Dependency of NAS, including frequency
600.9 A2
Factors that are relevant in identifying the different
threats that might be created by providing a non-
assurance service to an audit client, and evaluating
the level of such threats include:
• The nature, scope, intended use and purpose of the
service.
• The manner in which the service will be provided,
such as the personnel to be involved and their
location.
• The client’s dependency on the service, including the
frequency with which the service will be provided.
• ……
Rationale
• Provision of frequent or
continuous monitoring or
analysis services are
becoming more
prevalent in the digital
age
• Could be regarded as
forming part of the audit
client’s internal controls
over financial reporting
27. Examples of Close Business Relationships
520.3 A2
Examples of a close business relationship:
…
• Distribution or marketing aArrangements
under which the firm or a network firm
sells, resells, distributes or markets the
client's products or services, or the client
sells, resells distributes or markets the firm
or a network firm's products or services.
• Arrangements under which the firm or a
network firm develops jointly with the
client, products or solutions which one or
both parties sell or license to third parties.
Rationale
• Clarifies what type of
technology-related
business relationships
are “close”
28. Providing, Selling, Reselling or Licensing Technology
520.7 A1
If a firm or a network firm provides, sells, resells or
licenses technology to an audit client, the
requirements and application material in Section 600
apply.
600.6
The requirements and application material in this
section also apply in those circumstances where:
(a) A firm or a network firm uses technology to provide
a non-assurance service to an audit client; or
(b) A firm or a network firm provides, sells, resells or
licenses technology to an audit client.
Rationale
• Explicit clarification
that NAS
provisions are
relevant when a
firm provides, sells,
resells or licenses
technology to a
client that performs
a NAS
29. Routine or Mechanical (non-PIEs)
601.5 A1
Accounting and bookkeeping services that are routine or mechanical:
(a) Involve information, data or material in relation to which the client has
made any judgments or decisions that might be necessary; and
(b) Require little or no professional judgment.
601.5 A2
Accounting and bookkeeping services can either be manual or automated.
In determining whether an automated service is routine or mechanical,
factors to be considered include how the technology functions and whether
the technology is based on expertise or judgments of the firm or a network
firm.
601.5 A3
Examples of services, whether manual or automated, that might be
regarded as routine or mechanical include: …….
Rationale
• Builds on NAS
revisions
• Assists readers
of the Code
understand that
automated NAS
are not
necessarily
routine or
mechanical
30. Technology and Management Responsibility
400.14 A1
When technology is used in
performing a professional
activity for an audit client, the
requirements in paragraphs
R400.13 and R400.14 apply
regardless of the nature or
extent of such use.
Rationale
• Acknowledges that use of
technology (e.g. intelligent
agents) could, in substance,
assume management
responsibility
• Reminder that the prohibition
on assuming management
responsibility applies,
regardless of the extent to
which technology is used
31. Non-financial Reporting
900.1This Part applies to
assurance engagements other
than audit engagements and
review engagements. Examples
of such engagements include: …
• Assurance on an entity’s non-
financial information, for
example, environmental, social
and governance disclosures,
including greenhouse gas
statements.
• …
Rationale
• Explicitly acknowledge
that the IIS that apply to
assurance
engagements are
applicable to assurance
engagements on non-
financial information, for
example, environmental,
social, and governance
(ESG) disclosures
34. For ref – Overview of Specific NAS Prohibitions
* Prohibited when a self-review threat might be created
Specific NAS
prohibitions
• Certain tax services Subsection 604
• When the effectiveness of the service depends on a
particular accounting treatment or presentation in the
financial statements:
‒ Tax advisory and tax planning services R604.13
‒ Corporate finance services R610.6
• Recruiting services R609.5-R609.6
• Promoting, dealing in, or underwriting the shares,
debt or other financial instruments issued by the audit
client or providing advice on investment in such
shares, debt or other financial instruments R610.5
• Accounting and bookkeeping services* R601.6
• Valuation services* R603.5
• Acting as an expert witness R607.9
• Legal advice* R608.9
• Acting in an advocacy role R608.11
All
Audit
Clients
PIE
Audit
Clients
2-MINUTE
VIDEO
AVAILABLE
Note:
Preparing statutory
financial statements
and acting as an expert
witness in relation to a
class action are not
prohibited in certain
specific circumstances
and provided specific
conditions have been
met R601.7, 607.7
A3(a)
Effective December
2022
35. For ref – Prohibited Tax Services
Prohibited
• Tax service or transaction relating to marketing, planning, or opining
in favor of a tax treatment that was initially recommended, by the firm
or network firm, and a significant purpose of the tax treatment or
transaction is tax avoidance (for all audit clients) R604.4
• Tax advisory and tax planning services when effectiveness of advice
is dependent on a particular accounting treatment or presentation in
the financial statements… (for all audit clients) R604.13
• Tax calculation for the purpose of preparing accounting entities (for
PIEs only) R604.10
• Acting as an advocate before a tribunal or court in the resolution of a
tax matter (for PIEs only) R604.26
Prohibited for PIEs when a SRT might be created
• Tax advisory and tax planning services R604.15
• Tax involving valuations R604.19
• Assistance in resolution of tax disputes R604.24
Not Prohibited: Tax return preparation 604.5 A1 to 604.6 A1
Note: In limited circumstances—the provision
of certain types of tax services are not
prohibited—only if specific conditions have
been met. R604.4, 604.12 A2, 604.17 A3
Effective December
2022
36. For ref – Prohibited NAS due to Advocacy
Prohibited for All Audit Clients
• Marketing, planning, or opining in favor of a tax treatment that was initially
recommended, directly or indirectly, by the firm or network firm, and a significant
purpose of the tax treatment or transaction is tax avoidance, unless the firm is
confident that the proposed treatment has a basis in applicable tax law or
regulation that is likely to prevail. R604.4
• Acting as an advocate before a tribunal or court to resolve a tax matter, dispute or
litigation R604.26 and R608.11
• Acting as an expert witness unless appointed by a tribunal or court. (R607.9) There
are specific provisions that govern acting as an expert witness in a class action.
• Serving as General Counsel R608.9
• Promoting, dealing in, or underwriting the shares, debt or other financial
instruments issued by the audit client or providing advice on investment in such
shares, debt or other financial instruments R610.5
Effective December
2022