Transcription of Information Technology Risk and Controls
{{id}} {{{paragraph}}}
IPPF Practice Guide Information Technology Risk and Controls 2nd Edition 120366 1 3/28/12 2:18 PM. B. A. h d 1. t u d T. a p A. T. C. Cop 120366 2 3/28/12 2:18 PM. Global Technology Audit Guide (GTAG ) 1. Information Technology Risk and Controls 2nd Edition March 2012. 120366 1 3/28/12 2:17 PM. 120366 2 3/28/12 2:17 PM. GTAG Table of Contents Executive 1. 2. Introduction to the Basis of IT-related Business risks and 3. Internal Stakeholders and IT 4. Analyzing 5. Assessing IT An 6. Understanding the Importance of IT 7. IT Audit Competencies and 8. Use of control 9. 10. Authors & 11. Appendix: IT Control Framework 1. 120366 1 3/28/12 2:17 PM. GTAG Executive Summary Executive Summary This GTAG helps chief auditing executives (CAEs) and internal auditors keep pace with the ever-changing and sometimes complex world of IT by providing resources written for business executives not IT executives. Both management and the Board have an expectation that the internal audit activity provides assurance around all-impor- tant risks , including those introduced or enabled by the implementation of IT.
people, processes, infrastructure, and enterprise risk environ - ment that exists and should be managed as a whole by the organization. Internal auditors need to understand the range of controls available for mitigating IT risks. The controls can be thought of as existing within a hierarchy that relies on the oper-
Domain:
Source:
Link to this page:
Please notify us if you found a problem with this document:
{{id}} {{{paragraph}}}