Robert E. Davis's Blog, page 6

Organizationally, governance is the system by which entities are directed and controlled. "Potential stakeholders usually rely upon governance elements prior to investing their time, talent, and/or money." Leadership, stewardship, ethics...

[image error]

Abstraction levels are developed based on perceived usefulness. Second-tier Governance Tree information nodes can be viewed in the context of programs, systems, and processes. Pragmatically, establishment of entity-level governance is a second...

[image error]

Governing an entity mandates management accurately conceptualize organizational development, information criticality, and communication paths. For-profit entities are formulated to generate tangible and intangible wealth for stakeholders while not...

[image error]

Control follow-up are activities pursued when an exception condition is identified and reported as presenting a risk to the entity. As a part of the follow-up activities, the IT auditor normally evaluates whether...

[image error]

IT auditor follow-up activities has been defined "as a process by which they determine the adequacy, effectiveness and timeliness of actions taken by management on reported engagement observations and recommendations, including those made by...

[image error]

While management is responsible for addressing assurance engagement findings and recommendations as well as tracking resolution status; audit is responsible for establishing policies, procedures, standards and rules for follow-up to determine...

[image error]

The final audit report should clearly identify ‘gaps’ in controls and the source of the vulnerabilities. Of the potential vulnerabilities documented in the audit report, it is importance to identify any significant, or material, risks....

[image error]

Through an IT auditor’s efforts, audit findings are facts generated which directly support and evidence conclusions as well as recommendations. Audit findings are also the product of all previously performed audit work related to the audit...

[image error]

Robert E. DavisIT audit area reporting conveys an opinion concerning control adequacy based on planning, studying, testing and evaluating material or significant auditable units. Whether an IT auditor is engaged in direct or attest reporting -- after obtaining...April 27, 2011

Robert E. DavisIT processing of datum has effects on controls and audit trails. Furthermore, IT can induce numerous changes in processing cycles. As a result of these changes, the IT auditor must evaluate the repercussions on the basic characteristics of control...April 20, 2011
[image error]