资源描述:
《GTAG 13 Fraud Prevention and Detection in an Automated World (December 2009)》由会员上传分享,免费在线阅读,更多相关内容在学术论文-天天文库。
1、IPPF–PracticeGuideFraudPreventionandDetectioninanAutomatedWorldGlobalTechnologyAuditGuide(GTAG)WritteninstraightforwardbusinesslanguagetoaddressatimelyissuerelatedtoITmanagement,control,andsecurity,theGTAGseriesservesasareadyresourceforchiefauditexecutivesondiffere
2、nttechnology-associatedrisksandrecommendedpractices.InformationTechnologyControls:TopicsInformationTechnologyOutsourcing:discussedincludeITcontrolconcepts,theDiscusseshowtochoosetherightITFkcloj^qflk Qb`eklildv importanceofITcontrols,theLrqplro`fkdoutsourcingvendor
3、andkeyoutsourcingorganizationalrolesandresponsibilitiesforcontrolconsiderationsfromtheclient’sandensuringeffectiveITcontrols,andriskserviceprovider’soperation.analysisandmonitoringtechniques.ChangeandPatchManagementControls:AuditingApplicationControls:AddressesDesc
4、ribessourcesofchangeandtheirlikelytheconceptofapplicationcontrolanditsChangeandPatchAuditingManagementControls:ApplicationCriticalforimpactonbusinessobjectives,aswellasControlsrelationshipwithgeneralcontrols,aswellasOrganizationalSuccesshowchangeandpatchmanagementh
5、owtoscopearisk-basedapplicationcontrolshelpmanageITrisksandcostsandcontrolreview.whatworksanddoesn’tworkinpractice.ContinuousAuditing:AddressestheroleIdentityandAccessManagement:Coversofcontinuousauditingintoday’sinternalkeyconceptssurroundingidentityandContinuousA
6、uditing:IdentityandAccessImplicationsforAssurance,ManagementMonitoring,andauditenvironment;therelationshipofaccessmanagement(IAM),risksassociatedRiskAssessmentcontinuousauditing,continuouswithIAMprocess,detailedguidanceonmonitoring,andcontinuousassurance;andhowtoau
7、ditIAMprocesses,andasampletheapplicationandimplementationofchecklistforauditors.continuousauditing.ManagementofITAuditing:DiscussesBusinessContinuityManagement:DefinesIT-relatedrisksanddefinestheITauditbusinesscontinuitymanagement(BCM),BusinessContinuityManagemento
8、fITAuditinguniverse,aswellashowtoexecuteandManagementdiscussesbusinessrisk,andincludesamanagetheITauditprocess.detaileddiscussionofBCMprogramrequ