This document details the results of an audit to assess Information Technology (IT) governance and organizational structure against best practices based COBIT framework, determine the status of implementation of the Information and Communication Technology Strategy (ICT Strategy), and identify areas of ICT that require management’s attention in order to bring them in line with best practice.
This IT self assessment tool can be used to identify gaps in capability and create the baseline for a benchmark against Cobit’s standards for best practice and identify opportunities for improvement.
This presentation introduces the IT Governance framework COBIT 4.1. Although dated, it provides a good overview of IT Governance using COBIT.
This presentation provides an overview of cyber forensics – what is forensics? what is cyber forensics? who uses cyber forensics? what are the skills needed for cyber forensics?
The purpose of this report is to provide an independent assurance to government projects but its lessons are universally applicable – the same assurance discipline can be applied to IT investments.
This presentation reviews the state of IT Governance at state agencies with very good discussion on 1) what is good IT governance 2) what are some IT Governance models 3) what are governance challenges?
This presentation discusses the planning and implementation of an IT audit – what are the key considerations? how to address the requirements of an IT Audit?
This presentation provides an overview of Statement on Auditing Standards aka SAS 70 auditing standard – what is SAS 70 report? what is the terminology used? how to perform a SAS 70 audit? what are the key considerations? how to use a SAS 70 report? how to evaluate a SAS 70 report?
This presentation provides an overview of the general IT audit approach at visa and discusses standardization, audit exception reporting and audit issue remediation processes.
This presentation defines and clarifies the role, mission and charter of the internal audit function then describes its reporting structure and relationships with key stakeholders. It discusses best practices for executive reporting, risk assessment, life cycle and methodology and how to perform risk based and computer assisted audits.