Hey Guru
Our examiner is asking about the “scope” of our IT audits. What is
Read the rest of the article
Ask the Guru: The IT Audit “Scope”
Read the rest of the article
Read the rest of the article
The Problem with PEN Tests
This is a true story, the names have been changed to protect the guilty. Al Akazam (not his real name) is an IT consultant with a solid background in
Read the rest of the article
Read the rest of the article
Bank Directors and Officers targeted in 2011
The final numbers are in for 2011, and it was a record year for Director
…Read the rest of the article
Access Rights a frequent finding
In reviewing recent audit and examination findings, the issue of access rights and permissions is
…Read the rest of the article
Audits vs. Examinations
As I speak with those in financial institutions responsible for responding to audit and examination
…Read the rest of the article
Using Technology to Drive Compliance
In the past year to year and a half, nearly all of the IT examination
…Read the rest of the article
The Control Self-Assessment (CSA)
If there was a process that was mentioned 43 times in 7 of the 12
…Read the rest of the article
IT Composite Ratings: 1 vs. 2
In a recent survey conducted with our customers, we asked them to tell us (anonymously)
…Read the rest of the article
Auditor rotation – pro and con
The practice of periodically changing, or rotating, your external auditor has been a topic of interest with our customers lately, and there are two schools of thought on this. The pro-rotation side takes the position that a different set of eyes...
Top 5 Compliance Trends for 2011 – Part 2
A recent survey of auditors and examiners asked:
During the past year, in which category would you say MOST of your IT audit/exam findings occurred?