IT Governance and Internal Controls Continues
Choose one topic of interest to you and discuss
1. Define and discuss examples of physical and logical security measures often used by organizations in computer operations.
2. Here are five organization level controls related to IS/IT. Define and give examples for at least two. Together, let's cover them all: (1) personnel policies; (2) ?le security controls; (3) business continuity planning; (4) computer facility controls; and (5) access to computer ?les.
3. The purpose of application controls is to prevent, detect, and correct errors and irregularities in processing transactions and fall into the categories of 1) input controls, 2) processing controls and 3) output controls. Define and give examples for at least two. Together, let's cover them all.
Post your responses in the attached topics. Be careful in following the conversation threads.
COSO vs COBIT
From your readings this week and additional research, how is ISACA's Cobit framework different or similar to the COSO framework we discussed previously?
What are the Authors Thinking -
We should be concerned what auditors are thinking about when they audit our systems since we are held in compliance. Review PowerPoint - Chapter 11, Auditing ERP under Course Content and share any comments related to what you find interesting.
OPTIONAL: CGEIT Career Path
We discussed earlier the issue of IT Governance with ERP systems and the importance of strategic alignment, value delivery, risk management and performance management. ISACA offers a certification in the area of enterprise IT governance, for which your skills as financial and IT managers are uniquely suited. Visit ISACA's CGEIT to learn more. Please feel free to share any comments on the certification. Does it seem worthwhile? Do you know anyone who has it? Could you see yourself pursuing one?