SlideShare una empresa de Scribd logo

Harnessing Information Systems Audit towards Good Corporate Governance

Goutama Bachtiar
Goutama Bachtiar

Delivered as a guest lecture session for Trisakti Accounting Master program attending by their postgraduate and undergraduate students.

EmpresarialesTecnología
1 de 37
Descargar para leer sin conexión
Today’s Agenda Redefining IS Audit What’s trending in the sphere Why it’s getting important Calling for Good Corporate Governance How IS plays its part Audit Committee should… 3/11/2014 1
Redefining IS Audit  Activities of collecting and evaluating evidence of Information Systems, practices, and operations within an organization  Purpose: Evaluating system's internal control design and effectiveness  Objective: safeguarding assets, maintaining data integrity, operating effectively to achieve organization goals and objectives  Performed in conjunction with financial statement audit, internal audit, or other form of audit 3/11/2014 2
Redefining IS Audit (cont’d)  What should ISAuditor really know about? 1. Management, Planning, and Organization of IS Commencing best IS management practices 2.Technical Infrastructure and Operational Practices Understanding hardware, software and networking technologies 3. Protection of Information Assets Mastering information security management 4. Disaster Recovery and Business Continuity Valuing how IS availability is critical to business 3/11/2014 3
Redefining IS Audit (cont’d) 5. Business Application System Development, Acquisition, Implementation, and Maintenance Valuing core area of IS development 6. Business Process Evaluation and Risk Management Linking business expectations and risks to IS development and deployment 7. IS Audit Process Mastering code of ethics, auditing standards, guidelines, audit methodology, techniques and Control Self-Assessment 3/11/2014 4
Redefining IS Audit (cont’d) 3/11/2014 5
What’s trending in the sphere  Utilization level of CAAT (Computer-Assisted Auditing Techniques) getting higher  Functionality Market leader IDEA analyze, manipulate and interrogate huge quantities of data from business platform or systems  Capability Analyze 2,1 billion rows per an unlimited number of sheets while for example Microsoft Excel 2007’s 1,048,576 rows  Integrity Core data cannot be modified once imported 3/11/2014 6
What’s trending in the sphere (cont’d)  Audit trail/documented proof Record tests performed and log documented proof for audit trail  Suitability Has most of the commonly used audit tests available as ‘one button’ click options  Data assumption/data interpretation Appropriate way in interpreting data imported 3/11/2014 7
What’s trending in the sphere (cont’d)  Accounting, IS and IT audit professionals still tops as one of fastest-growing professions  Marks 22 percent to 30 percent growth estimated for 2008-2018  Organizations are looking for IT audit professionals to assess and recommend ways to mitigate the impacts of today technology risks  All statements cite CNN Money 2012 report. 3/11/2014 8
Why it’s getting important IT plays more strategic role Growing number of IT Budget IT Project and Investment Consumerization of IT Business competition is stiffening The world is getting riskier Driven by professional organization 3/11/2014 9
IT Plays (More) Strategic Role  Organization accommodate it for cost-saving initiative  Capitalize to reach out more prospects, users, customers, consumers, suppliers, vendors and partners  IT literacy level across the globe is increasing  Number of internet adoption and penetration are rising day in and day out  Some companies leverage IT as new revenue streams 3/11/2014 10
Growing Number of IT Budget  IT budget is rising across all continents aggregatively except in Europe as IDC report indicates last year  Particularly found inTelco, Banking, Finance, Internet and IT sectors  Allocation priorities: Infrastructure, hardware, and software  Paradigm shifting: IS/IT is no longer cost but investment  From cost centre to profit centre turn out 3/11/2014 11
IT Project and Investment In relation to the rising budget and strategic role, more and more IT as well as IS project and investment take place Value of project and investment are also climbing Resources getting involved Complexity within the project is rising 3/11/2014 12
Consumerization of IT Highly influenced by mobile devices and computer devices to grab more users Slightly affected by telecommunication operator offering more affordable voice and plan at large Popularity of Bring-Your-Own-Device (BYOD) 3/11/2014 13
Business competition is stiffening Literally and naturally business is becoming more competitive Corporation is more confident in utilizing IT as business-enabler Second wave of mushroomed internet companies driven by SiliconValley start-ups In the flip side, eventually user and customer demands are always evolving 3/11/2014 14
The World is Getting Riskier In a day, most of the time, there is always new risk found, identified, or even more assessed Natural disasters are haunting all the time New virus, worm, trojan, malware and spyware launched every day Hacking, cracking, phreaking and sniffing together with spamming activities never end 3/11/2014 15
Driven by ProfessionalOrganizations  ISACA (c/q Information SystemsAudit andControl Assurance) throughCOBIT (Control of Business and InformationTechnology)  ISACA also urge organization to accommodate IT Governance in implementingCorporateGovernance  IIA (The Institute of InternalAuditors) by accommodating IT (Audit, Risk, Control, Security,Governance) within their domains (PG, GTAG, GAIT) besides InternalAudit Role, InternalAudit Engagement and BusinessAcumen in its framework (GIAC) 3/11/2014 16
Calling for Good CorporateGovernance Revisiting Good Corporate Governance (GCG) Corporate vs Enterprise Governance Regulatory Compliance Understanding its Requirements Possible Deployment Models 3/11/2014 17
Revisiting GCG Consists of the governance structure defining distribution of rights and responsibilities among stakeholders Stakeholders: BoD, shareholders, auditors, regulators, and others Specifies rules and procedures for making decisions in corporate affairs 3/11/2014 18
Revisiting GCG (cont’d) Purpose: mechanism for monitoring actions, policies and decisions within an organization Ownership: BoD, Audit Committee, and other supervisory committee Most direct benefit is to non- executive/management shareholders 3/11/2014 19
Revisiting GCG (cont’d)  Concrete implementation  Two-tiered Board of Directors (BoD) Executive Board (‘EB’, company executives) runs daily operations Supervisory Board (non-executive directors) Represent shareholders and employees: hires and fires EB members, determines their compensation, and reviews major business decisions 3/11/2014 20
Revisiting GCG (cont’d) Concrete implementation Single-tiered Board of Directors (BoD) Dominated by non-executive directors elected by shareholders hold key posts, including audit and compensation committees In UK, CEO doesn’t serve as Chairman of BoD while in the U.S, it’s quite commonly found 3/11/2014 21
Corporate vs EnterpriseGovernance  Enterprise governance applies to full scope of the organization regardless of the industry  For instances:Government encompassing all ministries; private sector encompassing all subsidiaries; military encompassing air, water, land forces  Constitutes the entire accountability framework of an organization  Conformance (corporate governance): governance structures and accountability assignment  Performance (business governance): strategy definition and value creation to help BoD make strategic decisions, take risks and key performance drivers 3/11/2014 22
Ever since Corporate Scandals…  High-profile collapses of Enron and MCI Inc in 2001–2002 while most of them involved accounting fraud  Drawn public and regulator interest in releasing newAct and Laws: Sarbanes-OxleyAct (Sarbox or SOX) in 2002  By now most of implementation is based onThe Cadbury Report (UK, 1992), OECD’s Principles ofCorporate Governance (1998 and 2004) and US SOX  Cadbury and OECD features general principles businesses expected to operate to assure proper governance  SOX legislates several principles recommended by two frameworks above 3/11/2014 23
Regulatory Compliance  Sarbannes-Oaxley Auditor to review financial statement and issue an opinion CEO and CFO attest financial statement Board Audit Committee accommodate financial expert as independent members External audit firms as audit partners to rotate every 5 years Not provide certain types of assurance consulting services  UK Bribery Act in 2010 Illegal to bribe government/private citizens or making facilitating payment Requires corporations to establish controls to prevent bribery3/11/2014 24
Regulatory Compliance (cont’d) Indonesia Pedoman Umum GoodCorporate Governance from Komite Nasional UU No. 40 of 2007 on Private Limited and GCG practices Regulation form Ministry of state-owned No. PER-09/MBU/2012 onGCG implementation for state-owned enterprises 3/11/2014 25
Driving Factors  Indonesia Case  International Finance Corporation (IFC) highlighting GCG in private sectors  Tied-up with Otoritas Jasa Keuangan (OJK), they develop “CorporateGovernance Road Map” and “IndonesiaCorporate Governance Manual” to identify and tackle problems and challenges on the implementation and its regulations  It covers but not limited to stockholder rights, safeguarding minority stockholders, company management best practice, openness and transparency 3/11/2014 26
Understanding The Requirements  Rights and equitable treatment of shareholders Respect shareholders rights and help shareholders to exercise them  Interests of other stakeholders Legal, contractual, social, and market driven obligations to non-shareholder stakeholders (employees, investors, creditors, suppliers, local communities, customers, and policy makers) 3/11/2014 27
Understanding its Requirements (cont’d)  Role and responsibilities of the board Relevant skills and understanding to review and challenge management performance  Integrity and ethical behavior Fundamental requirement in choosing corporate officers and board members Code of conduct for their directors and executives that promotes ethical and responsible decision making  Disclosure and transparency Publicizes roles and responsibilities of board and management 3/11/2014 28
Possible Deployment Models  OECD Principles oftenly referenced by countries developing local codes or guidelines  UNISAR of Guidance on Good Practices in Corporate Governance Disclosure  Consists of more than 50 disclosure items across 5 broad categories  AUDITING  Board and management structure and process  Corporate responsibility and compliance  Financial transparency and information disclosure  Ownership structure and exercise of control rights 3/11/2014 29
How IS Plays its Part 3/11/2014 30
How IS Plays its Part (cont’d)  GCG involves decision-making, accountability, and monitoring  Decisions require relevant and reliable information  Accountability involves measuring, reporting, and transparency  Monitoring involves systems and feedback  IS Auditor’s primary role is to check whether information systems is reliable, accountable and credible to produce important information 3/11/2014 31
How IS Plays its Part (cont’d) Deploying Risk-based IS Audit Leveraging CAAT & other software Capitalizing frameworks of or from:  BSMR (Badan Sertifikasi Manajemen Resiko)  ISO31000 on ERM (Enterprise Risk Management)  ISACA’s Risk IT and COBIT  PMI’s PMBOK  SOX  IIA Framework 3/11/2014 32
How IS Plays its Part (cont’d) Always be mindful that auditing involves PUBLIC responsibility that is more important than relationship with CLIENT Auditors must express their view on the appropriateness – not just acceptability – of IS principles used or proposed to be used Reveal the transparency and completeness of the disclosures 3/11/2014 33
Audit Committee Should…  Accommodate mainly non-executive directors (all have finance & accounting backgrounds and expertise)  Approve appointment of auditors  Establish the audit fees  Approve all non-audit services provided by auditors  Meet with the auditor independently of the rest of the board 3/11/2014 34
Q & A 3/11/2014 Your Logo
THANK YOU!

Recomendados

Us dept of veteran affairs transforms IT
Us dept of veteran affairs transforms ITUs dept of veteran affairs transforms IT
Us dept of veteran affairs transforms ITVishal Sharma
 
IT Optimization: Navigation Fiscal Austerity
IT Optimization: Navigation Fiscal AusterityIT Optimization: Navigation Fiscal Austerity
IT Optimization: Navigation Fiscal AusterityOmar Toor
 
Protiviti Australia Webinar IT Priorities Survey 2015
Protiviti Australia Webinar IT Priorities Survey 2015Protiviti Australia Webinar IT Priorities Survey 2015
Protiviti Australia Webinar IT Priorities Survey 2015Grant Barker
 
Chapter 1 financial regulations in hong kong
Chapter 1 financial regulations in hong kongChapter 1 financial regulations in hong kong
Chapter 1 financial regulations in hong kongQuan Risk
 
Chapter 3 insurance regulations
Chapter 3 insurance regulationsChapter 3 insurance regulations
Chapter 3 insurance regulationsQuan Risk
 
Loss Exposure Trends Asset Managers and Funds
Loss Exposure Trends Asset Managers and FundsLoss Exposure Trends Asset Managers and Funds
Loss Exposure Trends Asset Managers and FundsWendy J. Dowd, CFA
 
Financial Impact Analysis: A Window into the Business Impact of ICD-10
Financial Impact Analysis: A Window into the Business Impact of ICD-10Financial Impact Analysis: A Window into the Business Impact of ICD-10
Financial Impact Analysis: A Window into the Business Impact of ICD-10Cognizant
 
Khazi Sox A
Khazi Sox AKhazi Sox A
Khazi Sox Aahmedjeelani
 

Recomendados

Us dept of veteran affairs transforms IT
Us dept of veteran affairs transforms ITUs dept of veteran affairs transforms IT
Us dept of veteran affairs transforms ITVishal Sharma
 
IT Optimization: Navigation Fiscal Austerity
IT Optimization: Navigation Fiscal AusterityIT Optimization: Navigation Fiscal Austerity
IT Optimization: Navigation Fiscal AusterityOmar Toor
 
Protiviti Australia Webinar IT Priorities Survey 2015
Protiviti Australia Webinar IT Priorities Survey 2015Protiviti Australia Webinar IT Priorities Survey 2015
Protiviti Australia Webinar IT Priorities Survey 2015Grant Barker
 
Chapter 1 financial regulations in hong kong
Chapter 1 financial regulations in hong kongChapter 1 financial regulations in hong kong
Chapter 1 financial regulations in hong kongQuan Risk
 
Chapter 3 insurance regulations
Chapter 3 insurance regulationsChapter 3 insurance regulations
Chapter 3 insurance regulationsQuan Risk
 
Loss Exposure Trends Asset Managers and Funds
Loss Exposure Trends Asset Managers and FundsLoss Exposure Trends Asset Managers and Funds
Loss Exposure Trends Asset Managers and FundsWendy J. Dowd, CFA
 
Financial Impact Analysis: A Window into the Business Impact of ICD-10
Financial Impact Analysis: A Window into the Business Impact of ICD-10Financial Impact Analysis: A Window into the Business Impact of ICD-10
Financial Impact Analysis: A Window into the Business Impact of ICD-10Cognizant
 
Khazi Sox A
Khazi Sox AKhazi Sox A
Khazi Sox Aahmedjeelani
 
Challenging roles of a ca
Challenging roles of a caChallenging roles of a ca
Challenging roles of a cariteshk007
 
Ch 1 notes the is an accountants perspective
Ch 1 notes the is an accountants perspectiveCh 1 notes the is an accountants perspective
Ch 1 notes the is an accountants perspectiveBernadette Ramos
 
Chapter 5 financial compliance programme
Chapter 5 financial compliance programmeChapter 5 financial compliance programme
Chapter 5 financial compliance programmeQuan Risk
 
It62015 slides
It62015 slidesIt62015 slides
It62015 slidesJim Kaplan CIA CFE
 
Chapter 6 aml compliance programme
Chapter 6 aml compliance programmeChapter 6 aml compliance programme
Chapter 6 aml compliance programmeQuan Risk
 
Ethics for Internal Auditors
Ethics for Internal AuditorsEthics for Internal Auditors
Ethics for Internal AuditorsJim Kaplan CIA CFE
 
Alternative Finance Briefing Paper - Simon Deane-Johns 27 01 12
Alternative Finance Briefing Paper - Simon Deane-Johns 27 01 12Alternative Finance Briefing Paper - Simon Deane-Johns 27 01 12
Alternative Finance Briefing Paper - Simon Deane-Johns 27 01 12Simon Deane-Johns
 
Implementing and Auditing General Data Protection Regulation
Implementing and Auditing General Data Protection RegulationImplementing and Auditing General Data Protection Regulation
Implementing and Auditing General Data Protection RegulationJim Kaplan CIA CFE
 
July 15 Presentation to Transition Advisroy Team on Procurement
July 15 Presentation to Transition Advisroy Team on ProcurementJuly 15 Presentation to Transition Advisroy Team on Procurement
July 15 Presentation to Transition Advisroy Team on ProcurementLSU Communications & University Relations
 
Visualize audit sampling and fraud detection in excel
Visualize audit sampling and fraud detection in excelVisualize audit sampling and fraud detection in excel
Visualize audit sampling and fraud detection in excelJim Kaplan CIA CFE
 
Forensic and investigating audit reporting
Forensic and investigating audit reportingForensic and investigating audit reporting
Forensic and investigating audit reportingJim Kaplan CIA CFE
 
Acc 490 entire course
Acc 490 entire courseAcc 490 entire course
Acc 490 entire courseacatnicy1981
 
Making Connections
Making ConnectionsMaking Connections
Making ConnectionsTina Jordan
 
The secrets of learning, training and assessments in regulatory compliance
The secrets of learning, training and assessments in regulatory complianceThe secrets of learning, training and assessments in regulatory compliance
The secrets of learning, training and assessments in regulatory complianceThomas Jenewein
 
Governance and Management of Enterprise IT with COBIT 5 Framework
Governance and Management of Enterprise IT with COBIT 5 FrameworkGovernance and Management of Enterprise IT with COBIT 5 Framework
Governance and Management of Enterprise IT with COBIT 5 FrameworkGoutama Bachtiar
 
Spire Brief - Risk Consulting
Spire Brief - Risk ConsultingSpire Brief - Risk Consulting
Spire Brief - Risk ConsultingPrashant Jain
 
WIRC-IFC.pdf
WIRC-IFC.pdfWIRC-IFC.pdf
WIRC-IFC.pdfSmitVithalani4
 
Data Analytics for Auditors Analysis and Monitoring
Data Analytics for Auditors Analysis and MonitoringData Analytics for Auditors Analysis and Monitoring
Data Analytics for Auditors Analysis and MonitoringJim Kaplan CIA CFE
 
Effective Internal Controls over Financial Reporting with Business Process Ou...
Effective Internal Controls over Financial Reporting with Business Process Ou...Effective Internal Controls over Financial Reporting with Business Process Ou...
Effective Internal Controls over Financial Reporting with Business Process Ou...RNayak3
 
Effective Internal Controls over Financial Reporting with Business Process Ou...
Effective Internal Controls over Financial Reporting with Business Process Ou...Effective Internal Controls over Financial Reporting with Business Process Ou...
Effective Internal Controls over Financial Reporting with Business Process Ou...RNayak3
 
Fa group assignment (2017) dialog axiata plc
Fa group assignment (2017) dialog axiata plcFa group assignment (2017) dialog axiata plc
Fa group assignment (2017) dialog axiata plcUdeesha Kadanage
 
Outsourcing vs insourcing best for your organization (1)
Outsourcing vs insourcing best for your organization (1)Outsourcing vs insourcing best for your organization (1)
Outsourcing vs insourcing best for your organization (1)IAEME Publication
 

Más contenido relacionado

La actualidad más candente

Challenging roles of a ca
Challenging roles of a caChallenging roles of a ca
Challenging roles of a cariteshk007
 
Ch 1 notes the is an accountants perspective
Ch 1 notes the is an accountants perspectiveCh 1 notes the is an accountants perspective
Ch 1 notes the is an accountants perspectiveBernadette Ramos
 
Chapter 5 financial compliance programme
Chapter 5 financial compliance programmeChapter 5 financial compliance programme
Chapter 5 financial compliance programmeQuan Risk
 
Chapter 6 aml compliance programme
Chapter 6 aml compliance programmeChapter 6 aml compliance programme
Chapter 6 aml compliance programmeQuan Risk
 
Alternative Finance Briefing Paper - Simon Deane-Johns 27 01 12
Alternative Finance Briefing Paper - Simon Deane-Johns 27 01 12Alternative Finance Briefing Paper - Simon Deane-Johns 27 01 12
Alternative Finance Briefing Paper - Simon Deane-Johns 27 01 12Simon Deane-Johns
 
Implementing and Auditing General Data Protection Regulation
Implementing and Auditing General Data Protection RegulationImplementing and Auditing General Data Protection Regulation
Implementing and Auditing General Data Protection RegulationJim Kaplan CIA CFE
 
Visualize audit sampling and fraud detection in excel
Visualize audit sampling and fraud detection in excelVisualize audit sampling and fraud detection in excel
Visualize audit sampling and fraud detection in excelJim Kaplan CIA CFE
 
Forensic and investigating audit reporting
Forensic and investigating audit reportingForensic and investigating audit reporting
Forensic and investigating audit reportingJim Kaplan CIA CFE
 
Acc 490 entire course
Acc 490 entire courseAcc 490 entire course
Acc 490 entire courseacatnicy1981
 

La actualidad más candente (12)

Challenging roles of a ca
Challenging roles of a caChallenging roles of a ca
Challenging roles of a ca
 
Ch 1 notes the is an accountants perspective
Ch 1 notes the is an accountants perspectiveCh 1 notes the is an accountants perspective
Ch 1 notes the is an accountants perspective
 
Chapter 5 financial compliance programme
Chapter 5 financial compliance programmeChapter 5 financial compliance programme
Chapter 5 financial compliance programme
 
It62015 slides
It62015 slidesIt62015 slides
It62015 slides
 
Chapter 6 aml compliance programme
Chapter 6 aml compliance programmeChapter 6 aml compliance programme
Chapter 6 aml compliance programme
 
Ethics for Internal Auditors
Ethics for Internal AuditorsEthics for Internal Auditors
Ethics for Internal Auditors
 
Alternative Finance Briefing Paper - Simon Deane-Johns 27 01 12
Alternative Finance Briefing Paper - Simon Deane-Johns 27 01 12Alternative Finance Briefing Paper - Simon Deane-Johns 27 01 12
Alternative Finance Briefing Paper - Simon Deane-Johns 27 01 12
 
Implementing and Auditing General Data Protection Regulation
Implementing and Auditing General Data Protection RegulationImplementing and Auditing General Data Protection Regulation
Implementing and Auditing General Data Protection Regulation
 
July 15 Presentation to Transition Advisroy Team on Procurement
July 15 Presentation to Transition Advisroy Team on ProcurementJuly 15 Presentation to Transition Advisroy Team on Procurement
July 15 Presentation to Transition Advisroy Team on Procurement
 
Visualize audit sampling and fraud detection in excel
Visualize audit sampling and fraud detection in excelVisualize audit sampling and fraud detection in excel
Visualize audit sampling and fraud detection in excel
 
Forensic and investigating audit reporting
Forensic and investigating audit reportingForensic and investigating audit reporting
Forensic and investigating audit reporting
 
Acc 490 entire course
Acc 490 entire courseAcc 490 entire course
Acc 490 entire course
 

Similar a Harnessing Information Systems Audit towards Good Corporate Governance

Making Connections
Making ConnectionsMaking Connections
Making ConnectionsTina Jordan
 
The secrets of learning, training and assessments in regulatory compliance
The secrets of learning, training and assessments in regulatory complianceThe secrets of learning, training and assessments in regulatory compliance
The secrets of learning, training and assessments in regulatory complianceThomas Jenewein
 
Governance and Management of Enterprise IT with COBIT 5 Framework
Governance and Management of Enterprise IT with COBIT 5 FrameworkGovernance and Management of Enterprise IT with COBIT 5 Framework
Governance and Management of Enterprise IT with COBIT 5 FrameworkGoutama Bachtiar
 
Spire Brief - Risk Consulting
Spire Brief - Risk ConsultingSpire Brief - Risk Consulting
Spire Brief - Risk ConsultingPrashant Jain
 
Data Analytics for Auditors Analysis and Monitoring
Data Analytics for Auditors Analysis and MonitoringData Analytics for Auditors Analysis and Monitoring
Data Analytics for Auditors Analysis and MonitoringJim Kaplan CIA CFE
 
Effective Internal Controls over Financial Reporting with Business Process Ou...
Effective Internal Controls over Financial Reporting with Business Process Ou...Effective Internal Controls over Financial Reporting with Business Process Ou...
Effective Internal Controls over Financial Reporting with Business Process Ou...RNayak3
 
Effective Internal Controls over Financial Reporting with Business Process Ou...
Effective Internal Controls over Financial Reporting with Business Process Ou...Effective Internal Controls over Financial Reporting with Business Process Ou...
Effective Internal Controls over Financial Reporting with Business Process Ou...RNayak3
 
Fa group assignment (2017) dialog axiata plc
Fa group assignment (2017) dialog axiata plcFa group assignment (2017) dialog axiata plc
Fa group assignment (2017) dialog axiata plcUdeesha Kadanage
 
Outsourcing vs insourcing best for your organization (1)
Outsourcing vs insourcing best for your organization (1)Outsourcing vs insourcing best for your organization (1)
Outsourcing vs insourcing best for your organization (1)IAEME Publication
 
Chapter 15Learning ObjectivesElements of a h
Chapter 15Learning ObjectivesElements of a hChapter 15Learning ObjectivesElements of a h
Chapter 15Learning ObjectivesElements of a hEstelaJeffery653
 
Top Internal Audit Priorities for Financial Services Organizations, 2016
Top Internal Audit Priorities for Financial Services Organizations, 2016Top Internal Audit Priorities for Financial Services Organizations, 2016
Top Internal Audit Priorities for Financial Services Organizations, 2016jennyhollingworth
 
The Sarbanes Oxley ( Sox ) Act
The Sarbanes Oxley ( Sox ) ActThe Sarbanes Oxley ( Sox ) Act
The Sarbanes Oxley ( Sox ) ActDana Boo
 
Cost benefit analysis vs confidentiality
Cost benefit analysis vs confidentialityCost benefit analysis vs confidentiality
Cost benefit analysis vs confidentialityPrithvi Ghag
 
Chapter 12IT Strategy and Balanced ScorecardPrepared b.docx
Chapter 12IT Strategy and Balanced ScorecardPrepared b.docxChapter 12IT Strategy and Balanced ScorecardPrepared b.docx
Chapter 12IT Strategy and Balanced ScorecardPrepared b.docxketurahhazelhurst
 
Chapter 12IT Strategy and Balanced ScorecardPrepared b.docx
Chapter 12IT Strategy and Balanced ScorecardPrepared b.docxChapter 12IT Strategy and Balanced ScorecardPrepared b.docx
Chapter 12IT Strategy and Balanced ScorecardPrepared b.docxzebadiahsummers
 
Chapter 12IT Strategy and Balanced ScorecardPrepared b.docx
Chapter 12IT Strategy and Balanced ScorecardPrepared b.docxChapter 12IT Strategy and Balanced ScorecardPrepared b.docx
Chapter 12IT Strategy and Balanced ScorecardPrepared b.docxcravennichole326
 
Visual Risk Iq + Audimation Deck For Charlotte Iia For Pdf Only
Visual Risk Iq + Audimation Deck For Charlotte Iia For Pdf OnlyVisual Risk Iq + Audimation Deck For Charlotte Iia For Pdf Only
Visual Risk Iq + Audimation Deck For Charlotte Iia For Pdf OnlyJoe Oringel
 
Control and audit of information System (hendri eka saputra)
Control and audit of information System (hendri eka saputra)Control and audit of information System (hendri eka saputra)
Control and audit of information System (hendri eka saputra)Hendri Eka Saputra
 

Similar a Harnessing Information Systems Audit towards Good Corporate Governance (20)

Making Connections
Making ConnectionsMaking Connections
Making Connections
 
The secrets of learning, training and assessments in regulatory compliance
The secrets of learning, training and assessments in regulatory complianceThe secrets of learning, training and assessments in regulatory compliance
The secrets of learning, training and assessments in regulatory compliance
 
Governance and Management of Enterprise IT with COBIT 5 Framework
Governance and Management of Enterprise IT with COBIT 5 FrameworkGovernance and Management of Enterprise IT with COBIT 5 Framework
Governance and Management of Enterprise IT with COBIT 5 Framework
 
Spire Brief - Risk Consulting
Spire Brief - Risk ConsultingSpire Brief - Risk Consulting
Spire Brief - Risk Consulting
 
WIRC-IFC.pdf
WIRC-IFC.pdfWIRC-IFC.pdf
WIRC-IFC.pdf
 
Data Analytics for Auditors Analysis and Monitoring
Data Analytics for Auditors Analysis and MonitoringData Analytics for Auditors Analysis and Monitoring
Data Analytics for Auditors Analysis and Monitoring
 
Effective Internal Controls over Financial Reporting with Business Process Ou...
Effective Internal Controls over Financial Reporting with Business Process Ou...Effective Internal Controls over Financial Reporting with Business Process Ou...
Effective Internal Controls over Financial Reporting with Business Process Ou...
 
Effective Internal Controls over Financial Reporting with Business Process Ou...
Effective Internal Controls over Financial Reporting with Business Process Ou...Effective Internal Controls over Financial Reporting with Business Process Ou...
Effective Internal Controls over Financial Reporting with Business Process Ou...
 
Fa group assignment (2017) dialog axiata plc
Fa group assignment (2017) dialog axiata plcFa group assignment (2017) dialog axiata plc
Fa group assignment (2017) dialog axiata plc
 
Outsourcing vs insourcing best for your organization (1)
Outsourcing vs insourcing best for your organization (1)Outsourcing vs insourcing best for your organization (1)
Outsourcing vs insourcing best for your organization (1)
 
Chapter 15Learning ObjectivesElements of a h
Chapter 15Learning ObjectivesElements of a hChapter 15Learning ObjectivesElements of a h
Chapter 15Learning ObjectivesElements of a h
 
Top Internal Audit Priorities for Financial Services Organizations, 2016
Top Internal Audit Priorities for Financial Services Organizations, 2016Top Internal Audit Priorities for Financial Services Organizations, 2016
Top Internal Audit Priorities for Financial Services Organizations, 2016
 
The Sarbanes Oxley ( Sox ) Act
The Sarbanes Oxley ( Sox ) ActThe Sarbanes Oxley ( Sox ) Act
The Sarbanes Oxley ( Sox ) Act
 
Cost benefit analysis vs confidentiality
Cost benefit analysis vs confidentialityCost benefit analysis vs confidentiality
Cost benefit analysis vs confidentiality
 
Chapter 12IT Strategy and Balanced ScorecardPrepared b.docx
Chapter 12IT Strategy and Balanced ScorecardPrepared b.docxChapter 12IT Strategy and Balanced ScorecardPrepared b.docx
Chapter 12IT Strategy and Balanced ScorecardPrepared b.docx
 
Chapter 12IT Strategy and Balanced ScorecardPrepared b.docx
Chapter 12IT Strategy and Balanced ScorecardPrepared b.docxChapter 12IT Strategy and Balanced ScorecardPrepared b.docx
Chapter 12IT Strategy and Balanced ScorecardPrepared b.docx
 
Chapter 12IT Strategy and Balanced ScorecardPrepared b.docx
Chapter 12IT Strategy and Balanced ScorecardPrepared b.docxChapter 12IT Strategy and Balanced ScorecardPrepared b.docx
Chapter 12IT Strategy and Balanced ScorecardPrepared b.docx
 
Visual Risk Iq + Audimation Deck For Charlotte Iia For Pdf Only
Visual Risk Iq + Audimation Deck For Charlotte Iia For Pdf OnlyVisual Risk Iq + Audimation Deck For Charlotte Iia For Pdf Only
Visual Risk Iq + Audimation Deck For Charlotte Iia For Pdf Only
 
Mcs report
Mcs reportMcs report
Mcs report
 
Control and audit of information System (hendri eka saputra)
Control and audit of information System (hendri eka saputra)Control and audit of information System (hendri eka saputra)
Control and audit of information System (hendri eka saputra)
 

Más de Goutama Bachtiar

Crypto Currency, Bitcoin and Blockchain
Crypto Currency, Bitcoin and BlockchainCrypto Currency, Bitcoin and Blockchain
Crypto Currency, Bitcoin and BlockchainGoutama Bachtiar
 
Information Security Management System with ISO/IEC 27000:2018
Information Security Management System with ISO/IEC 27000:2018Information Security Management System with ISO/IEC 27000:2018
Information Security Management System with ISO/IEC 27000:2018Goutama Bachtiar
 
Blockchain Essentials - Harnessing the Technology for Banking Industry
Blockchain Essentials - Harnessing the Technology for Banking IndustryBlockchain Essentials - Harnessing the Technology for Banking Industry
Blockchain Essentials - Harnessing the Technology for Banking IndustryGoutama Bachtiar
 
Leveraging Agile Project Management with Scrum
Leveraging Agile Project Management with ScrumLeveraging Agile Project Management with Scrum
Leveraging Agile Project Management with ScrumGoutama Bachtiar
 
Library of Information Technology Icons
Library of Information Technology IconsLibrary of Information Technology Icons
Library of Information Technology IconsGoutama Bachtiar
 
Dealing with Fraud in E-Banking Sphere
Dealing with Fraud in E-Banking SphereDealing with Fraud in E-Banking Sphere
Dealing with Fraud in E-Banking SphereGoutama Bachtiar
 
IS and IT Auditor Roles in Today's New Economy
IS and IT Auditor Roles in Today's New EconomyIS and IT Auditor Roles in Today's New Economy
IS and IT Auditor Roles in Today's New EconomyGoutama Bachtiar
 
Conducting Digital Forensics against Crime and Fraud
Conducting Digital Forensics against Crime and FraudConducting Digital Forensics against Crime and Fraud
Conducting Digital Forensics against Crime and FraudGoutama Bachtiar
 
Utilizing Internet for Fraud Examination and Investigation
Utilizing Internet for Fraud Examination and InvestigationUtilizing Internet for Fraud Examination and Investigation
Utilizing Internet for Fraud Examination and InvestigationGoutama Bachtiar
 
Managing IT Risks in Internet Banking
Managing IT Risks in Internet BankingManaging IT Risks in Internet Banking
Managing IT Risks in Internet BankingGoutama Bachtiar
 
Electronic Payment Fundamentals: When Tech Embracing Payment Industry
Electronic Payment Fundamentals: When Tech Embracing Payment IndustryElectronic Payment Fundamentals: When Tech Embracing Payment Industry
Electronic Payment Fundamentals: When Tech Embracing Payment IndustryGoutama Bachtiar
 
State of Cyber Crime in Banking Sector Today: Threats and Solutions
State of Cyber Crime in Banking Sector Today: Threats and SolutionsState of Cyber Crime in Banking Sector Today: Threats and Solutions
State of Cyber Crime in Banking Sector Today: Threats and SolutionsGoutama Bachtiar
 
The State of ERP in Indonesia: Trends, Opportunities and Challenges
The State of ERP in Indonesia: Trends, Opportunities and ChallengesThe State of ERP in Indonesia: Trends, Opportunities and Challenges
The State of ERP in Indonesia: Trends, Opportunities and ChallengesGoutama Bachtiar
 
Developing and Managing Business Continuity Plan (BCP)
Developing and Managing Business Continuity Plan (BCP)Developing and Managing Business Continuity Plan (BCP)
Developing and Managing Business Continuity Plan (BCP)Goutama Bachtiar
 
Implementing BPMN 2.0 with Microsoft Visio
Implementing BPMN 2.0 with Microsoft VisioImplementing BPMN 2.0 with Microsoft Visio
Implementing BPMN 2.0 with Microsoft VisioGoutama Bachtiar
 
Understanding IT Strategy, Sourcing and Vendor Relationships
Understanding IT Strategy, Sourcing and Vendor RelationshipsUnderstanding IT Strategy, Sourcing and Vendor Relationships
Understanding IT Strategy, Sourcing and Vendor RelationshipsGoutama Bachtiar
 
Valuing Information Management and IT Architecture
Valuing Information Management and IT ArchitectureValuing Information Management and IT Architecture
Valuing Information Management and IT ArchitectureGoutama Bachtiar
 
Riding and Capitalizing the Next Wave of Information Technology
Riding and Capitalizing the Next Wave of Information TechnologyRiding and Capitalizing the Next Wave of Information Technology
Riding and Capitalizing the Next Wave of Information TechnologyGoutama Bachtiar
 

Más de Goutama Bachtiar (20)

Crypto Currency, Bitcoin and Blockchain
Crypto Currency, Bitcoin and BlockchainCrypto Currency, Bitcoin and Blockchain
Crypto Currency, Bitcoin and Blockchain
 
Information Security Management System with ISO/IEC 27000:2018
Information Security Management System with ISO/IEC 27000:2018Information Security Management System with ISO/IEC 27000:2018
Information Security Management System with ISO/IEC 27000:2018
 
Blockchain Essentials - Harnessing the Technology for Banking Industry
Blockchain Essentials - Harnessing the Technology for Banking IndustryBlockchain Essentials - Harnessing the Technology for Banking Industry
Blockchain Essentials - Harnessing the Technology for Banking Industry
 
Delving into Fintech
Delving into FintechDelving into Fintech
Delving into Fintech
 
Leveraging Agile Project Management with Scrum
Leveraging Agile Project Management with ScrumLeveraging Agile Project Management with Scrum
Leveraging Agile Project Management with Scrum
 
Library of Information Technology Icons
Library of Information Technology IconsLibrary of Information Technology Icons
Library of Information Technology Icons
 
PMBOK 6th vs 5th Edition
PMBOK 6th vs 5th EditionPMBOK 6th vs 5th Edition
PMBOK 6th vs 5th Edition
 
Dealing with Fraud in E-Banking Sphere
Dealing with Fraud in E-Banking SphereDealing with Fraud in E-Banking Sphere
Dealing with Fraud in E-Banking Sphere
 
IS and IT Auditor Roles in Today's New Economy
IS and IT Auditor Roles in Today's New EconomyIS and IT Auditor Roles in Today's New Economy
IS and IT Auditor Roles in Today's New Economy
 
Conducting Digital Forensics against Crime and Fraud
Conducting Digital Forensics against Crime and FraudConducting Digital Forensics against Crime and Fraud
Conducting Digital Forensics against Crime and Fraud
 
Utilizing Internet for Fraud Examination and Investigation
Utilizing Internet for Fraud Examination and InvestigationUtilizing Internet for Fraud Examination and Investigation
Utilizing Internet for Fraud Examination and Investigation
 
Managing IT Risks in Internet Banking
Managing IT Risks in Internet BankingManaging IT Risks in Internet Banking
Managing IT Risks in Internet Banking
 
Electronic Payment Fundamentals: When Tech Embracing Payment Industry
Electronic Payment Fundamentals: When Tech Embracing Payment IndustryElectronic Payment Fundamentals: When Tech Embracing Payment Industry
Electronic Payment Fundamentals: When Tech Embracing Payment Industry
 
State of Cyber Crime in Banking Sector Today: Threats and Solutions
State of Cyber Crime in Banking Sector Today: Threats and SolutionsState of Cyber Crime in Banking Sector Today: Threats and Solutions
State of Cyber Crime in Banking Sector Today: Threats and Solutions
 
The State of ERP in Indonesia: Trends, Opportunities and Challenges
The State of ERP in Indonesia: Trends, Opportunities and ChallengesThe State of ERP in Indonesia: Trends, Opportunities and Challenges
The State of ERP in Indonesia: Trends, Opportunities and Challenges
 
Developing and Managing Business Continuity Plan (BCP)
Developing and Managing Business Continuity Plan (BCP)Developing and Managing Business Continuity Plan (BCP)
Developing and Managing Business Continuity Plan (BCP)
 
Implementing BPMN 2.0 with Microsoft Visio
Implementing BPMN 2.0 with Microsoft VisioImplementing BPMN 2.0 with Microsoft Visio
Implementing BPMN 2.0 with Microsoft Visio
 
Understanding IT Strategy, Sourcing and Vendor Relationships
Understanding IT Strategy, Sourcing and Vendor RelationshipsUnderstanding IT Strategy, Sourcing and Vendor Relationships
Understanding IT Strategy, Sourcing and Vendor Relationships
 
Valuing Information Management and IT Architecture
Valuing Information Management and IT ArchitectureValuing Information Management and IT Architecture
Valuing Information Management and IT Architecture
 
Riding and Capitalizing the Next Wave of Information Technology
Riding and Capitalizing the Next Wave of Information TechnologyRiding and Capitalizing the Next Wave of Information Technology
Riding and Capitalizing the Next Wave of Information Technology
 

Último

APRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfAPRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfRbc Rbcua
 
Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03DallasHaselhorst
 
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCRashishs7044
 
1911 Gold Corporate Presentation Apr 2024.pdf
1911 Gold Corporate Presentation Apr 2024.pdf1911 Gold Corporate Presentation Apr 2024.pdf
1911 Gold Corporate Presentation Apr 2024.pdfShaun Heinrichs
 
PSCC - Capability Statement Presentation
PSCC - Capability Statement PresentationPSCC - Capability Statement Presentation
PSCC - Capability Statement PresentationAnamaria Contreras
 
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCRashishs7044
 
Appkodes Tinder Clone Script with Customisable Solutions.pptx
Appkodes Tinder Clone Script with Customisable Solutions.pptxAppkodes Tinder Clone Script with Customisable Solutions.pptx
Appkodes Tinder Clone Script with Customisable Solutions.pptxappkodes
 
8447779800, Low rate Call girls in Saket Delhi NCR
8447779800, Low rate Call girls in Saket Delhi NCR8447779800, Low rate Call girls in Saket Delhi NCR
8447779800, Low rate Call girls in Saket Delhi NCRashishs7044
 
Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024Kirill Klimov
 
Call Girls Contact Number Andheri 9920874524
Call Girls Contact Number Andheri 9920874524Call Girls Contact Number Andheri 9920874524
Call Girls Contact Number Andheri 9920874524najka9823
 
MAHA Global and IPR: Do Actions Speak Louder Than Words?
MAHA Global and IPR: Do Actions Speak Louder Than Words?MAHA Global and IPR: Do Actions Speak Louder Than Words?
MAHA Global and IPR: Do Actions Speak Louder Than Words?Olivia Kresic
 
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort Service
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort ServiceCall US-88OO1O2216 Call Girls In Mahipalpur Female Escort Service
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort Servicecallgirls2057
 
Church Building Grants To Assist With New Construction, Additions, And Restor...
Church Building Grants To Assist With New Construction, Additions, And Restor...Church Building Grants To Assist With New Construction, Additions, And Restor...
Church Building Grants To Assist With New Construction, Additions, And Restor...Americas Got Grants
 
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptxThe-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptxmbikashkanyari
 
Traction part 2 - EOS Model JAX Bridges.
Traction part 2 - EOS Model JAX Bridges.Traction part 2 - EOS Model JAX Bridges.
Traction part 2 - EOS Model JAX Bridges.Anamaria Contreras
 
Entrepreneurship lessons in Philippines
Entrepreneurship lessons in PhilippinesEntrepreneurship lessons in Philippines
Entrepreneurship lessons in PhilippinesDavidSamuel525586
 
Kenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith PereraKenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith Pereraictsugar
 
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCRashishs7044
 

Último (20)

APRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfAPRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdf
 
Japan IT Week 2024 Brochure by 47Billion (English)
Japan IT Week 2024 Brochure by 47Billion (English)Japan IT Week 2024 Brochure by 47Billion (English)
Japan IT Week 2024 Brochure by 47Billion (English)
 
Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03
 
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
 
1911 Gold Corporate Presentation Apr 2024.pdf
1911 Gold Corporate Presentation Apr 2024.pdf1911 Gold Corporate Presentation Apr 2024.pdf
1911 Gold Corporate Presentation Apr 2024.pdf
 
PSCC - Capability Statement Presentation
PSCC - Capability Statement PresentationPSCC - Capability Statement Presentation
PSCC - Capability Statement Presentation
 
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
 
Appkodes Tinder Clone Script with Customisable Solutions.pptx
Appkodes Tinder Clone Script with Customisable Solutions.pptxAppkodes Tinder Clone Script with Customisable Solutions.pptx
Appkodes Tinder Clone Script with Customisable Solutions.pptx
 
Call Us ➥9319373153▻Call Girls In North Goa
Call Us ➥9319373153▻Call Girls In North GoaCall Us ➥9319373153▻Call Girls In North Goa
Call Us ➥9319373153▻Call Girls In North Goa
 
8447779800, Low rate Call girls in Saket Delhi NCR
8447779800, Low rate Call girls in Saket Delhi NCR8447779800, Low rate Call girls in Saket Delhi NCR
8447779800, Low rate Call girls in Saket Delhi NCR
 
Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024
 
Call Girls Contact Number Andheri 9920874524
Call Girls Contact Number Andheri 9920874524Call Girls Contact Number Andheri 9920874524
Call Girls Contact Number Andheri 9920874524
 
MAHA Global and IPR: Do Actions Speak Louder Than Words?
MAHA Global and IPR: Do Actions Speak Louder Than Words?MAHA Global and IPR: Do Actions Speak Louder Than Words?
MAHA Global and IPR: Do Actions Speak Louder Than Words?
 
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort Service
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort ServiceCall US-88OO1O2216 Call Girls In Mahipalpur Female Escort Service
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort Service
 
Church Building Grants To Assist With New Construction, Additions, And Restor...
Church Building Grants To Assist With New Construction, Additions, And Restor...Church Building Grants To Assist With New Construction, Additions, And Restor...
Church Building Grants To Assist With New Construction, Additions, And Restor...
 
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptxThe-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
 
Traction part 2 - EOS Model JAX Bridges.
Traction part 2 - EOS Model JAX Bridges.Traction part 2 - EOS Model JAX Bridges.
Traction part 2 - EOS Model JAX Bridges.
 
Entrepreneurship lessons in Philippines
Entrepreneurship lessons in PhilippinesEntrepreneurship lessons in Philippines
Entrepreneurship lessons in Philippines
 
Kenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith PereraKenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith Perera
 
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
 

Harnessing Information Systems Audit towards Good Corporate Governance

  • 1.
  • 2. Today’s Agenda Redefining IS Audit What’s trending in the sphere Why it’s getting important Calling for Good Corporate Governance How IS plays its part Audit Committee should… 3/11/2014 1
  • 3. Redefining IS Audit  Activities of collecting and evaluating evidence of Information Systems, practices, and operations within an organization  Purpose: Evaluating system's internal control design and effectiveness  Objective: safeguarding assets, maintaining data integrity, operating effectively to achieve organization goals and objectives  Performed in conjunction with financial statement audit, internal audit, or other form of audit 3/11/2014 2
  • 4. Redefining IS Audit (cont’d)  What should ISAuditor really know about? 1. Management, Planning, and Organization of IS Commencing best IS management practices 2.Technical Infrastructure and Operational Practices Understanding hardware, software and networking technologies 3. Protection of Information Assets Mastering information security management 4. Disaster Recovery and Business Continuity Valuing how IS availability is critical to business 3/11/2014 3
  • 5. Redefining IS Audit (cont’d) 5. Business Application System Development, Acquisition, Implementation, and Maintenance Valuing core area of IS development 6. Business Process Evaluation and Risk Management Linking business expectations and risks to IS development and deployment 7. IS Audit Process Mastering code of ethics, auditing standards, guidelines, audit methodology, techniques and Control Self-Assessment 3/11/2014 4
  • 6. Redefining IS Audit (cont’d) 3/11/2014 5
  • 7. What’s trending in the sphere  Utilization level of CAAT (Computer-Assisted Auditing Techniques) getting higher  Functionality Market leader IDEA analyze, manipulate and interrogate huge quantities of data from business platform or systems  Capability Analyze 2,1 billion rows per an unlimited number of sheets while for example Microsoft Excel 2007’s 1,048,576 rows  Integrity Core data cannot be modified once imported 3/11/2014 6
  • 8. What’s trending in the sphere (cont’d)  Audit trail/documented proof Record tests performed and log documented proof for audit trail  Suitability Has most of the commonly used audit tests available as ‘one button’ click options  Data assumption/data interpretation Appropriate way in interpreting data imported 3/11/2014 7
  • 9. What’s trending in the sphere (cont’d)  Accounting, IS and IT audit professionals still tops as one of fastest-growing professions  Marks 22 percent to 30 percent growth estimated for 2008-2018  Organizations are looking for IT audit professionals to assess and recommend ways to mitigate the impacts of today technology risks  All statements cite CNN Money 2012 report. 3/11/2014 8
  • 10. Why it’s getting important IT plays more strategic role Growing number of IT Budget IT Project and Investment Consumerization of IT Business competition is stiffening The world is getting riskier Driven by professional organization 3/11/2014 9
  • 11. IT Plays (More) Strategic Role  Organization accommodate it for cost-saving initiative  Capitalize to reach out more prospects, users, customers, consumers, suppliers, vendors and partners  IT literacy level across the globe is increasing  Number of internet adoption and penetration are rising day in and day out  Some companies leverage IT as new revenue streams 3/11/2014 10
  • 12. Growing Number of IT Budget  IT budget is rising across all continents aggregatively except in Europe as IDC report indicates last year  Particularly found inTelco, Banking, Finance, Internet and IT sectors  Allocation priorities: Infrastructure, hardware, and software  Paradigm shifting: IS/IT is no longer cost but investment  From cost centre to profit centre turn out 3/11/2014 11
  • 13. IT Project and Investment In relation to the rising budget and strategic role, more and more IT as well as IS project and investment take place Value of project and investment are also climbing Resources getting involved Complexity within the project is rising 3/11/2014 12
  • 14. Consumerization of IT Highly influenced by mobile devices and computer devices to grab more users Slightly affected by telecommunication operator offering more affordable voice and plan at large Popularity of Bring-Your-Own-Device (BYOD) 3/11/2014 13
  • 15. Business competition is stiffening Literally and naturally business is becoming more competitive Corporation is more confident in utilizing IT as business-enabler Second wave of mushroomed internet companies driven by SiliconValley start-ups In the flip side, eventually user and customer demands are always evolving 3/11/2014 14
  • 16. The World is Getting Riskier In a day, most of the time, there is always new risk found, identified, or even more assessed Natural disasters are haunting all the time New virus, worm, trojan, malware and spyware launched every day Hacking, cracking, phreaking and sniffing together with spamming activities never end 3/11/2014 15
  • 17. Driven by ProfessionalOrganizations  ISACA (c/q Information SystemsAudit andControl Assurance) throughCOBIT (Control of Business and InformationTechnology)  ISACA also urge organization to accommodate IT Governance in implementingCorporateGovernance  IIA (The Institute of InternalAuditors) by accommodating IT (Audit, Risk, Control, Security,Governance) within their domains (PG, GTAG, GAIT) besides InternalAudit Role, InternalAudit Engagement and BusinessAcumen in its framework (GIAC) 3/11/2014 16
  • 18. Calling for Good CorporateGovernance Revisiting Good Corporate Governance (GCG) Corporate vs Enterprise Governance Regulatory Compliance Understanding its Requirements Possible Deployment Models 3/11/2014 17
  • 19. Revisiting GCG Consists of the governance structure defining distribution of rights and responsibilities among stakeholders Stakeholders: BoD, shareholders, auditors, regulators, and others Specifies rules and procedures for making decisions in corporate affairs 3/11/2014 18
  • 20. Revisiting GCG (cont’d) Purpose: mechanism for monitoring actions, policies and decisions within an organization Ownership: BoD, Audit Committee, and other supervisory committee Most direct benefit is to non- executive/management shareholders 3/11/2014 19
  • 21. Revisiting GCG (cont’d)  Concrete implementation  Two-tiered Board of Directors (BoD) Executive Board (‘EB’, company executives) runs daily operations Supervisory Board (non-executive directors) Represent shareholders and employees: hires and fires EB members, determines their compensation, and reviews major business decisions 3/11/2014 20
  • 22. Revisiting GCG (cont’d) Concrete implementation Single-tiered Board of Directors (BoD) Dominated by non-executive directors elected by shareholders hold key posts, including audit and compensation committees In UK, CEO doesn’t serve as Chairman of BoD while in the U.S, it’s quite commonly found 3/11/2014 21
  • 23. Corporate vs EnterpriseGovernance  Enterprise governance applies to full scope of the organization regardless of the industry  For instances:Government encompassing all ministries; private sector encompassing all subsidiaries; military encompassing air, water, land forces  Constitutes the entire accountability framework of an organization  Conformance (corporate governance): governance structures and accountability assignment  Performance (business governance): strategy definition and value creation to help BoD make strategic decisions, take risks and key performance drivers 3/11/2014 22
  • 24. Ever since Corporate Scandals…  High-profile collapses of Enron and MCI Inc in 2001–2002 while most of them involved accounting fraud  Drawn public and regulator interest in releasing newAct and Laws: Sarbanes-OxleyAct (Sarbox or SOX) in 2002  By now most of implementation is based onThe Cadbury Report (UK, 1992), OECD’s Principles ofCorporate Governance (1998 and 2004) and US SOX  Cadbury and OECD features general principles businesses expected to operate to assure proper governance  SOX legislates several principles recommended by two frameworks above 3/11/2014 23
  • 25. Regulatory Compliance  Sarbannes-Oaxley Auditor to review financial statement and issue an opinion CEO and CFO attest financial statement Board Audit Committee accommodate financial expert as independent members External audit firms as audit partners to rotate every 5 years Not provide certain types of assurance consulting services  UK Bribery Act in 2010 Illegal to bribe government/private citizens or making facilitating payment Requires corporations to establish controls to prevent bribery3/11/2014 24
  • 26. Regulatory Compliance (cont’d) Indonesia Pedoman Umum GoodCorporate Governance from Komite Nasional UU No. 40 of 2007 on Private Limited and GCG practices Regulation form Ministry of state-owned No. PER-09/MBU/2012 onGCG implementation for state-owned enterprises 3/11/2014 25
  • 27. Driving Factors  Indonesia Case  International Finance Corporation (IFC) highlighting GCG in private sectors  Tied-up with Otoritas Jasa Keuangan (OJK), they develop “CorporateGovernance Road Map” and “IndonesiaCorporate Governance Manual” to identify and tackle problems and challenges on the implementation and its regulations  It covers but not limited to stockholder rights, safeguarding minority stockholders, company management best practice, openness and transparency 3/11/2014 26
  • 28. Understanding The Requirements  Rights and equitable treatment of shareholders Respect shareholders rights and help shareholders to exercise them  Interests of other stakeholders Legal, contractual, social, and market driven obligations to non-shareholder stakeholders (employees, investors, creditors, suppliers, local communities, customers, and policy makers) 3/11/2014 27
  • 29. Understanding its Requirements (cont’d)  Role and responsibilities of the board Relevant skills and understanding to review and challenge management performance  Integrity and ethical behavior Fundamental requirement in choosing corporate officers and board members Code of conduct for their directors and executives that promotes ethical and responsible decision making  Disclosure and transparency Publicizes roles and responsibilities of board and management 3/11/2014 28
  • 30. Possible Deployment Models  OECD Principles oftenly referenced by countries developing local codes or guidelines  UNISAR of Guidance on Good Practices in Corporate Governance Disclosure  Consists of more than 50 disclosure items across 5 broad categories  AUDITING  Board and management structure and process  Corporate responsibility and compliance  Financial transparency and information disclosure  Ownership structure and exercise of control rights 3/11/2014 29
  • 31. How IS Plays its Part 3/11/2014 30
  • 32. How IS Plays its Part (cont’d)  GCG involves decision-making, accountability, and monitoring  Decisions require relevant and reliable information  Accountability involves measuring, reporting, and transparency  Monitoring involves systems and feedback  IS Auditor’s primary role is to check whether information systems is reliable, accountable and credible to produce important information 3/11/2014 31
  • 33. How IS Plays its Part (cont’d) Deploying Risk-based IS Audit Leveraging CAAT & other software Capitalizing frameworks of or from:  BSMR (Badan Sertifikasi Manajemen Resiko)  ISO31000 on ERM (Enterprise Risk Management)  ISACA’s Risk IT and COBIT  PMI’s PMBOK  SOX  IIA Framework 3/11/2014 32
  • 34. How IS Plays its Part (cont’d) Always be mindful that auditing involves PUBLIC responsibility that is more important than relationship with CLIENT Auditors must express their view on the appropriateness – not just acceptability – of IS principles used or proposed to be used Reveal the transparency and completeness of the disclosures 3/11/2014 33
  • 35. Audit Committee Should…  Accommodate mainly non-executive directors (all have finance & accounting backgrounds and expertise)  Approve appointment of auditors  Establish the audit fees  Approve all non-audit services provided by auditors  Meet with the auditor independently of the rest of the board 3/11/2014 34
  • 36. Q & A 3/11/2014 Your Logo

Notas del editor

  1. Image credit: 3DEducators.com Presented in a guest lecture session for Trisakti University’s Accounting Master Program
  2. Image credit: www.parkersolutionsgroup.co.uk
  3. Credit: Charles Schwab & Co, Inc.
  4. Credit image: testshop.com
  5. Image credit:
  6. Image credit: retroamco.com
  7. Credit: Roza.nl
  8. https://global.theiia.org/about/about-internal-auditing/pages/competency-framework.aspx
  9. Credit: Deloitte
  10. Image Credit: ThatAuditGuy.com