IT-Revision, IT-Audit und IT-Compliance

Für Banken gibt es eine wachsende Anzahl von Rechtsgrundlagen, d. h. Gesetze, Verordnungen, Direktiven und Rundschreiben, die sie im Tagesgeschäft beachten müssen. Gerade die Bedeutung von einem angemessenen Schutz vor IT-Sicherheitsrisiken nimmt zu. EU-weite Programme wie beispielsweise TIBER-EU oder der Nachweis der KRITIS- Anforderungen sollen das bestehende Sicherheitsniveau weiter verbessern. Als ganzheitlichen Ansatz für eine kontinuierliche Evaluierung der Sicherheit von Technologie wie Organisation gleichermaßen empfiehlt sich die Einführung und der Betrieb eines Informationssicherheitsmanagement-Systems.

Download Full-text

Strategic IT Audit Planning

Standard for Auditing Computer Applications ◽

10.1201/noe0849399831.sec5 ◽

1998 ◽

Keyword(s):

Audit Planning ◽

It Audit

Download Full-text

Managing IT Audit

Information Technology Control and Audit, Third Edition ◽

10.1201/9781420065541.ch6 ◽

2008 ◽

pp. 129-153

Keyword(s):

It Audit

Download Full-text

IT General Controls Testing: Assessing the Effectiveness of User Access Management

AIS Educator Journal ◽

10.3194/1935-8156-14.1.15 ◽

2019 ◽

Vol 14 (1) ◽

pp. 15-34 ◽

Cited By ~ 1

Author(s):

Lorraine Lee ◽

Rebecca Sawyer

Keyword(s):

Information Technology ◽

Information Systems ◽

Accounting Information ◽

Access Management ◽

Graduate Level ◽

General Control ◽

Accounting Information Systems ◽

User Access ◽

It Audit

ABSTRACT The verification of Information Technology (IT) controls is a core responsibility of IT auditors. This case places the student in the role of an IT auditor assigned to test the operating effectiveness of a specific IT general control: user access management. In addition to learning about IT controls, the case introduces several Excel functions such as VLOOKUP, MATCH, INDEX, and various text functions. The student documents the results of the IT controls tests by completing a testing matrix and writing a memo. General controls, user access management, and Excel applications are all topics taught in Accounting Information Systems (AIS) and Audit courses. As such, instructors can use this case at the undergraduate or graduate level in an IT Audit, Accounting Information Systems, or Audit class.

Download Full-text

Audit TI Perusahaan Konsultan Properti Untuk Evaluasi Pengelolaan Data (DS11)

Jurnal Informatika ◽

10.31311/ji.v5i1.3037 ◽

2018 ◽

Vol 5 (1) ◽

pp. 119-127

Author(s):

Lala Nilawati

Keyword(s):

Decision Making ◽

Information Technology ◽

Information System ◽

Competitive Advantage ◽

Maturity Model ◽

Scoring Method ◽

Web Based ◽

Increase Productivity ◽

Audit Activity ◽

It Audit

Abstrak Teknologi informasi (TI) menjadi bagian penting dalam menentukan keberhasilan perusahaan. TI memberikan kesempatan untuk mendapatkan keunggulan kompetitif dan menawarkan perlengkapan untuk meningkatkan produktifitas. PT Triexpi Properti Advisindo merupakan Perusahaan Konsultan dibidang properti, yang sudah menerapkan penggunaan teknologi informasi untuk pengelolaan data sistem informasi penyewaan properti yang berbasis web. Untuk memaksimal penggunaan teknologi informasi di perusahaan ini, maka akan dibutuhkan kegiatan audit IT. Audit TI yang dilakukan pada penelitian ini akan difokuskan untuk melakukan evaluasi terhadap rancangan database pada sistem informasi penyewaan properti pada PT Triexpi Properti Advisindo. Kegiatan audit TI ini bertujuan untuk evaluasi pengelolaan data pada sistem informasi penyewaan dengan menggunakan Domain Delivery & Support (DS)-DS11, yang membahas tentang bagaimana mengelola data secara efektif, yaitu dengan melakukan identifikasi kebutuhan data menggunakan kerangka kerja Cobit 4.1. Kemudian akan digunakan model maturity untuk mengontrol proses-proses TI, dengan menggunakan metode penilaian/scoring. Dengan adanya audit pada sistem informasi ini, diharapkan dapat menunjang semua kegiatan perusahaan dan memberikan informasi yang dibutuhkan baik oleh karyawan maupun Direktur dalam menentukan pengambilan keputusan. Kata Kunci: Audit TI, COBIT 4.1., Domain Delivery & Support (DS) - DS11 Abstract Information technology (IT) becomes an important part in determining the success of the company. IT provides an opportunity to gain competitive advantage and offer equipment to increase productivity. PT Triexpi Properti Advisindo is a property consultant company, which has applied the use of information technology for data management of web based property rental information system. To maximize the use of information technology in this company, it will require IT audit activities. IT audit conducted in this research will be focused to evaluate the database design on property information rental system at PT Triexpi Properti Advisindo. This IT audit activity aims to evaluate the management of data on rental information systems using Domain Delivery & Support (DS) - DS11, which discusses how to effectively manage data by identifying data needs using Cobit 4.1. Then the maturity model will be used to control the IT processes, using the scoring method. With the audit on this information system, is expected to support all the activities of the company and provide information needed both by employees and Directors in determining decision making. Keywords: Audit TI, COBIT 4.1., Domain Delivery & Support (DS) - DS11.

Download Full-text

Design and implementation of E-discovery as a service based on cloud computing

Computer Science and Information Systems ◽

10.2298/csis120922030l ◽

2013 ◽

Vol 10 (2) ◽

pp. 703-724 ◽

Cited By ~ 2

Author(s):

Taerim Lee ◽

Hun Kim ◽

Kyung-Hyune Rhee ◽

Uk Shin

Keyword(s):

Cloud Computing ◽

Direct Contact ◽

State Of The Art ◽

Service Systems ◽

Target System ◽

Design And Implementation ◽

Discovery Service ◽

New Type ◽

It Compliance ◽

Network Device

Recently, as IT Compliance becomes more diverse, companies have to take a great amount of effort to comply with it and prepare countermeasures. Especially, E-Discovery is also one of the most notable compliances for IT and law. In order to minimize the time and cost for E-Discovery, many service systems and solutions using the state-of-the-art technology have been competitively developed. Among them, Cloud Computing is one of the most exclusive skills as a computing infrastructure for E-Discovery Service. Unfortunately, these products actually do not cover all kinds of E-Discovery works and have many drawbacks as well as considerable limitations. This paper, therefore, proposes a new type of E-Discovery Service Structure based on Cloud Computing called EDaaS(E-Discovery as a Service) to make the best usage of its advantages and overcome the limitations of the existing E-Discovery solutions. EDaaS enables E-Discovery participants to smoothly collaborate by removing constraints on working places and minimizing the number of direct contact with target systems. What those who want to use the EDaaS need is only a network device for using the Internet. Moreover, EDaaS can help to reduce the waste of time and human resources because no specific software to install on every target system is needed and the relatively exact time of completion can be obtained from it according to the amount of data for the manpower control. As a result of it, EDaaS can solve the litigant?s cost problem.

Download Full-text

Using the fuzzy cognitive modeling for the implementaion of the information technology audit.

Bulletin of Bryansk state technical university ◽

10.12737/22900 ◽

2015 ◽

Vol 2015 (2) ◽

pp. 116-122

Author(s):

Михаил Рытов ◽

Mikhail Rytov ◽

Павел Ковалев ◽

Pavel Kovalev

Keyword(s):

Information Technology ◽

Cognitive Modeling ◽

It Audit

The article considers one way of using the fuzzy cognitive modeling. In this case, this method is used for IT-audit andidentifying all necessary measures that can help the user to verify the need for the introduction of an enterprise portal.

Download Full-text

IT Audit Drivers

The Basics of IT Audit ◽

10.1016/b978-0-12-417159-6.00007-9 ◽

2014 ◽

pp. 129-148

Author(s):

Stephen D. Gantz

Keyword(s):

It Audit

Download Full-text