Grzegorz
Albinowski
Senior Business
Consulant,
Transition Project
Manager
Temat: Monitoring of Internal Controls and IT (Exposure Draft)...
Monitoring of Internal Controls and IT (Exposure Draft) comments till 3 May 2010Stowarzyszenie ISACA opubliowało nowy projekt standardu dla Członków Zarządów, Menedżerów, Właścicieli Procesów i Audytorów poświęcony monitorowaniu kontroli wewnętrznej w działach IT. Komentarze są mile widziane i należy jest składać do 3 maja 2010.
===
The main goals/aims of the publication are expanding the 2009 COSO Guidance on Monitoring of Internal Controls by bringing emphasis to the monitoring of application and IT general controls and discussing the use of automation (tools) for increased efficiency and effectiveness of monitoring processes. The authors also move away from a mere conceptual elaboration on the concepts and applications for monitoring and move toward providing multiple examples, case studies and practical tools that can help the professional and the enterprise itself implement monitoring.
The publication is written with executives/senior management, business process owners and IT professionals in mind. It opens with an executive overview of the subject matter and suggests questions that senior management should ask to determine whether the monitoring of internal controls is adequately addressed within their enterprise. For the business process owners it describes how to monitor key IT application controls and how to automate monitoring processes and for the IT professional it goes beyond theory by providing templates and tools that can be leveraged when developing and implementing a monitoring project.
All comments are encouraged, and must be submitted no later than 3 May 2010. Comments on the exposure draft may be provided by any of the following electronic submissions methods:
Use the ISACA online questionnaire in the link provided above, or
Send an e-mail to research@isaca.org.
http://isaca.org/Template.cfm?Section=Research2&CONTEN...
https://www.isaca.org/surveys/IT_Monitoring_Exposure/
Więcj o zarządzaniu usługami IT/ITSM/IT Governance na GoldenLine:
RISK-IT .. Enterprise IT Risk Governance
COBIT Control Objectives for Information and Related Technologies
ITIL V3 (Strategy, Design, Transition, Operation, Improvement)
Best Management Practice (P3O, MSP, M_o_R, ITIL, PRINCE2)
VAL-IT .. Value Governance of IT Investments
IT Service Management (ITSM ITIL)