Auditing IT Infrastructures for Compliance
Sponsored Links
This presentation is the property of its rightful owner.
1 / 22

Auditing IT Infrastructures for Compliance Chapter 15 PowerPoint PPT Presentation


  • 121 Views
  • Uploaded on
  • Presentation posted in: General

Auditing IT Infrastructures for Compliance Chapter 15 Ethics, Education, and Certification for IT Auditors. Learning Objective. Describe the qualifications, ethics, and certification organizations for information technology (IT) auditors. Key Concepts.

Download Presentation

Auditing IT Infrastructures for Compliance Chapter 15

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Auditing IT Infrastructures for Compliance

Chapter 15

Ethics, Education, and Certification for IT Auditors


Learning Objective

  • Describe the qualifications, ethics, and certification organizations for information technology (IT) auditors.


Key Concepts

  • Significance of IT auditing career pursuits

  • Professional ethics and integrity of IT auditors

  • Codes of conduct for IT auditors

  • Certification process and accreditation for IT auditing


DISCOVER: CONCEPTS


Qualifications and Ethics for IT Auditors

  • Auditors have an important duty to evaluate organizational controls.

  • IT auditors need to practice strong ethical behavior and demonstrate integrity and objectivity.


Code of Conduct or Ethics

  • Professional organizations for IT auditors

    • Information Systems Audit and Control Association (ISACA)

    • Institute of Internal Auditors (IIA)

  • Companies listed on public stock exchanges


Codes of Conduct for IT Auditors 


Code of Conduct or Ethics


Certification for IT Auditors

  • IIA—Perhaps the oldest, established in 1941

  • Certified Internal Auditor (CIA) certification

  • Certification in Control Self-Assessment (CCSA)

  • Certified Government Auditing Professional (CGAP) certification


Certification for IT Auditors (Continued)

  • Certified Financial Services Auditor (CFSA) certification

  • Certified Information Systems Auditor (CISA) certification

  • Certified Information Security Manager (CISM) certification


Certification for IT Auditors (Continued)

  • Certified in Risk and Information Systems Control (CRISC) certification

  • Certified in the Governance of Enterprise IT (CGEIT) certification

  • Global Information Assurance Certification (GIAC) (several designations)


DISCOVER: PROCESS


Certification Process and Accreditation


DISCOVER: ROLES


Roles and Responsibilities

  • IT Auditors

    • Responsible for conducting information security or IT audits following all proper ethical and professional guidelines.

    • Security and Compliance Managers

    • Support the auditing process and provide funding for ongoing compliance-related assurance procedures.


DISCOVER: CONTEXTS


Codes of Conduct for IT Auditors Based on Organization Types

  • Auditors have the same codes of conduct no matter the organizational size or type.

  • Auditors must follow codes of conduct that are produced within the organization while these very codes of conduct are actually audited by the same auditors.

  • In an organization, auditors are considered as friends, and they help the organization to stay in compliance.


DISCOVER: RATIONALE


Need for Highest Professional Conduct

  • The IT-audit profession continues to grow and is supported by several professional organizations.

  • IT auditors need to strongly adhere to ethical codes and be in constant pursuit of continued education.


Need for Highest Professional Conduct (Continued)

  • There are numerous educational opportunities for those just entering the profession or those looking for growth.

  • Organizations such as the IIA and ISACA provide a tremendous amount of resources for the profession.


Significance of IT Auditing Career Pursuits

  • Practitioners within audit, IT, or a combination of both should strongly consider membership and take advantage of the educational and certification opportunities.


Summary

  • Qualifications, ethics, certifications, and codes of conduct for IT auditors.

  • Process of certification and accreditation for IT auditors

  • Importance of highest professional conduct for IT auditors


  • Login