Date post: | 14-Jun-2015 |
Category: |
Technology |
Upload: | kieng-iv |
View: | 442 times |
Download: | 1 times |
Benefits of Information Technology What are the risks of information
technology? For businesses? For the profession?
Why should C-Suite executives care? What tools and frameworks can the
profession leverage? Contemporary Issues Conclusion
Globalization Improved productivity Communication (efficient and effective)
▪ E-mail Cost Effective
▪ Stream lining processes New businesses
▪ E-commerce (Amazon)▪ Video-sharing (Youtube)▪ Online Advertising (Google)▪ Social Media (Facebook)
AmazonSite went online in 199534 Billion in sales for 2010 and over
1 Billion in net incomeLargest book store in the worldLargest online retailer19th biggest retailer in the world in
terms of sales
Businesses More exposure Easier to conceal Unintentional and intentional harm by
employees Auditors
More complex revenue streams Testing of controls is more complex Lack of understanding by traditional
internal and external auditors CAS 315 requires auditors to test controls
in highly automated environments
Playstation network security breaches $24 Billion in costs
Compliance The penalties for not being compliant to
Sarbanes-Oxley legislation can be severe with fines of up to $5 million dollars and 20 years in prison.
High Cost of Internal Control Failures $500 M loss because of internal control
failure at Merrill Lynch
Jérôme Kerviel, Rogue Trader, at Société Générale Was able to work around the system▪ System accepted fake contracts ▪ Able to unadjust trades before and after
trades were checked by the system Lost $7.2 billion
Frameworks COSO, COBIT, and ITIL
Audit Software CAATs – IDEA and ACL▪ Grant Thornton requires all its employees to learn
IDEA
Use of specialist IT specialists can help with risk assessment,
testing of controls and understanding of how information technology is used▪ Deloitte requires at least every three years for an IT
specialist to do an assessment of the IT environment at every client
COSO Control Environment Risk Assessment Information and Communication Control Activities Monitoring
Outsourcing SOX Assurance opportunities (5970)
Cloud computing No guidance provided Risks involved
Risks – fraud, attacks, audit risk increased and complexity
Managing – frameworks, specialists and tools
‘Hot’ topics – Outsourcing and cloud computing
Questions – How will the profession keep up with the rapidly developing use of information technology?