Benefits of Information Technology What are the risks of information

technology? For businesses? For the profession?

Why should C-Suite executives care? What tools and frameworks can the

profession leverage? Contemporary Issues Conclusion

Globalization Improved productivity Communication (efficient and effective)

▪ E-mail Cost Effective

▪ Stream lining processes New businesses

▪ E-commerce (Amazon)▪ Video-sharing (Youtube)▪ Online Advertising (Google)▪ Social Media (Facebook)

AmazonSite went online in 199534 Billion in sales for 2010 and over

1 Billion in net incomeLargest book store in the worldLargest online retailer19th biggest retailer in the world in

terms of sales

Businesses More exposure Easier to conceal Unintentional and intentional harm by

employees Auditors

More complex revenue streams Testing of controls is more complex Lack of understanding by traditional

internal and external auditors CAS 315 requires auditors to test controls

in highly automated environments

Playstation network security breaches $24 Billion in costs

Compliance The penalties for not being compliant to

Sarbanes-Oxley legislation can be severe with fines of up to $5 million dollars and 20 years in prison.

High Cost of Internal Control Failures $500 M loss because of internal control

failure at Merrill Lynch

Jérôme Kerviel, Rogue Trader, at Société Générale Was able to work around the system▪ System accepted fake contracts ▪ Able to unadjust trades before and after

trades were checked by the system Lost $7.2 billion

Frameworks COSO, COBIT, and ITIL

Audit Software CAATs – IDEA and ACL▪ Grant Thornton requires all its employees to learn

IDEA

Use of specialist IT specialists can help with risk assessment,

testing of controls and understanding of how information technology is used▪ Deloitte requires at least every three years for an IT

specialist to do an assessment of the IT environment at every client

COSO Control Environment Risk Assessment Information and Communication Control Activities Monitoring

Outsourcing SOX Assurance opportunities (5970)

Cloud computing No guidance provided Risks involved

Risks – fraud, attacks, audit risk increased and complexity

Managing – frameworks, specialists and tools

‘Hot’ topics – Outsourcing and cloud computing

Questions – How will the profession keep up with the rapidly developing use of information technology?