Sam A. Hicks, PhD - PowerPoint PPT Presentation

1 / 29
About This Presentation
Title:

Sam A. Hicks, PhD

Description:

Personal Computers in Business. IS Audit at Virginia Tech. Undergraduate. Auditing ... CCM Certified Cash Manager. CCSA Certification in Control Self Assessment ... – PowerPoint PPT presentation

Number of Views:71
Avg rating:3.0/5.0
Slides: 30
Provided by: samh5
Category:
Tags: phd | hicks | sam

less

Transcript and Presenter's Notes

Title: Sam A. Hicks, PhD


1
The Status of IT Audit Education
  • Sam A. Hicks, PhD
  • Department of Accounting Information Systems
  • Audit track at VA SCAN
  • Virginia Tech
  • October 6 ,2008

2
What is Information Systems AuditWhat is an Audit
  • Auditing Systematic process of objectively
    obtaining and evaluating evidence regarding
    assertions about economic actions and events to
    ascertain the degree of correspondence between
    those assertions and established criteria and
    communicating the results to interested users.
  • Financial Statement Auditors Established
    criteria is Generally Accepted Accounting
    Principles GAAP
  • Financial Statement Auditors Must attest to the
    amounts on the financial statements, they cannot
    only attest to the system

3
  • An audit compares actual to standard
    established criteria for IS Audit is COSO,
    COBIT, Basel II Accord, ITIL, and several ISO
    standards.
  • Sarbanes Oxley requires that management attest to
    Internal control over the Accounting system and
  • Auditors audit managements assertions as to
    Internal Control
  • Again, standard for Internal Control is COSO,
    COBIT, Basel II Accord, ITIL, and several ISO
    standards.

4
IS Audit
  • A specialized audit focusing on the controls of
    the information systems of the entity.
  • Most frequently the IS Auditor is a part of the
    internal audit team. As such, the IS Auditor is
    an integral part of the
  • Design and Development of the system reviews
    the system analysis and design of the system, the
    purchase or programming of the system, the
    installation, and the post-implementation review

5
IS Audit
  • Security Availability, Confidentiality and
    Integrity of the system access, back-up,
    separation of duties, training of users,
    documentation of system
  • Change management
  • Control of software
  • Enhance operations with changes
  • Do the tasks of the IS Auditor matter?

6
AICPA Top Ten IT Concerns
7
AICPA Top Ten IT Concerns
8
AICPA Top Ten IT Concerns
9
Public Company Accounting Oversight Board's
(PCAOB)
  • Auditors who sign reports tend to be financial
    statement auditors with little knowledge of
    systems
  • PCAOB suggests that financial statement auditors
    have more IT education
  • Expressed concern of PCAOB Advisory Group

10
Department of Defense
  • In May 2006, required about 80,000 professionals
    in the area of Information Assurance Workforce,
    to acquired one of 13 professional
    certifications. Certified Information Systems
    Auditor CISA was one of the 13.

11
Certified Information Systems Auditor CISA
  • Pass the CISA Exam
  • Have IS Audit experience 5 years
  • Abide by Code of Ethics
  • Continuing Professional Education
  • Follow IS Auditing Standards issued by ISACA

12
CISA Exam
  • 200 multiple choice questions
  • Topics
  • The IS Audit Process
  • IT Governance
  • Systems Life Cycle
  • IT Service Delivery and Support Operations
  • Security
  • Business Continuity and Disaster Recovery

13
Salary Info
  • Premium of 10 to 15 for certification
  • CISA, CISSP and CISM were among the highest
  • Certification Magazines 2007 Salary Survey
    report
  • CISM came in second at 115,720 -- ISACA reports
    about 8,000 professional world-wide have CISM
  • CISA came in fifth at 98,740 ISACA reports
    about 55,000 professional world-wide have CISA

14
So What
  • From this kind of information, Demand for IS
    Auditors is strong.
  • Most of our students have multiple offers
  • Yet

15
ISACA Student Members
  • Website reports that over 800 students have
    student memberships representing 200 schools
  • Thus only about 4 per school!

16
Students Graduating from ACIS
17
Information Systems Audit and Control Association
(ISACA) model curriculum
  • General Education and General Business
  • Three parts
  • Accounting
  • Systems
  • Auditing

18
ISACA model curriculum Accounting
  • Accounting Principles I
  • Accounting Principles II
  • Intermediate Accounting I or Management
    Accounting
  • Process Control/Internal Control
  • Accounting Information Systems

19
ISACA model curriculum Information Systems
  • Introduction to Computers
  • Computer Programming
  • Systems Analysis Design
  • Data Base Management Systems
  • Computer-based Communication Networks
  • Management of Information Systems

20
ISACA model curriculum Auditing
  • Internal Auditing I
  • Introduction to Information Systems
    Auditing/CAATs
  • Special Topics (e.g., IS Integrity and
    Confidentiality, Audit Ethics)

21
IS Audit at Virginia TechUndergraduate
  • General Education 50 credits
  • General Business 33 Credits
  • Accounting 15 Credits
  • Intermediate 6
  • Cost 3
  • Tax 3
  • Accounting Systems and Controls 3

22
IS Audit at Virginia TechUndergraduate
  • Information Systems 12 Credits
  • Information Systems Development
  • Database Management systems
  • Networks and Telecommunications in Business
  • Personal Computers in Business

23
IS Audit at Virginia TechUndergraduate
  • Auditing 9 Credits
  • Auditing Governance and Professional Ethics
  • Financial Statement Auditing
  • Information Systems Audit and Control
  • Electives 6 Credits

24
What would you Change?
25
Alternative paths to IS Audit
knowledge
  • Business Information Technology
  • Computer Science
  • Computer Engineering

26
Other CERTIFICATIONS
  • CFE Certified Fraud Examiner
  • CIA Certified Internal Auditor
  • CISSP Certification for Information System
    Security Professional
  • CNE Certified Novell Engineer
  • CPA Certified Public Accountant
  • CRP Certified Risk Professional
  • MCSE Microsoft Certified Systems Engineer
  • CISA Certified Information Systems Auditor
  • CITP Certified Information Technology
    Professional from AICPA

27
Additional Cerifications
  • CCM Certified Cash Manager
  • CCSA Certification in Control Self Assessment
  • CCDA Cisco Certified Design Associate
  • CCNA Cisco Certified Network Administrator
  • CMA Certified Management Accountant
  • CFM Certified in Financial Management
  • SAPTASAP Technical Auditor
  • CMC Certified Management Consultant
  • CFA Certified Financial Analyst
  • CBCP Certified Business Continuity Professional
  • CIDA Certified Investments Derivatives

28
Why a certificate?
  • Connected to a professional group
  • Documents some level of knowledge
  • Recognition to you
  • Parting Words

29
Advice From CIOs
  • Get uncomfortable
  • Be willing to admit to errors that you make
    take responsibility
  • Go with your gut listen, learn, then go with
    your instinct
  • Get dirty be willing to try
  • Love it or Leave it Life is too short to do
    what you do not love to do, move on and try
    something different
  • CIO January 29, 2008
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Sam A. Hicks, PhD" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!