1 / 22

Auditing IT Infrastructures for Compliance Chapter 15

Auditing IT Infrastructures for Compliance Chapter 15 Ethics, Education, and Certification for IT Auditors. Learning Objective. Describe the qualifications, ethics, and certification organizations for information technology (IT) auditors. Key Concepts.

yeo-sexton
Download Presentation

Auditing IT Infrastructures for Compliance Chapter 15

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Auditing IT Infrastructures for Compliance Chapter 15 Ethics, Education, and Certification for IT Auditors

  2. Learning Objective • Describe the qualifications, ethics, and certification organizations for information technology (IT) auditors.

  3. Key Concepts • Significance of IT auditing career pursuits • Professional ethics and integrity of IT auditors • Codes of conduct for IT auditors • Certification process and accreditation for IT auditing

  4. DISCOVER: CONCEPTS

  5. Qualifications and Ethics for IT Auditors • Auditors have an important duty to evaluate organizational controls. • IT auditors need to practice strong ethical behavior and demonstrate integrity and objectivity.

  6. Code of Conduct or Ethics • Professional organizations for IT auditors • Information Systems Audit and Control Association (ISACA) • Institute of Internal Auditors (IIA) • Companies listed on public stock exchanges

  7. Codes of Conduct for IT Auditors 

  8. Code of Conduct or Ethics

  9. Certification for IT Auditors • IIA—Perhaps the oldest, established in 1941 • Certified Internal Auditor (CIA) certification • Certification in Control Self-Assessment (CCSA) • Certified Government Auditing Professional (CGAP) certification

  10. Certification for IT Auditors (Continued) • Certified Financial Services Auditor (CFSA) certification • Certified Information Systems Auditor (CISA) certification • Certified Information Security Manager (CISM) certification

  11. Certification for IT Auditors (Continued) • Certified in Risk and Information Systems Control (CRISC) certification • Certified in the Governance of Enterprise IT (CGEIT) certification • Global Information Assurance Certification (GIAC) (several designations)

  12. DISCOVER: PROCESS

  13. Certification Process and Accreditation

  14. DISCOVER: ROLES

  15. Roles and Responsibilities • IT Auditors • Responsible for conducting information security or IT audits following all proper ethical and professional guidelines. • Security and Compliance Managers • Support the auditing process and provide funding for ongoing compliance-related assurance procedures.

  16. DISCOVER: CONTEXTS

  17. Codes of Conduct for IT Auditors Based on Organization Types • Auditors have the same codes of conduct no matter the organizational size or type. • Auditors must follow codes of conduct that are produced within the organization while these very codes of conduct are actually audited by the same auditors. • In an organization, auditors are considered as friends, and they help the organization to stay in compliance.

  18. DISCOVER: RATIONALE

  19. Need for Highest Professional Conduct • The IT-audit profession continues to grow and is supported by several professional organizations. • IT auditors need to strongly adhere to ethical codes and be in constant pursuit of continued education.

  20. Need for Highest Professional Conduct (Continued) • There are numerous educational opportunities for those just entering the profession or those looking for growth. • Organizations such as the IIA and ISACA provide a tremendous amount of resources for the profession.

  21. Significance of IT Auditing Career Pursuits • Practitioners within audit, IT, or a combination of both should strongly consider membership and take advantage of the educational and certification opportunities.

  22. Summary • Qualifications, ethics, certifications, and codes of conduct for IT auditors. • Process of certification and accreditation for IT auditors • Importance of highest professional conduct for IT auditors

More Related