M. Sarush Faruqi

  • M. Sarush Faruqi posted a new activity comment 4 days, 22 hours ago

    Amanda,

    I would agree with you in the sense that developers should have an independent group review and test the code to make sure it is performing at an optimal level and does not have potential malicious code embedded inside of it. In terms of the business accepting a delayed timeline, I think it depends on the business and the tone it sets…[Read more]

  • M. Sarush Faruqi posted a new activity comment 4 days, 22 hours ago

    Scott,

    Great industry example. I think testing doesn’t get the credit and importance it should in some industries. I may have a bias having worked in both testing and development but nonetheless, both of these duties should be separated from an efficiency standpoint. I’m not saying developers can’t test but to your point, the ‘outside the box’…[Read more]

  • M. Sarush Faruqi posted a new activity comment 5 days, 7 hours ago

    Professor,

    I agree with you on the notion that maintenance is a very time consuming responsibility. I sit near the support guys at my job and they never have a minute to look away from their monitors. If we give developers the task of development and maintenance, constant interruption will be inevitable and they will have to prioritize their…[Read more]

  • M. Sarush Faruqi posted a new activity comment 5 days, 21 hours ago

    Business application procurement seems to be a big problem. IT buys stuff the businesses’ don’t want and many of the business’ purchases have been outright failures. Why? What controls can Larry put into place to ensure that it doesn’t continue into the future?

    Business application procurement has been a disaster in YNG mainly because…[Read more]

  • M. Sarush Faruqi posted a new activity comment 6 days, 18 hours ago

    Annamarie and Jeff,

    Both of you bring up great points about the importance of segregating of duties. Like Jeff, developers in my company have code reviews as well before handing it off to the support team for a deeper level review. While I agree that giving developers the duties of application development and maintenance could prove to be…[Read more]

  • M. Sarush Faruqi posted a new activity comment 6 days, 19 hours ago

    Hi Amanda,

    I agree with you on the notion that developers or the people who took part in coding a piece of software should not have the ability to move it to production. This can definitely be an invitation to invite potential malicious code into the software with no other control to monitor what went into production. You bring up a valid point…[Read more]

  • M. Sarush Faruqi posted a new activity comment 6 days, 22 hours ago

    3. What is segregation of duties and how does it play into basic administrative controls? Give an example of two IT roles that should be segregated?

    Segregation of duties is a form of IT personnel controls which seek to ensure that one person is not responsible for carrying out critical functions in an organization in a way which could lead to…[Read more]

  • M. Sarush Faruqi posted a new activity comment 1 week, 4 days ago

    Dentdel Case-

    Where could stronger IT Administrative controls have helped Dentdel avoid this situation?

    One of the most important controls that I see which could have helped Cedric James and the other executives is to have a well defined IT strategy. In this situation, Dentdel essentially goes from a manual and time consuming order entry…[Read more]

  • M. Sarush Faruqi posted a new activity comment 2 weeks, 5 days ago

    Scott,

    I found your examples of all three types of controls informative especially from a technical standpoint. I agree with you that security is an aspect of Information Technology which is gaining a lot of attention. Hackers are finding new ways to get into systems and makes it a little difficult to pinpoint what angle they are coming from. I…[Read more]

  • M. Sarush Faruqi posted a new activity comment 2 weeks, 6 days ago

    Hi Shakiya,

    I like your take on having an open door policy when it comes to creating an effective control environment. To me, managers must have accurate and timely information in order to make sound business decisions and have an awareness of risks. Allowing your employees to speak to you openly will give managers a sense of how exactly a…[Read more]

  • M. Sarush Faruqi posted a new activity comment 2 weeks, 6 days ago

    Hi Jeff,

    This is a good example of setting the tone especially when it comes to managing projects using the PMO framework and PMO committee. Most people don’t like change so setting the tone of how things will be done within the company is very important and establishes a ‘norm’ of expectations. In this case, tight deadlines on simply…[Read more]

  • M. Sarush Faruqi posted a new activity comment 3 weeks ago

    Professor Flanagan,

    An example I can think of comes from the company I am currently employed at. I work for a financial technology solutions company whose vision revolves around being a leading global provider of transactions based technology solutions. In order to reach other countries, the company has offices in various parts of the world. In…[Read more]

  • M. Sarush Faruqi posted a new activity comment 3 weeks ago

    Professor Flanagan,

    An example I can think of comes from the company I am currently employed at. I work for a financial technology solutions company whose vision revolves around being a leading global provider of transactions based technology solutions. In order to reach other countries, the company has offices in various parts of the world. In…[Read more]

  • M. Sarush Faruqi posted a new activity comment 3 weeks, 1 day ago

    A control environment is an all encompassing collection of policies, procedures, ethics, management style, organizational structure, and philosophy that determines how activities will be carried out by various levels of employees on a daily basis. It sets the tone for how a company will operate to meet its business objectives, mitigate risks, and…[Read more]

  • M. Sarush Faruqi‘s profile was updated 3 weeks, 5 days ago

Skip to toolbar