Irin Samuel

  • I guess if the name says balanced, one would expect it to be well rounded and balanced all the way around. A balanced scorecard is as you described it. It does give a better view on the general performance. Although, sometimes I do wonder – at what points can a balanced scorecard be wrong? Just a thought to put out there.

  • “Unlimited flexibility” – you’re very right in saying that. I mean, well at least, just about so. Even though pivot tables may not be a top notch aspect of technology, it’s something that can be done quickly and on the spot to get a basic knowledge of the data set.

  • I agree, nice blog! They really are useful and it’s definitely a skill that should be learned by everyone who has a basic knowledge of Excel.

  • I agree. As sad as it may be that it reduces jobs, it makes the process cost efficient in many way that are beneficial to the company.

  • Just as you said, pivot tables are nothing new yet neither do many people know/attempt to master it. It’s required more often than many people think, especially in business environments.

  • I agree, it’s so much easier to see the trends, connections, and traits that are represented in the data as you have said. It’s an invaluable tool when working with large data sets that allows one to efficiently find what they are looking for.

  • In addition to doing pivot tables to sum up the data for my business, I’ve used pivot tables in various instances such as my last job as a staff accountant. I exported credit card data from various clients into […]

  • Okay, it may just be me then. But I quite honestly do like to do Pivot Tables!

    When I first started my business, I started logging in all of my orders and expenses in Excel. One day I sat down and tried to […]

    • Pivot table do save times. But sometimes it’s hard to found out the relationships of what should I put in which box, and sometimes the result are still hard to read. And it is hard for me to read and understand the “short cuts” in the final. Is the document also set the same “short cuts” way in real world work?

  • In a way it is to be expected. What this means to privacy is that it is flying right out the door. The way technology is advancing, keeping our information, searches, or anything at all that may be directly or indirectly technology oriented private will be hard to do.

    I think that AT&T and Verizon customers who are from other countries…[Read more]

  • Great post, it’s definitely straight to the point regarding Pivot tables. Pivot tables are an integral part of most businesses and I don’t think I’ve come across an office job where I haven’t created a pivot table in order to filter out a data set. You’re right, it used to be something that was a competitive advantage earlier but now it’s…[Read more]

  • While it is true that automation techniques do reduce the possibility of human error, there needs to be someone who can review what it does regardless so I agree with Jeta on that.
    I do also agree with Lucia in that it does show efficiency and consistency in the overall BPA. The goal of BPA is to simplify business processes and improve workflows…[Read more]

  • I agree with you, it’s definitely a great tool to automate and visualize data. All of my data for my business is logged into an Excel Spreadsheet. I cannot even begin to explain how much I reply on pivot tables to automate and visualize data to see the trends. It’s definitely one of the best aspects of Excel. By extracting information using any…[Read more]

  • I agree, working on something directly can help an auditor gain a better understanding rather than simply relying on tools that are there to assist the auditor – not to do their jobs for them. Tools can help in gathering stories from raw data but in order to put them together and figure out how a human mind may have worked in there, an auditors…[Read more]

  • “What will you be doing as an auditor?” This is a question I frequently get. I give a random answer saying “We make sure that business processes are aligned with IT processes and resources in an efficient and effective manner. We also make sure that IT resources are used to their maximum capabilities so that the company gets the most it can out of them.” Quite honestly, I just bs my way through it since most people don’t even understand half of what I’m saying and they just nod along and respond saying, “oh, that’s so cool! So you’ll be making a lot of money then?” (Face palm moment)

    Anyways, what really is our responsibility? What does it really come down to? What should we be doing?

    In short, an IT audit is when IT controls are evaluated. Since almost everything in this day and age is computerized, a lot of the systems are intertwined with the financial aspect of the organizations hence there being a real and important need for controls to tested, monitored and be in place for the financial and otherwise safety reasons regarding the organizations.

    Along with this, an auditor has particular responsibilities when keeping a check on the controls.

    1) Even if you know someone personally or you have a business casual relationship with an individual, as an auditor you have to set aside these relationships and rely on your own instincts rather than assuming what everyone tells you is the right thing. When in doubt, remember what you’ve learned from the CISA manual where  you’re told which source of information should be preferred over another.

    2) Before the audit team begins to gather the information, a meeting should be held to discuss the entity’s overall susceptibility to fraud. Go in to this meeting with an open and broad mind willing to doubt and question everything in order to find the chinks in the armor before they’re found out by someone who may use it to commit fraud.

    3) Obtain information by asking around and checking up on things. Speak to employees and management – a good conversation where people feel safe can bring out answers or random facts that you may not find out otherwise. Review the analytical procedures, consider the fraud risk factors and other various sources as you may come across in the company.

    4) Mainly so, don’t forget to question management and review their actions and practices. There’s a lot to be learned from the way management handles their work and job environment.

    These are some of the few things that an IS Auditor does. Along with this, auditors also design audit procedures which allow them to identify fraud risks, respond and address said risks and issues, find ways to fix the problems, apply it, test and monitor it, and redo the same processes again and again until they’re sure that they’re completely or at least just about full covered from the potential risk.

    • Irin:

      Very good post. This is a nice summary of the issues and I really like your honesty. LOL. 😀

      “Quite honestly, I just bs my way through it since most people don’t even understand half of what I’m saying and they just nod along and respond saying, “oh, that’s so cool! So you’ll be making a lot of money then?” (Face palm moment)”.

  • There’s a security attack vulnerability with the Windows platform that allows remote code execution. Microsoft has a patch that fixes this issue but it comes in the form of a windows update that many choose to not update or can’t because their software is too outdated to support the update.

    The attacks come in a couple different ways.

    Stack-based buffer overflow attacks: A condition where the buffer being overwritten and allocated to the stack,It allows attacker a way to complete arbitrary commands and take control of a vulnerable machine.
    Password Guessing Attacks: target the users who often choose passwords are easy to remember or using default passwords used by vendors left unchanged.
    Web Application Attacks: can occur over SSL-encrypted connection,such as account harvesting and SQL piggybacking.

    In order to stay ahead of the game, you should mitigate the risk as quickly as possibly by staying up to date and running the latest security updates, scanning your systems regularly, stay trained in the art of protecting against security attacks, use password filtering softwares and encrypt your information when possible.


    1“Security TechCenter.” Microsoft. 2015,

  • My group and I (Fifty Shades of Awesome) chose fraud in the online dating world as our topic for Lab2 (click the hyperlink to view the topic).

    Online dating nowadays come with strings attached. No I’m not talking about clingy partners, needy  individuals, baggage, or just plain old drama. I’m talking about fraud. When someone says fraud, I don’t know about you, but I automatically think of white collar crime in financial corporations. It’s just a normal jump towards that but in the dating world, there are so many scams. Many are too embarrassed to come forward and just say it because who wants to admit that they fell for some idiot claiming to love them within weeks of chatting online and not even meeting face to face who then asks them for emergency cash and vanishes once they receive it. Both male and female alike, these scams are widespread in the online dating world. There are many dating sites with memberships who keep a stringent check on their members to make sure they’re safe but at the end of the day, it’s hard to catch every single one of these fraudsters.

    Here’s some help that we were able to put together so YOU don’t fall for these cheaters.

    Keep an eye out for someone who:

    – Wants to leave the dating site immediately and use personal email

    or instant messages

    – Claims to be in love right away

    – Claims to be from the United States but is travelling or working


    – Plans to visit, but is prevented by a traumatic event or business

    deal gone sour.


  • There is no question that the sheer volume of available information has made countless industries more efficient and more effective.”

    Let’s start with Big data. If you’re like me, a lot of these terms may seem […]

  • Readings:

    It may be hard to find people who are experienced in running the Hadoop platform smoothly but in a year or two, there will be an influx of computer science majors ready to take the world in storm who […]

  • Reading:

    47 states out of the 50 that grace this nation each have their own data breach notification laws when maybe having just a combined standard one may be easier.

    As we begin to be more reliant on technology, phishing and malware attacks are coming at us from all sides. Using data analytics, the authorities in charge may be able to contain cyber attacks by catching onto those attacks as they’re about to occur or during the early stages hopefully protecting the customers financial data.

    Key point – the more technology grows, the smarter the responses/hackers are.

    Question: Without a credit history, it’s hard to so much as take out a student loan. With all these financial attacks going on, credit scores of innocents are being ruined. If this is how it is now, how much worse will it be 10 years from now? 20 years from now?

  • Key points from readings:

    Risk assessments are truly very important. Sometimes I don’t think certain small companies realize how important they are. By not having a proper risk management foundation, problems can arise without a solution in place to help stem the damage. Along with this, another thing that may not seem as important but is just as important is asset and value identification. An IT Auditor in short makes sure that a business is running to the best of its abilities all the while utilizing it’s IT capabilities as much a possible.

    What stands out:

    Every day as I go into work, I easily pick out scenarios where not having a risk assessment or a proper risk management plan set in place can cause a business interruption especially in a small company such as mine where assets and their values aren’t properly identified. During those moments I reflect back on what I’ve learned in class about how asset values are intangible and sometimes irreplaceable but are not realized by the company.


    What would be the best way for a company with less than 200 employees to create a proper risk management plan for a situation where they may lose a key asset when the work can only be done by someone with years of experience?


  • Load More