-
Jianhui Chen posted a new activity comment 7 years, 10 months ago
What controls can be implemented to mitigate the risks associated with outsourcing?
1.Contract
2. Statement of Work (SLA)
3.High Level Monitoring
4.Connectivity and Network Security
5.Data Security
6.Project Monitoring and Governance
7.Compliance with Regulatory Requirements
8. Benefit Measurement
9.Customer Satisfaction
10. Impact on…[Read more] -
Jianhui Chen posted a new activity comment 7 years, 10 months ago
What are the benefits and risks of out-sourcing?
Outsourcing is a practice in which an individual or company performs tasks, provides services or manufactures products for another company — functions that could have been or is usually done in-house. Outsourcing is typically used by companies to save costs.
Benefit:
1. reduce cost/…[Read more] -
Jianhui Chen posted a new activity comment 7 years, 10 months ago
List common control issues associated with operating systems and remediation strategy/plan.
Common issues:
1. weak design and implementation can lead to a compromise of system by potentially allowing unauthorized access.
Lack of administration of accounts can lead to a compromise of system integrity by potentially allowing unauthorized gain…[Read more] -
Jianhui Chen posted a new activity comment 7 years, 10 months ago
Why is so important to protect operating systems?
OS is a software that designed to run on specific hardware. OS interfaces between the applications and hardware. An operating system has three main functions: (1) manage the computer’s resources, such as the central processing unit, memory, disk drives, and printers, (2) establish a user…[Read more]
-
Jianhui Chen posted a new activity comment 7 years, 10 months ago
List risks associated with database management systems (DBMS)
Easily guessed passwords
Missing Patches
Misconfigurations
Excessive Privileges
Web application attacks (SQL-injection)
Insider mistakes
Weak or non-existent audit controls
Social engineering -
Jianhui Chen posted a new activity comment 7 years, 10 months ago
Key benefits of relational databases vs traditional file system?
There are several benefits of relational databases management system. Few of them are as follows:
1. Data is only stored once. In the previous example, the city data was gathered into one table so now there is only one record per city. The advantages of this are
No multiple…[Read more] -
Jianhui Chen posted a new activity comment 7 years, 10 months ago
What are key characters of relational database management systems?
A relational database is a collection of data items organized as a set of formally described tables from which data can be accessed easily. A relational database is created using the relational model. The software used in a relational database is called a relational database…[Read more]
-
Jianhui Chen posted a new activity comment 7 years, 10 months ago
What is the purpose of all auditors having some understanding of technology?
There would be different kind of auditors such IT, Operational, Financial. All the content they are going to audited is emerging with the technology. For example, Operations at modern companies are increasingly computerized. All the auditors are need to ensure…[Read more]
-
Jianhui Chen posted a new activity comment 7 years, 10 months ago
How does the control environment affect IT?
The control environment sets the tone of an organization, influencing the control consciousness of its
people. A strong control environment can enhance reliability for the data being transferred within the organization. For example, we use the desktop of Temple Library, we were not able to install or…[Read more] -
Jianhui Chen posted a new activity comment 7 years, 10 months ago
What are some current system-related risks that you have experienced in your organization?
I think the employees who do not have enough cyber security awareness is one of the system-related risks in my organization. Employee and contractor’s behavior is the primary source of costly data breaches, as the research shows. it has become necessary…[Read more]
-
Jianhui Chen wrote a new post on the site Auditing Controls in ERP Systems 7 years, 10 months ago
presentation-for-real-world-control-failure
-
Jianhui Chen wrote a new post on the site Auditing Controls in ERP Systems 7 years, 10 months ago
presentation-for-real-world-control-failure
-
Jianhui Chen posted a new activity comment 7 years, 11 months ago
2. How is independence maintained when working for the company as an internal auditor?
Independence is the freedom from conditions that threaten the ability of the internal audit activity to carry out internal audit responsibilities in an unbiased manner. To achieve the degree of independence necessary to effectively carry out the…[Read more] -
Jianhui Chen posted a new activity comment 7 years, 11 months ago
Q4. In future weeks we may have the privilege of having real world auditors join us for our discussions. What questions would you like to ask the Auditors to answer for us?..
1. What are the biggest challenges you have faced as an auditor?
2. What’s the suggestions you may have for entry level IT auditors?
3. What software which will be i…[Read more] -
Jianhui Chen posted a new activity comment 7 years, 11 months ago
What are the key components of SAP change management controls you would expect the auditor to review? Why?
1.Review of SAP changes: 2. Approval of SAP changes 3.Deployment of SAP changes for testing 4.Testing of SAP changes 5.Approval of SAP changes for production 6. Deployment of SAP changes to Production.7.Deployment of Production Support c…[Read more]
-
Jianhui Chen posted a new activity comment 7 years, 11 months ago
Which is more of a risk to a company: inaccurate data or excessive repetitive data? Explain
I think inaccurate data is more of risk to a company because accurate data would not only mislead decison makers but also come up with compliance problems.
Accurate is important for decision making for the future. the inaccurate would misleading the…[Read more] -
Jianhui Chen posted a new activity comment 7 years, 11 months ago
Which department or person should play the key role in defining master data and assuring it’s quality?
Firstly we should know what is the master data. Master data is the core data that is essential to operations in a specific business or business unit. Master data may be about: customers, products, employees, materials, suppliers, and v…[Read more]
-
Jianhui Chen posted a new activity comment 7 years, 11 months ago
I have read an article from WSJ that In the Bit-coin Era, Ransom-ware Attacks Surge
Ransom-ware dates to the late 1980s, but attacks surged as these year growing use of bit-coin which is a pseudo-anonymous currency, meaning it is very difficult to track. Malicious code turned users’ Excel spreadsheets and Word documents into unreadable…[Read more] -
Jianhui Chen posted a new activity comment 7 years, 11 months ago
Good post Paul. I think it is a law protecting our privacy well.
There is a new job called data brokers, and they are collecting, analyzing and packaging some of our most sensitive personal information and selling it as a commodity…to each other, to advertisers, even the government, often without our direct knowledge. As customers or users, we…[Read more] -
Jianhui Chen posted a new activity comment 7 years, 11 months ago
Good post Magaly. This article reminds of me that “Wi-fi” is listed as the most basic of human needs in the 21st century to Maslow’s hierarchy of needs. internet service is absolutely necessary for many people to carry out their job. Wi-Fi is arguably one of the more important needs in everyday life. We have become preoccupied with acces…[Read more]
- Load More