![](https://community.mis.temple.edu/wp-content/blogs.dir/1/files/avatars/4914/5a6b95ce046d2-bpfull.jpg)
Mike Romeu
Week 09 – IT Audit Procedure-Evidence
Here’s the material we tried using during class.
Week 08 – IT Audit Planning and Performance
Let’s wrap up the subject of Risks and Controls then get into actually performing the audit. The article is the same as last week’s.
Readings:
Article(s):
- “Risk-Based Approach to IT Systems Lifecycle and Change Control” by Loic Jegousse, CISA, CISM
CISA Review Manual:
- 1.6 Performing an IS Audit
- 1.6.1 Classification of Audits
- 1.6.2 Audit Programs
- 1.6.3 Audit Methodology
Quiz Prep – Weeks 06 and 07
Hello all.
This week’s quiz is again only 5 multiple-choice questions. IT Risk has been the subject of the last 2 weeks. Performance Guideline 2202 – Risk Assessment in Planning and the class slides will prove useful in preparing for the quiz.
As always, please give me a call if you have any trouble. Best of luck.
Week 07 – IT Risks and Controls
This week we will continue on the subject of Risk and Controls from last week.
Readings:
Article(s):
- “Risk-Based Approach to IT Systems Lifecycle and Change Control” by Loic Jegousse, CISA, CISM
CISA Review Manual:
- 1.5.3 General Controls
- 1.5.4 IS Controls
Week 06 – IT Risk and Controls
Time to shift gears and start delving more into IT Risks and Controls. At the beginning of our course we defined Risk as the product of Harm or Vulnerability and its Impact. We also discussed briefly how risk assessments can help us sift through a universe of risks (Risk Universe) to help us define and scope the target of our efforts.
This week will be all about IT risks and controls. Discussing IT services will help us contextualize risks and controls. This will be our starting point. I’d like to offer a simple technique to evaluate and manage risks.
Finally we will also discuss the risks beyond IT activities. These are risks regarding auditing, controls, and sampling.
Readings:
Standards and Guidelines:
- PS 1202 Risk Assessment in Planning / PG 2202 Risk Assessment in Planning
CISA Review Manual:
- 1.6.5 Risk-Based Auditing
- 1.6.6 Audit Risk and Materiality
- 1.6.7 Risk Assessment and Treatment
- 1.6.8 Risk Assessment Techniques