Fundamentals of IT Audit – IT Audit, Governance and Security

2013 Canadian Conference on IT Audit, Governance and SecurityMarch 26-27, 2013 (Optional Workshop March 28) • The Westin Harbour Castle – Toronto, ON12:15 pm LUNCH1:30 pm CONCURRENT SESSIONS – CHOOSE ONE OF THREEWhat Does It Take to Be an Effective IT Auditor –in the Brave New World?Marc Poirier and Michael Kostanecki, ProtivitiPractitioners need a combination of technicaland people skills to forge a career in auditingtechnology. Organizations are investing substantialsums in their computer systems, databases andsupply chains to compete and leverage customerrelationships. At the same time, they are beginningto recognize that IT auditors can assist them inunderstanding the constantly shifting risks of theinformation age.IT auditors focus on the governance of IT systemsand processes with audits ranging from businesscontinuity to development processes to informationsecurity. To be effective, IT auditors must acquirethe right hard and soft skills.Most IT auditors know about the hard skills requiredto meet professional requirements. This sessionwill focus on the key attributes that successfulIT auditors must have in their repertoire to beeffective, that is, the soft skills – in the brave newworld.OR How to Better Engage the CFO in IT Activities –Aligning CFO and CIO PrioritiesPeter A. Parsan, The Hospital For Sick ChildrenEnterprises today are facing unprecedenteduncertainty requiring a new level of agility to adaptquickly to changes in the business environment.Although IT cost savings are still a key focus forthe CFO, business agility requires a new focus,urgency and cooperation between the CFO andCIO for setting priorities and aligning IT strategiesto business strategies for achieving sustainablerevenue growth, profitability and competitiveness.This session will focus on how the CFO mustbecome more involved and work with the CIO onIT issues relating to: understanding IT cost drivers;improving business agility through IT solutions; andmitigating risk.ORNFC and RFID – Balancing Benefits and RisksBlake Lindsay, BCEHow and where are NFC and RFID used? What arethe benefits? What are some of the audit and riskconsiderations? NFC and RFID create a new wayof looking at how to audit and control financialand shipping records, for example, how you audit apaperless trail. There are also risk, governance, andsecurity considerations, such as: how to get youraudit information and how to ensure the securityand integrity of the data. In this session, insightsinto the benefits and risks for using NFC and RFIDwill be discussed and explored.2:30 pm COFFEE BREAK – EXHIBITS OPEN2:50 pm CONCURRENT SESSIONS – CHOOSE ONE OF THREEORLeveraging Continuous Monitoring to EnhanceOperational AuditingCharan Kumar Bommireddipalli, Collins Barrow LLPRobert D. Crawford, Ministry of Finance, Ontario InternalAudit DivisionThe successful achievement of an enterprise’s goalsand objectives is accomplished through the designand implementation of various business processesthroughout the organization. The effectivenessof these processes (desired outcomes) and theirefficiency (resources used economically) impactthe extent to which strategic goals are successfullyachieved.While operational auditing assists the enterprisein evaluating and improving the design of variousbusiness processes, continuous monitoring assists inensuring that the business processes are operatingas intended.This session will address: What is continuousmonitoring? How can it assist in operationalauditing? What is operational auditing and how canoperational auditing add value to your IT audit? Inaddition, this session will also provide a workingsolution for continuous monitoring in action.COBIT 5 – What’s New?Vishi Bindra, MNP LLPISACA recently released its COBIT 5 frameworkwith significant updates to its content and processes.Building on the previous versions, COBIT 5integrates several other components like VALIT and RISK IT. This session will provide a highleveloverview of the major changes in COBIT 5compared to COBIT 4.1. Existing users will gaininsights into planning their transition and non-userswill receive an overview of this latest IT framework.For the most current information and to register, visit: www.cpd.cica.ca/ITAudit 5