the Connector - The Institute of Internal Auditors

More documents

Recommendations

Info

the ConnectorVancouver Island Chapter Newsletter“Your Space” Corner (cont’d)Application of the RM Policy to the Third Party ServiceOrganization: This area may be another area to include inyour engagement.Individual Staff’s Understanding of RM: The collectiveeffectiveness of a RM program begins with that ofindividual staff and follows with refreshing/ updatingtraining. The training can be programmed at the corporateand department levels or both.Scope of Electronic Records: What we included were theemail system, network drives, SharePoint, portablecommunication devices, and portable electronic storagemedia.Location of records: A record can be stored in multiplelocations and multiple forms. An official record’s locationand form can be a point for the review.Information Security Classification: This area could be partof the project or it can be a separate project itself.Better Practices VS Best Practices: Depending on yourorganizational priority, recommendations may aim toachieve better practices as opposed to best practices dueto business needs and resource requirements.Useful Document References‣ National Standard of Canada: Electronic Records AsDocumentary Evidence (CAN/CGSB‐72.34‐2005)‣National Standard of Canada: Microfilm and ElectronicImages as Documentary Evidence (CAN/CGSB‐72.11‐93)‣International Standard: Information andDocumentation – Records Management (ISO15489)Securing Personal Information: A Self‐Assessment Toolfor Organizationshttp://www.priv.gc.ca/resource/tool‐outil/securitysecurite/english/AssessRisks.asp?x=1Note: There are overlapping contents between the ISOdocument and the Canadian Standard documents as thelatter ones specially address electronic recordsmanagement. The ISO document provides the principlesof RM regardless of the form of records.I hope you find the points noted useful. If you have a RMreview on the radar and would like discuss about it inmore details, feel free to contact me. You can alsocomment this article through this email:teeravit.ch@gmail.comcom►Attention all members ◄Doyouhaveanythingyouwouldliketoshare with your local IIA members? Hereis your space!To contribute to our chapter’s newsletter(plus you also earn CPE hours), pleasecontact me here. You will also receive afree lunch training event.4
the ConnectorVancouver Island Chapter NewsletterVancouver Island Chapter’s Educational EventsJanuary – May 2012February 20-21IT Audit Workshop (Beginners &Advanced)Two-day workshopEarly bird ends Jan 30Chris Dunn, BCom in MIS, CISM, CISA,CRISC, CISSPIn our 2011 Survey our membership hasasked for workshops on IT Audit, ITGovernance, Disaster Recovery, BusinessContinuity and Threat Risk Assessments. Thisworkshop combines elements of all of thosetopics.An Information Technology (IT) or InformationSystems (IS) audit is an examination ofcontrols within an IT infrastructure. Evaluationof obtained evidence determines if informationsystems are safeguarding assets, maintainingdata integrity, and operating effectively toachieve organizational goals and objectives.Assessing threats and vulnerabilities that canjeopardize crucial IT assets andrecommending appropriate risk managementstrategies can be a daunting task without asystematic ti approach to data collection andanalysis.January 25How to Position Your Organization toThrive in AusterityConnie Siu, Founder and president of CDCSynectics IncIn this presentation, learn how market placechanges impact your business, the urgency tooptimize efficiency and productivity, andwhere to focus in achieving operationalexcellence.March 14 Breakfast (TBD) John Doyle, BC Auditor GeneralApril 19 Luncheon (TBD) TBDMay 17 Luncheon (TBD) TBDFor registration to any of the above, go to the IIA Vancouver Island Website5
Page 1 and 2: the ConnectorVancouver Island Chapt
Page 3: the ConnectorVancouver Island Chapt

the Connector - The Institute of Internal Auditors

Create successful ePaper yourself

Delete template?

Save as template?