new kick starter available
play

New Kick Starter Available! Athletic Ticket Operations Download - PowerPoint PPT Presentation

Sep 13, 2023 •112 likes •773 views

New Kick Starter Available! Athletic Ticket Operations Download today in the members-only section of www.ACUA.org Solve Problems Connect with Colleagues Stay up to Date Subscribe to one or more Forums on the Discounts and special

  4. New Kick Starter Available! Athletic Ticket Operations Download today in the members-only section of www.ACUA.org

  5. Solve Problems Connect with Colleagues Stay up to Date • Subscribe to one or more Forums on the • Discounts and special offers from Connect ACUA to obtain feedback and ACUA's Strategic Partners • Utilize Kick Starters share your insights on topics of concern • The College and University to higher education internal auditors. • Risk Dictionary Auditor is ACUA's official • Mentorship program journal. Current and past • Search the Membership Directory to • NCAA Guides connect with your peers. • Resource Library issues are posted on the • Internal Audit Awareness Tool ACUA website. • Share, Like, Tweet & Connect on social • Governmental Affairs Updates media. • Survey Results • News relevant to Higher Ed • Career Center......and much more. Get Involved internal audit is posted on the Get Educated front page. Articles are also • The latest Volunteer openings are posted archived for your reference • Take advantage of the several FREE on the front page of the website. webinars held throughout the year. under the Resources/ACUA • Visit the listing of Committee Chairs to • Attend one of our upcoming News. learn about the various areas where you conferences: might participate. • Nominate one of your colleagues for an AuditCon ACUA annual award. September 15-19, 2019 • Submit a conference proposal. Baltimore Marriott Waterfront, • Present a webinar. Baltimore, MD www.ACUA.org • Write an article for the C&U Auditor. • Contact ACUA Faculty for training • Become a Mentor. • Write a Kick Starter. needs.

  6. WEBINAR MODERATOR ▪ Don’t forget to connect with us on social media! ACUA Distance Learning Director Amy L. Hughes Director of Internal Audit Michigan Technological University

  7. Information Technology General Controls Sudeshna Aich, MBA, CISA Senior Information Technology Auditor Office of Inspector General Services Florida State University 7

  8. Agenda • What are Information Technology General Controls (ITGCs)? • Why perform ITGC audits? • How to Audit ITGC? • What are the Common Deficiencies and Findings? 8

  9. 9

  10. WHAT ARE ITGC S ? 10

  11. What are IT General Controls? IT general controls (ITGCs) are the basic controls that apply to all the system components (such as applications, operating systems, databases), data, processes and supporting IT infrastructure. The objectives of ITGCs are to ensure the integrity of the data and processes that the systems support. 11

  12. Primary Areas of ITGCs • ITGC Framework • Access to Programs and Data • Change Management • Computer Operations • Systems Development 12

  13. ITGC – Types of Controls Preventive – Detective – Corrective Preventive – prevent problems from occurring (Proactive) • Segregation of Duties • Monitoring • Adequate Documentation • Physical safeguards Detective – identify problems after occurrence (Reactive) • Logging and Monitoring • Reviews Corrective – prevent recurrence of problems • Change controls as needed to eliminate error in future 13

  14. How big is your audit shop: 1) 1 to 3 people 2) 4 to 6 people 3) 6 to 10 people 4) > 10 people 14

  15. WHY PERFORM ITGC AUDIT? 15

  16. Why perform ITGC audits? • Determine Effectiveness and Efficiency of ITGC Controls • Ensure controls related to Confidentiality, Availability, and Integrity of data and information are adequate • Ensure Availability of mission-critical functions in a disaster situation • Review Compliance with applicable polices, procedures, laws 16

  17. Why perform ITGC audits? • IT systems support many of the University’s business processes, such as: ➢ Student Records ➢ Grading ➢ Admissions ➢ Finance ➢ Purchasing ➢ Human Resources ➢ Research We cannot rely on IT systems without effective IT General Controls 17

  18. Example of FSU’S IT Environment This is an example of IT environment at a major University • 500 acres in Tallahassee • 14,000 employees • 41,000 students • $1.7 Billion Operating Budget • 40-50,000 Network Connections • 4500 Wireless Access Points 18

  20. HOW TO PERFORM ITGC AUDITS? 20

  21. ITGC – Audit Approach • Understand and identify the IT Environment and systems to be reviewed ➢ IT governance ➢ Policies, procedures, guidelines • Perform interviews, walkthroughs, and review documentation to gain an understanding on processes ➢ Who performs what function ➢ How something is done and documented “If it is not documented, you did not do it” 21

  22. ITGC – Audit Approach (Continued) • Validate existing controls to assess control operating effectiveness ➢ What are the major controls? ➢ Are the controls working as intended? ➢ Are the controls in- line with the University’s IT security framework? ➢ Are these controls reviewed periodically? ➢ Who reviews these controls? 22

  23. Does your organization have IT Security Policy? 1) Yes 2) No 3) Do not know 23

  24. AUDITING IT GOVERNANCE AND FRAMEWORK 24

  25. Why do we need to audit IT Governance and Framework? • Obtain an understanding of IT Framework – ➢ IT Security Policy, procedure, guidelines • Determine if controls over University’s IT structure are reasonable and oversight is adequate ➢ IT reports and log • Determine if IT operations are in- line with the University’s strategies and objectives ➢ IT reports and log 25

  26. Example of Policy Objective (FSU) 4-OP-A-9 Internal Controls Objective The purpose of this policy is to provide guidance to help ensure the internal control objectives of the University are met. It is the responsibility of all University employees to ensure protection of University assets and resources. Administrators at all levels are responsible for establishing a strong control environment, setting the appropriate tone at the top, and displaying the proper attitude toward complying with these established controls 4-OP-H-5 Information Security Policy Objective The FSU Information Security Policy establishes a framework of minimum standards and best practices for the security of data and Information Technology (IT) resources at Florida State University 26

  27. AUDITING ACCESS MANAGEMENT CONTROLS – COMMON TERMINOLOGIES 27

  28. Access to Data Data can be accessed via: • Applications that create, edit, maintain and report data • The network (Network domain administrators) ➢ Data ‘In Transit’, ‘In Process’ • Primary servers (Server administrators) ➢ Data ‘In Transit’, ‘In Process’ • Databases (Database administrators) ➢ Data ‘At Rest’, ‘In Transit’, ‘In Process’ 28

  29. Access to Programs User Access Management: • User Access Provisioning • Excessive Access • Generic User ID and Privileged Access • User Access Review • User Access De-provisioning 29

  30. Authentication Authentication Controls More powerful in terms of mitigating risk. Authentication verifies that the login (ID/password) belongs to the person who is attempting to gain the access, i.e., users are who they say they are. • Single Sign-on • Multifactor Authentication 30

  31. Authorization Authorization controls Act of checking to see if a user has the proper permission to access a particular file or perform a particular action, assuming that user has successfully authenticated. • Credential focused • Dependent on specific rules and access control lists preset by the network administrator(s) or data owner(s) 31

  32. Physical Access Controls Physical Access Controls Limit access to buildings, rooms, areas, and IT assets. • ID at the entrance • Closing off access to laptops, desktops, and servers • Safe structure for datacenter ➢ Natural disasters – tornadoes, earthquakes, floods, and tsunamis. 32

  33. Logical Access Controls Logical Access Controls Limits connection to computer networks, system files, and data to authorized individuals only and to the functions each individual can perform on the system. Logical security controls enable the organization to: • Identify individual users of IT data and resources. • Restrict access to specific data or resources. • Produce audit trails of system and user activity. 33

  34. Does your organization require periodic review of user access rights? 1) Yes 2) No 3) Do not know 34

  35. AUDITING ACCESS MANAGEMENT CONTROLS 35

  36. Why do we need to audit controls over User Access Management? • To ensure: ➢ IT Policies and procedures contain details about user management controls • Unique user IDs • Modification of existing user rights due to transfers or role changes • Disable and/or remove user accounts for terminated and transfer users • Periodic review of user access for all the users 36

  37. Why do we need to audit controls over User Access Management? • To ensure: ➢ User access rights are appropriately requested, reviewed, and approved ➢ User accounts are unique and not shared ➢ All users and their activities are identifiable using unique user IDs ➢ User access rights are in line with documented job requirement ➢ Least-privileged access and need-to-know access for applications, databases, and servers is enforced 37

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

New Kick Starter Available! Ethical Climate Surveys Download today in the members-only section

New Kick Starter Available! Ethical Climate Surveys Download today in the members-only section

New Kick Starter Available! Ethical Climate Surveys Download today in the members-only section of www.ACUA.org Solve Problems Connect with Colleagues Stay up to Date Subscribe to one or more Forums on the Discounts and special offers

832 views • 30 slides
Starter Agenda Introduction Starter Introduction Swimming Official STARTER Function?

Starter Agenda Introduction Starter Introduction Swimming Official STARTER Function?

Starter Agenda Introduction Starter Introduction Swimming Official STARTER Function? Fair Start to all Competitors Methods? Manual - Pistol, Electronic Horn, Whistle / Signaling Device Automatic Officiating Equipment /

289 views • 24 slides
Certification Clinic Starter Philosophy The primary responsibility of the starter is to

Certification Clinic Starter Philosophy The primary responsibility of the starter is to

Certification Clinic Starter Philosophy The primary responsibility of the starter is to ensure that all swimmers receive a fair start The starter does not command the swimmers to start, rather the starter invites the swimmers to

781 views • 49 slides
Starter Certification Clinic Philosophy The primary responsibility of the starter is to

Starter Certification Clinic Philosophy The primary responsibility of the starter is to

Starter Certification Clinic Philosophy The primary responsibility of the starter is to ensure that all swimmers receive a fair start The starter does not command the swimmers to start, rather the starter invites the swimmers to

947 views • 49 slides
Marshal Agenda Introduction Check Starter Marshal Introduction Swimming Official

Marshal Agenda Introduction Check Starter Marshal Introduction Swimming Official

Check Starter Marshal Agenda Introduction Check Starter Marshal Introduction Swimming Official CHECK STARTER Function? IMPORTANCE OF THE CHECK STARTER Swimmers in correct starting positions, in timely manner A smooth,

709 views • 69 slides
WITH PASSION AND EXPERIENCE INTER STARTER Inter Starter is a young company concerned with

WITH PASSION AND EXPERIENCE INTER STARTER Inter Starter is a young company concerned with

WITH PASSION AND EXPERIENCE INTER STARTER Inter Starter is a young company concerned with supplying automotive electromechanical components. WAREHOUSE Our proposal is, above all, to provide our clients with complete starters and

450 views • 18 slides
NMEA2000 Starter Kit Product Introduction Part Number: ZDIGN2KIT NMEA2000 Starter Kit

NMEA2000 Starter Kit Product Introduction Part Number: ZDIGN2KIT NMEA2000 Starter Kit

NMEA2000 Starter Kit Product Introduction Part Number: ZDIGN2KIT NMEA2000 Starter Kit UPC:081159830670 September 2017 Digital Yacht UK Tel + 44 1179 55 44 74 SRP 65.00 ex vat www.digitalyachtamerica.com Introduction & Market Dear

247 views • 7 slides
Graphics 15-110 Bonus Content How Tkinter Works Starter Code import tkinter as tk #

Graphics 15-110 Bonus Content How Tkinter Works Starter Code import tkinter as tk #

Graphics 15-110 Bonus Content How Tkinter Works Starter Code import tkinter as tk # shorten library name In order to create graphics, we need to take a few preliminary steps. These will be provided to def draw(canvas): you as starter

466 views • 15 slides
Unit 2 Global Networks and Interconnections Overview Ben Curtis Unit Starter Ideas #1

Unit 2 Global Networks and Interconnections Overview Ben Curtis Unit Starter Ideas #1

Unit 2 Global Networks and Interconnections Overview Ben Curtis Unit Starter Ideas #1 Balloon Globes Unit Starter Ideas #2 Orange Globes Great for teaching about mapping projections! Quick Quiz! Get your devices at the ready

672 views • 64 slides
Kick-Start Kick art Webin ebinar ar Prop opTech

Kick-Start Kick art Webin ebinar ar Prop opTech

Kick-Start Kick art Webin ebinar ar Prop opTech https://business.esa.int/funding/intended-tender/proptech Christopher.Frost-Tesfaye@esa.int BUSINESS BUSINESS TECHNOLOGY APPLICATIONS INCUBATION TRANSFER ESA UNCLASSIFIED ESA

494 views • 25 slides
Lesson 10 - I can multiply 3 digits by 1 digit - reasoning and problem solving Starter- recap

Lesson 10 - I can multiply 3 digits by 1 digit - reasoning and problem solving Starter- recap

Lesson 10 - I can multiply 3 digits by 1 digit - reasoning and problem solving Starter- recap 657 X 3 = 6 5 7 x 3 Starter- answers 657 X 3 = 1971 6 5 7 x 3 1 9 7 1 1 1 2 P roblem Solving: Which calculation has an answer

507 views • 11 slides
KICK-OFF MEETING Sez Atamturktur AVP for Research Development MRSEC Kick-off Meeting:

KICK-OFF MEETING Sez Atamturktur AVP for Research Development MRSEC Kick-off Meeting:

Materials Research Science and Engineering Centers KICK-OFF MEETING Sez Atamturktur AVP for Research Development MRSEC Kick-off Meeting: Clemsons Strengths and ORD Support 12/13/2017 R1 A CARNEGIE R1 RESEARCH INSTITUTION Goals of this

424 views • 24 slides
Intercity and Regional Bus Network Study Statewide TAC Meeting #1 Kick off Kick off Agenda

Intercity and Regional Bus Network Study Statewide TAC Meeting #1 Kick off Kick off Agenda

Intercity and Regional Bus Network Study Statewide TAC Meeting #1 Kick off Kick off Agenda Meeting Goal: Understand TAC role and l d d l d responsibility and initiate development of service objective and issue statements.

486 views • 26 slides
ELASTIC Kick-Off Meeting Meeting Program Kick-Off Meeting OBJECTIVES Mutual knowledge of

ELASTIC Kick-Off Meeting Meeting Program Kick-Off Meeting OBJECTIVES Mutual knowledge of

ELASTIC Kick-Off Meeting Meeting Program Kick-Off Meeting OBJECTIVES Mutual knowledge of partners and organizations; Summary presentation of objectives, actions and expected results; Approval on definitive budget and activities

424 views • 10 slides
Ke Key Law Changes 2019/20 Ball in Play -Goal Kick/Free Kick in Goal Area Handball

Ke Key Law Changes 2019/20 Ball in Play -Goal Kick/Free Kick in Goal Area Handball

Ke Key Law Changes 2019/20 Ball in Play -Goal Kick/Free Kick in Goal Area Handball Yellow and Red Cards for Team Officials Defensive Wall Substitutes leaving the field Dropped Ball Uncontested Ball Hits a Match Official

508 views • 47 slides
The Gas Analyst The Gas Starter Kit provides a cost-efgective solution which helps you to better

The Gas Analyst The Gas Starter Kit provides a cost-efgective solution which helps you to better

The Gas Analyst The Gas Starter Kit provides a cost-efgective solution which helps you to better understand your gas consumption detected by your gas meter. Through our online platform HomeManager you can easily visualize and optimize your energy

427 views • 10 slides
2016 Audit of Washington County Presented: Bryan Grunewald, CPA David Minch, CPA Components of

2016 Audit of Washington County Presented: Bryan Grunewald, CPA David Minch, CPA Components of

2016 Audit of Washington County Presented: Bryan Grunewald, CPA David Minch, CPA Components of the Audit Audit of the Basic Financial Statements Report on Internal Accounting Controls Audit of Federal and State Financial Assistance

319 views • 13 slides
Audit Committee Internal Audit Work Plan Recommendation October 4, 2018 John Mickevice

Audit Committee Internal Audit Work Plan Recommendation October 4, 2018 John Mickevice

APS Internal Audit Department Audit Committee Internal Audit Work Plan Recommendation October 4, 2018 John Mickevice Presentation Overview Overview of Internal Audit at APS Criteria Used to Select Possible Projects Projects

525 views • 21 slides
Auditors presentation AGM 16 April 2020 of Airbus SE Introduction and overview Airbus SE

Auditors presentation AGM 16 April 2020 of Airbus SE Introduction and overview Airbus SE

Auditors presentation AGM 16 April 2020 of Airbus SE Introduction and overview Airbus SE Ernst & Young Accountants LLP Scope 2019 Consolidated financial statements plus notes thereto True and fair view: Independent

272 views • 5 slides
Conflue nc e Ac ade my, Inc . Audito r Co mmunic a tio ns And Re sults Of T he Annua l Audit

Conflue nc e Ac ade my, Inc . Audito r Co mmunic a tio ns And Re sults Of T he Annua l Audit

Conflue nc e Ac ade my, Inc . Audito r Co mmunic a tio ns And Re sults Of T he Annua l Audit fo r the ye a r e nde d June 30, 2017 Co nflue nc e Ac a de my, I nc . Bo a rd o f Dire c to rs Co nflue nc e Ac a de my, I nc . a nd F rie

774 views • 38 slides
Washington Health Benefit Exchange 2014 Audit Results Discussion with the Board 1 AGENDA

Washington Health Benefit Exchange 2014 Audit Results Discussion with the Board 1 AGENDA

Washington Health Benefit Exchange 2014 Audit Results Discussion with the Board 1 AGENDA Matters Required to be Communicated with Those Charged with Governance 2 DRAFT REPORT OF INDEPENDENT AUDITORS ON THE FINANCIAL STATEMENT Unmodified

250 views • 12 slides
Balt ltimore Cit ity Fis iscal l Outlook and Audits March 5, 5, 20 2020 20 1 Biennial

Balt ltimore Cit ity Fis iscal l Outlook and Audits March 5, 5, 20 2020 20 1 Biennial

Balt ltimore Cit ity Fis iscal l Outlook and Audits March 5, 5, 20 2020 20 1 Biennial Audits Transfer responsibility from the Director of Finance to the Department of Audits (City Auditor) so there is no longer a conflict of

680 views • 20 slides
Briefing for audit committee chairs 3 December 2019 10.30 10.50: QAO update Brendan Worrall,

Briefing for audit committee chairs 3 December 2019 10.30 10.50: QAO update Brendan Worrall,

Engage Challenge Deliver Care Briefing for audit committee chairs 3 December 2019 10.30 10.50: QAO update Brendan Worrall, Auditor-General 10.50 11.20: Insights from Managing cyber security risks Agenda David Toma, Director 11.20

415 views • 41 slides
TRS Employer Audits Presenter: Art Mata Agenda Audit Requirements: AICPA Audit &

TRS Employer Audits Presenter: Art Mata Agenda Audit Requirements: AICPA Audit &

Teacher Retirement System of Texas TRS Employer Audits Presenter: Art Mata Agenda Audit Requirements: AICPA Audit & Accounting Guide for State and Local Governments The Audit Process Results of Prior Audits Action Items For

359 views • 34 slides

More recommend