Audit and Assurance

This is a forum to collaborate on all topics related to IT audit and assurance.  Examples includes discussions on audit programs, sources of assurance, audit best practice, audit methodologies, audit charters, audit standards, the IT Assurance Framework (ITAF), audit news etc.

Topic Leaders

Senior Auditor
Ultimate Consulting, Inc
Continuity NZ, Ltd
Director/Principal Consultant

List of Discussions

  • I have learned that too now thanks for sharing! ------------------------------ Ngoran Allangba C&A Analyst ------------------------------

  • ​Ian/Troy, My apologies for the delayed reply.  Thank you both for  your responses.  Some good information that leads me in the right direction to EU-US privacy shield.  I appreciate the assistance. ------------------------------ Felipe Reyes IT Security ...

  • Hi David You are in a right track, you may also look at › cyberframework ISO/IEC 27007:2017 INFORMATION TECHNOLOGY -- SECURITY TECHNIQUES -- GUIDELINES FOR INFORMATION SECURITY ...

  • Profile Picture

    RE: Security Strategy

    @Jeffery Pepson - In my experience, when this "battle" is occurring, it is good to recommend an IT Security Steering Committee that is responsible for security governance.   The  CISO, CIO, and even some other csuite personnel are usually on the committee.  ...

  • Hi Mohd, I think that it is a good approach to speak to the new head of CRM , tell him or her that this should have been carried out on the handover (ownership) but was missed and you want to make them aware of their responsibilities concerning the asset. ...

  • @Rita Kobusinge , What is the role of the organization you're working with in the payment ecosystem? Are you an issuer/acquirer/merchant/service provider? The functions that you mentioned cut a very wide path through some of the ...

  • Profile Picture

    RE: SOC 2 Audit

    The correct link for the above post ------------------------------ Ian Cooke Audit & Assurance Topic Leader ISACA Journal Columnist ------------------------------