Paper , Order, or Assignment Requirements
Answer any 4 questions out of 8 from the file called Questions.doc and i have also attached the powerpoint for the reference and concepts
- Technology has evolved throughout the years and plays an ever increasing role in supporting business operations to help companies achieve strategic advantage. You have scheduled a meeting with the Chief Information Officer (CIO) to review your IT audit plan for 2016. Explain how you would use the IT audit function to add value to the organization. In your answer, consider the following short answer essay prompts:
- Why is information assurance needed in today’s business environment?
- What role(s) can the IT auditor play in terms of supporting this need?
- As discussed in week 9, given the growth of “big data” – explain how “continuous monitoring,” responsibilities of the 1st and 2nd line, and “continuous auditing” performed by internal audit as the 3rd line of defense, can help an organization further improve its overall eco-system of controls.
- The IT Audit Director has asked you to perform some preliminary research as it relates to an upcoming audit of your company’s approach to IT governance. The Institute of Internal Auditors (IIA) standards have been revised and now require that you perform an IT governance audit as part of your annual audit plan. Write a response back to your IT Audit Director stating the key areas that the team should focus on for the audit. In your answer, consider the following short answer essay prompts:
- How do you know when IT governance is not working?
- Board versus management – when defining IT governance, why is clearly defining roles and responsibilities important?
- What key elements of IT governance support value creation, improved IT performance and enhanced risk management practices and continuous improvement?
- Why does a car have brakes? In class, when I asked this question, the majority of you immediately thought: “To slow the car down.” Throughout the semester, we have emphasized the importance of implementing improved risk management practices to enhance value, and seize business opportunities (i.e., “Make the car go faster, and apply the brakes when needed.”). Consider the following scenario:
Maria Alvarez, the Chief Operating Officer (COO) of a global manufacturing company, recently attended a conference on corporate governance. One of the topics discussed was the subject of Enterprise Risk Management, or ERM for short. She could not believe what she heard … At lunch, later that day, she spoke to her company’s Chief Compliance Officer (COO): “Mihal,” she said, “this ERM concept is all wrong. Hire a Chief Risk Officer and let that person have responsibility for risk – no way. It’s another example of academics, accounting and consulting firms dreaming up some idea to sell to corporate America. They’re just out to fatten their wallets. Risk management is part of our day-to-day operations – it’s embedded in our daily decision-making. If we set up a separate group to monitor a list of risks, we are only going to cause more troubles. It’s no wonder why only 25% of companies polled in the 2015 AICPA poll on ERM have a complete formal enterprise-risk management process in place.”
Building upon this point-of-view, Bob Kaplan, Senior Fellow and Marvin Bower Professor of Leadership Development, Emeritus at the Harvard Business School, in a recent article titled, Risk Management, the Revealing Hand, states,
“After the global financial crisis, consultants and policy makers reached the conclusion that, as articulated by Ernst & Young Partner Randall Miller, “companies with more mature risk management practices outperform their peers financially.” Consultants offered to show less risk-savvy companies how to reap the “likely profit margin increase” that has accrued to “risk management leaders… over the last three years” and to achieve the spectacular EBITDA-differentials between the “top” and “bottom” of the risk management maturity scale. Despite such claims, academic studies have yet to confirm whether and how risk management practices add value (page 9).”
In your answer, consider the following short answer essay prompts:
- Do you agree or disagree with the Maria Alvarez, the COO? Why?
- Often, when we think about risk, we immediately focus on “potential harms” – how can ERM, or more effective risk management practices, focus on value added versus value preserved (i.e., protecting the downside)?
- Building on the topic of risk management, why is it vitally important for the IT auditor to establish a common risk language with management?
- You recently joined MortgageNow Inc.’s internal audit department as an IT Audit Manager. MortgageNow is a leading national mortgage servicing company, with over 1,300 employees, located principally in Phoenix and Chicago. Each year, the company’s internal audit department conducts an entity-wide privacy audit. As part of the privacy audit testing requirements, internal audit examines MortgageNow’s identity management process. Results of this testing routinely highlight a number of recurring problems, including inappropriate user IDs and the identification of IDs that belong to employees or contractors that no longer work for the company. Prior to joining MortgageNow, you completed an IT audit course form DePaul University, and quickly realized that the prior IT Audit Manager failed to provide recommendations that addressed the root cause of this issue. In your answer, consider the following short answer essay prompts:
- When evaluating an IT risk event, what does “root cause analysis” mean? Explain how an IT auditor goes about determining the root cause of an IT risk event or weakness in controls.
- To help management implement sustainable corrective action, develop a recommendation that addresses the root cause of this identity management observation.
- The Institute of Internal Audit (IIA) standards state that “engagements must be performed with proficiency and due professional care.” Cynthia Cooper, WorldCom whistleblower and internationally recognized expert on ethics and leadership in a recent speech on ethics stated, “We’re all faced with ethical dilemmas,” she said. “The foundations of our character are laid brick by brick every day.” The IIA defines “integrity” as follows: “The integrity of internal auditors establishes trust and thus provides the basis for reliance on their judgment.”
- If management is pressuring an internal auditor to look the other way, explain how the internal audit professional standards can help in this situation.
- In the article, she states, “My feelings changed from curiosity to discomfort to suspicion based on some of the accounting entries my team and I had identified, and also on the odd reactions I was getting from some of the finance executives.” Explain the elements of due professional care that are exhibited in her actions.
Is this question part of your Assignment?
We can help
Our aim is to help you get A+ grades on your Coursework.
We handle assignments in a multiplicity of subject areas including Admission Essays, General Essays, Case Studies, Coursework, Dissertations, Editing, Research Papers, and Research proposals
Header Button Label: Get Started NowGet Started Header Button Label: View writing samplesView writing samples