(From IIA Global Technology Audit Guide Auditing IT Projects). GTAG 28, 2, Project Plan and Approach, , Objective and scope, The scope of the project. Information for the audit program was also obtained as necessary from the Institute of Internal Auditor’s GTAG (Global Technology Audit Guide) #12 ( Auditing IT. Start studying GTAG Auditing IT Projects: Appendix A – Project Management. Learn vocabulary, terms, and more with flashcards, games, and other study.

Author: Arazshura Shaktizshura
Country: Barbados
Language: English (Spanish)
Genre: Life
Published (Last): 19 April 2015
Pages: 113
PDF File Size: 16.14 Mb
ePub File Size: 16.42 Mb
ISBN: 618-9-18675-297-9
Downloads: 80622
Price: Free* [*Free Regsitration Required]
Uploader: Gakora

Trending Pulse of Internal Audit. She has helped a large commercial bank and software development houses to be CMMI compliant.

Global Technology Audit Guide (GTAG) 12: Auditing IT Projects

Please enable scripts and reload this page. Whether IT projects are developed in house or are co-sourced with third-party providers, they are filled with challenges that must be considered carefully to ensure success. Definition of Internal Auditing. Issuing the audit report. The frameworks of business continuity management.

Turn on more accessible mode. Front page News Browsing. A suggested list of questions for use in the IT project assessment. Global Public Sector Insights. You may be trying to access this site from a secured browser on the server. Continuous control monitoring CCM.

Key project management risks. The methodology should cover, at a minimum, allocation of responsibilities,… 4. Information security risk management, and typical risks. He has significant and well-balanced technical and management projecfs as well as vendor and end-user experience; having worked for top-tier global organizations such as IBM Philippines and Sun Microsystems during the earlier part of his career and with UNILAB United Laboratories Inc.


There should be a specific schedule to assess and mitigate mission risks, but it should be flexible enough to be changed when necessary. MakatiMetro ManilaPhilippines. Managing information security by applying standards.

Handling extraordinary security events incidents. This Control directly supports the implied Prohects s: The framework and supporting method should be integrated with the programme management processes. He has more than 20 years of professional experience in Technology and Risk consulting. His areas of expertise and focus include helping organizations modernize and embrace digital shift and transformation, including giving advice on the right technology assets and models to consider and implement, redesign of enterprise processes in preparation for technology transformation, software licensing strategy and auditung, technology governance and risk management, cybersecurity and forensic services, among others.

Add to Calendar

Elaborating and operating the information security program. Currently, he is working as a Risk Management Executive in one of the leading health maintenance organizations HMO in the Philippines handling operational risk, information auuditing risk, data privacy, information security and consumer protection program.

Registration for this event is now closed.

He started his career in PwC by performing IT audits ranging from process improvement reviews, information security and compliance readiness, IT governance and enterprise resource planning post-implementation and optimizations. The history of control.

The place of the information security function. The organization shall manage the system development process by establishing efficient development methods, designating personnel to be responsible for the project, and implementing project management.

  DSEI2X101 12A PDF

Security requirements during systems development and introduction. The auditors should not have direct prijects in the decision process in order to maintain their independence. This is a past event.

Information security | Digital Textbook Library

Official information ahditing audit standards, and guidelines. Insufficient attention to these challenges can result in wasted money and resources, loss of trust, and reputation damage. In addition to that, she also led the business and technology resiliency group of a multinational financial services corporation in the Philippines making it compliant to ISO standard and to the Guidelines on Information Technology Risk Management of the Central Bank of the Philippines.

Co-ordinate the activities and … PO Standards, and recommendations projecgs IT security. Computer fraud in the Penal Code Btk.

Frank Vibar, PMP, CISSP, CISM, CBCP Frank has more than 20 years of solid experience with a proven track record in exercising his leadership, management and technical skills with distinguished performance as he consistently spearheads and delivers projects with utmost business value for the organizations he has worked with.

Establish and maintain a system design project management framework. How the internal audit activity can actively participate in the review of projects while maintaining independence.

Methods, and procedures of information systems audit.