Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

Application Controls

Welcome to the Application Controls topic!

In this topic you may collaborate with your peers by participating in discussions, adding links and documents, and starting or contributing to wikis.

ISACA members can participate by clicking on the “Join this Community” button. You must be signed into the site. Set your alerts to be notified of new discussion activity within this community. Not an ISACA member? Join now!

 
This Topic Has:
260 Members
0 Online
5173 Visits

 Recent Discussions

Oracle EBS Application Controls. Posted by RogerDrolet.
Mobile Application Controls. Posted by Richard Fowler.
Mobile Apps - Part 2. Posted by Richard Fowler.

Community Leader

Richard Fowler

Richard Fowler

Title: Senior Audit Specialist

Points: 2738

Tariq Mahmood

Tariq Mahmood

Title: Lead IT Auditor

Points: 1542


NEW! Participate in Discussions Via Email. 

You can now respond to discussions by simply replying to the email alert. Just enable this feature in discussions on this topic. Learn more

Discussions: 11 total

Must be a Topic member to contribute
View All »
I interested in learning what other companies do during an implementation of the Oracle EBS R12 to ensure that the implementation team uses Oracle and Industry best practices to configure the Oracle Financials.
RogerDrolet | 5/6/2013 1:39:57 PM | COMMENTS(0)
I'm interested in knowing how other organizations are handling the increase in mobile devices and mobile application controls.  With the increasing number of Apple, Android and Microsoft devices -- and the business applications that run on them -- are you...
Richard Fowler | 2/20/2013 12:53:37 PM | COMMENTS(5)
There are business apps running on iOS for Apple devices, others running on Android, Windows Phone 8 or Windows Mobile, and now we're going to start seeing more from the Blackberry QNX operating system and later this year we might even see apps running on...
Richard Fowler | 2/19/2013 12:20:54 AM | COMMENTS(1)
Hi every one, I'm working in set up an Governance modelo for application controls (GMAC), and one of the biggest challengers it's to build an actual AC inventory. When you need to identify the relevant AC in a process, ¿what it's your approach?
Diego Pulido | 2/18/2013 11:45:06 PM | COMMENTS(4)
I'm sure that there are a number of training sessions one might find that deal with application controls.  The IT Audit & Controls Conference (ITAC 2011) is one good example.  From October 3-October 7 in Atlanta, you'll have plenty of current topics to le...
Richard Fowler | 8/1/2012 9:03:25 AM | COMMENTS(1)
I had an interesting discussion with a friend of mine who's a financial auditor.  He wanted to know how long it would take him to learn how to learn how to test application controls.  I told him I could teach him the basics in an hour or so.  Then he aske...
Richard Fowler | 1/18/2012 1:16:23 AM | COMMENTS(1)

Documents & Publications: 6 total

Must be a Topic member to contribute
A very good overview published in ISACA's Journal back in 2002, and still relevent today.
Posted by Richard Fowler 585 days ago
Books
Implement a systematic approach to security in mobile application development with help from this practical guide that also features case studies, code examples and best practices.
Posted by ISACA 719 days ago
The IIA has a series of documents called Global Technology Audit Guides ("GTAG"). Although ISACA and the IIA are related organizations, some documents are still for members only. I hope I can still share this overview, however.
Posted by Richard Fowler 844 days ago
Downloads
Posted by ISACA 1098 days ago
Downloads
Posted by ISACA 1098 days ago

Events & Online Learning: 3 total

16 Sep 2013
ISACA International Event
London, England
Stay on top of the trends and opportunities of the dynamic technology industry at EuroCACS/ISRM 2013 in Berlin—the leading European conference for IT audit, assurance, security and risk professionals. Save over US $200 when you register by 22 July!
30 Sep 2013
ISACA International Event
Medellín, Colombia
La Conferencia Latinoamericana CACS/ISRM 2013 en Medellín, Colombia es la conferencia principal latinoamericana para los profesionales de auditoría, riesgo y seguridad de la información. Ahorre más de EE.UU. $ 100 si se inscribe antes del 7 de agosto!
6 Nov 2013
ISACA International Event
Las Vegas, NV, USA
North America ISRM is a multidimensional event featuring security and risk content, and the security programs, tools and the resources you need to be responsive to industry changes.

Journal Articles: 12 total

Volume 3, 2013
by Tommie Singleton, CISA, CGEIT, CPA
Every time an IT auditor engages in an IT audit/assurance project, at least one person reviews the work.
Volume 3, 2013
by Dan Bogdanov, Ph.D., and Aivo Kalu, Ph.D., CISA
A cloud is a remote-access platform; thus, technical controls that remotely enforce a particular security policy are especially efficient.
Volume 1, 2013
by Pascal A. Bizarro, Ph.D., CISA, Andy Garcia, Ph.D., CPA and Jacob Nix
Risk exists with the implementation of personal mobile devices in business, but with risk comes reward.
Volume 5, 2011
by Emanuele Palmas, CISA
Implementing in-house ITGC/ITAC is a great opportunity for auditors to improve their knowledge of the company, and for the company, it is a chance to build IT governance that strengthens corporate governance.
Volume 2, 2011
by Loic Jegousse, CISA, CISM, CGEIT, CRISC
The proposed approach in this article will assist in reducing reliance on IT automated controls (ITAC) when it makes business sense to do so.
Volume 6, 2009
by Joseph Natovich, Ph.D., CPA

Wikis: 2 total

Blog Posts: 8 total

A recent publication in a local newspaper, indicated that an employee was charged with fraud with regards to claims of insurance payments that were lodged with the company were paid out to people who were not entitled to receive such payments. What po...
Posted By : Paulina.PNI | 1 comments
Grupos de Estudio para Acreditaciones de JUNIO, SEPTIEMBRE Y DICIEMBRE 2013. Para los que esten interesados en la presentación del exámen de certificación CISA y CISM  o para cualquiera que desee comenzar a prepararse para estas o las próximas pruebas, pu...
Posted By : Alexander Osorio | 0 comments
Typically application access to a SQL Server database is via one of two methods.  Either all users access the same database using a single (proxy) user which is defined in an initialisation (.INI) file, registry etc. Or the users access the database ...
Posted By : Ian Cooke | 2 comments
As your Application Controls Group Moderator, I wanted to take some time and start a blog.  Not that I have anything stellar to pass along, at least not today, but the tool is here so I thought I'd do something with it. And I have.  But just so you know,...
Posted By : Richard Fowler | 1 comments
On March 1st,  I was invited to speak at the CampIT conference on Enterprise Risk/Security Management at Rosemont Convention Center. Before me there were two speakers. The first presenter spent an hour presenting the story from the trenches of technolog...
Posted By : Umesh391 | 1 comments
Security is one of the major concerns which hold enterprises from embracing the cloud. But some think that this is manageable and as such have started adopting cloud based SaaS applications. Cloud based Enterprise solutions like Sales Force, Service Now, ...
Posted By : Kannan | 0 comments