Audit Evidence Refresher
Ookeditse Kamau, CISA, CIA
Quality evidence collected during the audit process enhances the overall quality of the work performed and significantly reduces audit risk.
Communication—The Missing Piece
Danny M. Goldberg, CISA, CGEIT, CCSA, CIA, CPA
Interpersonal and communication skills are as, or more, important than general audit capabilities.
Haruspex—Simulation-driven Risk Analysis for Complex Systems
Fabrizio Baiardi, Claudio Telmon, CISA, CISSP, and Daniele Sgandurra, Ph.D.
Haruspex is a risk evaluation methodology defined and implemented by the research group on risk management in the Department of Computer Science at the University of Pisa, Italy.
Project Portfolio Management
Aarni Heiskanen, LJK
A program or project portfolio explains how an organization is implementing its strategy with projects.
SOC Progress Report
Brian Vazzana, CISA, CITP, CPA
SOC reports examine the controls present at the service organizations and consider how those controls are designed and operate.
Five Questions With...
Robert Findlay, CISA
Robert Findlay has had a 30-year career in a variety of IT roles, including computer operations, programming, project management, IT audit and emergency project management.
Vasant Raval, CISA, DBA
A cohesive effort on all fronts by the community of organizations could lead to best practices, benchmarks and even accreditation standards in the arena of information ethics.
This Should Not Be Happening
Steven J. Ross, CISA, CISSP, MBCP
To accelerate investments in security, we security professionals must do a better job of communicating the reality of the threats that our organizations face.
Auditing Applications, Part 1
Tommie W. Singleton, Ph.D., CISA, CGEIT, CITP, CPA
This two-part article describes one framework for performing effective audits of applications.
JOnline: Transitioning From SAS 70 to SSAE 16
Pritam Bankar, CISA, CISM and Harmeet Kaur, CEH
This article highlights the need for SSAE 16, the notable differences and similarities between SSAE 16 and SAS 70, and estimates the effort required to transition to the new standard
Danny M. Goldberg 氏 (CISA、CGEIT、CCSA、CIA、CPA)
Ookeditse Kamau 氏 (CISA、CIA)