Information Systems Auditing: Trends Into The Millennium Fred Gallegos, CISA, CDE, CGFM CIS Faculty, CSPU-POMONA MSBA - IS Audit Advisor Cal Poly Pomona 01/15/03 1 What is IS Auditing The evaluation of Controls within the Information Systems Environment to insure the integrity, reliability and accuracy of the information presented, often supporting the Attestation of an audit. Evaluation of IS Efficiency, Effectiveness and Economy Cal Poly Pomona 01/15/03 2 Who Performs IS Audits The Internal Auditor The External Auditor Big Four CPA Firms Cal Poly Pomona 01/15/03 3 Skills Needed to Audit IS Business Experience IS Education and/or Experience Accounting Education and/or experience Oral Communication and presentation skills Written communication skills Cal Poly Pomona Analytical skills Ability to work in a team environment Ability to use the computer to audit through the computer Continuous self development 01/15/03 4 Kinds Of IS Audits Applications Systems In Development IS Facilities Advanced Technologies Audit Tools and Applications Cal Poly Pomona 01/15/03 5 Training Sources for IS Auditing Private Companies and Professional Associations (MIS, CanAudit, AICPA, ISSA, ISACA, AGA, --- Conferences, Seminars.....etc) Internal Training (Security and Audit training offered within the Organization) Universities Cal Poly Pomona 01/15/03 6 At Cal Poly, CIS 433 IS Auditing or Masters of Science in Business Administration Option I S Auditing see www.cisdept.csupomona.edu click on Graduate Programs Cal Poly Pomona 01/15/03 7 Alumni who are in the Field with the Big Four Scott Kandel, Partner Deloitte & Touche Jennifer Campbell, IT Auditor - KPMG Debbie Newman, Manager - PWC Amin Leiman, Senior Manager - KPMG Boulton Fernando, Senior Manager – Ernst & Young Marlow Sabenaugh-Kabbouce – Manager – Ernst & Young Cal Poly Pomona 01/15/03 8 Alumni who are in the Field with Private Industry Isabelle Prieve-Theisen, Universal Studios Dan Landsberg, Indy Mac Cathy Clement-Holiday, VP-IBM Rod Kocot, Senior VP - Union Bank Dan Dow, Director – Operational Audits Federal Express Helen Yamashiro, 20th Century Ins. Aleksandra Looho, Farmers Insurance Cal Poly Pomona 01/15/03 9 Individuals in Public Sector Dear – Regional Director for IT Audits NASA/OIG JPL, Pasadena CA Greg Dove – Senior IT Auditor – CSU Chancellor’s Office Long Beach CA Gerald Morris, IT Audit Manager – County of Los Angeles Rory Robinson, IT Audit Supervisor DCAA Lorne Cal Poly Pomona 01/15/03 10 IS Auditing Trends The IS audit profession – – – – – Cal Poly Pomona A common body of knowledge Certification Continuing education A code of ethics and professional standards Educational curricula 01/15/03 11 Websites www.gao.gov www.nist.gov www.isaca.org www.theiia.org www.itaudit.org www.auditnet.org Cal Poly Pomona 01/15/03 12 Model Curriculum for Undergrdauate and Graduate Education See www.isaca.org Click on Academic Relations Find Model Curriculum and click on Model to download Cal Poly Pomona 01/15/03 13 Career Opportunities for the 21st Century Public accounting Private industry Management consulting Government Cal Poly Pomona 01/15/03 14 My Own Experience Involved in IT Audit, Control and Security issues since 1972 Work with the U.S. General Accounting Office from 1972-1996 as an IT Auditor, Supervisor, Project Manager, Audit Manager, Group Manager Involved in more than 1000 audit over this period of time and contributed to 875 written GAO Reports Cal Poly Pomona 01/15/03 15 My Own Experience Continued GAO assisted me in attaining my MBA and postgraduate education at the Wharton School at the University of Pennsylvania. Supported my involvement with Professional Associations – ISACA, AGA and the IACISE Supported by part-time teaching interests at Cal Poly, Pomona from 1975-96 Cal Poly Pomona 01/15/03 16 IT Auditing CIS auditing is a profession and career. Career development and professional support will continue to grow and evolve. Career opportunities will continue, and the demand will continue. Cal Poly Pomona 01/15/03 17