The Texas A&M University System Internal Audit Department MONTHLY AUDIT REPORT
|
|
- Garry Strickland
- 6 years ago
- Views:
Transcription
1 MONTHLY AUDIT REPORT September 22, 2016
2 September 2016 TABLE OF CONTENTS Texas A&M University - Central Texas Financial Management Services' Operations and Student Information Systems General and Application Controls Texas A&M University Information Technology for the Office of the Provost
3 System Internal Audit TEXAS A&M UNIVERSITY CENTRAL TEXAS Financial Management Services Operations and Student Information Systems General and Application Controls September 22, 2016 Charlie Hrncir, C.P.A. Chief Auditor Project #
4 Texas A&M University Central Texas: Financial Management Services Operations and Student Information Systems General and Application Controls Overall Conclusion Overall, the application controls established over the financial management services operations and the student information system at Texas A&M University - Central Texas are efficient and effective in providing reasonable assurance that the information is accurate, complete and that the university is operating in compliance with applicable laws, policies, rules, and regulations. Opportunities for improvement were noted in the areas of student refund account reconciliations and training for users with access to confidential student data. Detailed Results 1. Student Refund Account Reconciliations Areas Reviewed FAMIS & Banner user account management User access to sensitive functions/data Application controls Reconciliations of Banner and FAMIS transactions The account reconciliation process for student refunds requires improvement to ensure outstanding items are cleared in a timely manner. The clearing account used for student refunds had unexplained outstanding items totaling $41,000 at the time of the review. This total includes $36,000 of outstanding items carried over from fiscal year The university identified problems with clearing account processes related to the data feed from the student information system (Banner) to the Financial Accounting Management Information System (FAMIS) during the initial implementation of Banner in fiscal year Since then, the campus has been working to examine the transactions that impact the data feed, correct the issues noted, and research the outstanding items. Accurate and timely reconciliations are an important control for timely detection of errors, discrepancies, and systematic problems. The Committee of Sponsoring Organizations (COSO) requires control activities to help ensure management directives are carried out, which include a range of activities including reconciliations. Also, COSO requires monitoring to ensure that internal controls continue to operate effectively. September 2016 Page 1 Project #
5 Texas A&M University Central Texas: Financial Management Services Operations and Student Information Systems General and Application Controls Recommendation Reconcile accounts and identify and clear outstanding items in a timely manner. Management s Response Management agrees with the findings and recommendations and will implement changes in the reconciliation process for the student refunds account. Target completion date is March 31, FERPA Training Banner users with access to confidential student data are not receiving training on the Family Education Rights and Privacy Act (FERPA) requirements on a consistent basis. The campus has relied on the FERPA areas covered within the Information Security Awareness training required for all system employees. Without a more detailed training, there is a risk that employees may inadvertently mishandle confidential student data resulting in a violation of federal law. FERPA requires that student education records are protected for all schools that receive funds under an applicable program of the U.S. Department of Education. Also, the United States Sentencing Commission Guidelines require an effective compliance and ethics program, which must include conducting training programs appropriate for respective roles and responsibilities. Recommendation Require FERPA specific training, such as the electronic course offered within TrainTraq, for all employees with access to student data or records. Management s Response Management agrees with the findings and recommendation. The FERPA Training Course on TrainTraq became mandatory for all employees at A&M-Central Texas on June 29, This training will be repeated every two years. Page 2 September 2016 Project #
6 Texas A&M University Central Texas: Financial Management Services Operations and Student Information Systems General and Application Controls Basis of Review Objective and Scope Methodology Criteria The audit of financial management services operations and the student information system at Texas A&M University - Central Texas focused on evaluating the controls in place to determine if resources were used efficiently and effectively in compliance with applicable laws, policies, regulations and rules and that the information was accurate and complete. The audit period focused primarily on activities from June 1, 2015 to May 31, Areas reviewed included logical security, access to sensitive functions, and application controls within the Business Office. Fieldwork was conducted from June 2016 to July Our audit methodology included interviews, observation of processes, and review of documentation and testing of data using sampling. To determine if new user processes were followed, the auditors selected a nonstatistical sample of ten new Banner users and eight new FAMIS users through auditor judgment to determine if there were any unexpected results. To determine if users with access to student holds within Banner were appropriate, the auditors selected a nonstatistical sample of eight Banner users through auditor judgment to determine if there were any unexpected results. Our audit was based upon standards as set forth in Texas A&M University System Policies and Regulations; Texas A&M University Central Texas rules and administrative procedures; Texas Administrative Code; the Committee of Sponsoring Organizations Internal Control Integrated Framework (COSO); the United States Sentencing Commission Guidelines; Family Education Rights and Privacy Act; and other sound administrative practices. The audit was conducted in conformance with the Institute of Internal Auditors International Standards for the Professional Practice of Internal Auditing. Additionally, we conducted the audit in accordance with generally accepted government auditing standards. Those standards require that we plan and perform the audit to obtain sufficient, appropriate evidence to provide a reasonable basis for our findings and conclusions based on our audit objectives. We believe that the evidence obtained provides a reasonable basis for our findings and conclusions based on our audit objectives. September 2016 Page 3 Project #
7 Texas A&M University Central Texas: Financial Management Services Operations and Student Information Systems General and Application Controls Audit Team Amanda Dotson, CPA, CIA, Director David Maggard, CPA, CISA, Audit Manager Chesney Cote, CPA, CISA Whitney Glenz, CISA Distribution List Dr. Marc Nigliazzo, President Dr. Peg Gray-Vickrey, Provost and Vice President for Academic & Student Affairs Ms. Gaylene Nunn, Vice President for Finance and Administration Mr. Todd Lutz, Assistant Vice President for Information Technology/CIO Ms. Deserie Rivera, University Compliance Officer Page 4 September 2016 Project #
8 System Internal Audit TEXAS A&M UNIVERSITY Information Technology for the Office of the Provost September 22, 2016 Charlie Hrncir, C.P.A. Chief Auditor Project #
9 Texas A&M University: Information Technology for the Office of the Provost Overall Conclusion The information technology governance processes and general controls at the Texas A&M University Office of the Provost are effective in providing reasonable assurance that the confidentiality, integrity, and availability of the information resources and data are maintained in accordance with laws, policies, regulations and rules. General control areas reviewed for the Provost IT Office (PITO) included logical security of workstations; change management; Information Technology Departments Reviewed: Provost IT Office Open Access Labs Instructional Media Services backup and recovery; identity and account management; and incident management. General control areas reviewed for Open Access Labs (OAL) included logical security of staff workstations, backup and recovery, and identity and account management. General control areas reviewed for Instructional Media Services (IMS) included logical security of classroom workstations and network devices. OAL manages the classroom workstations for IMS. Logical security testing in all three areas included system patch management, password management, and program version management. The centralized management of logical security processes in both PITO s technology services group and OAL contributed to the strong controls noted during testing. These groups each manage a large number of machines efficiently and effectively. Change management processes and controls within PITO s information services group help them meet the software application needs for non-academic departments across campus. September 2016 Page 1 Project #
10 Texas A&M University: Information Technology for the Office of the Provost Basis of Review Objective and Scope Methodology The audit of information technology processes and general controls at the Texas A&M Office of the Provost focused on ensuring that the confidentiality, integrity, and availability of information resources and data were maintained in accordance with laws, policies, regulations and rules. The audit period focused primarily on activities from July 1, 2015 to June 30, Areas reviewed included change management, backup and recovery, logical security, identity and account management, and incident management. Fieldwork was conducted from July to August, Our audit methodology included interviews, observation of processes, review of documentation and testing of data using sampling. To test the logical security controls in place over workstations and the change controls in place over development of applications, auditors utilized nonstatistical samples selected through auditor judgement. Criteria Our audit was based upon standards as set forth in Texas A&M University System Policies and Regulations; Texas A&M University Rules and Standard Administrative Procedures; Texas Administrative Code; and other sound administrative practices. The audit was conducted in conformance with the Institute of Internal Auditors International Standards for the Professional Practice of Internal Auditing. Additionally, we conducted the audit in accordance with generally accepted government auditing standards. Those standards require that we plan and perform the audit to obtain sufficient, appropriate evidence to provide a reasonable basis for our findings and conclusions based on our audit objectives. We believe that the evidence obtained provides a reasonable basis for our findings and conclusions based on our audit objectives. Page 2 September 2016 Project #
11 Texas A&M University Information Technology for the Office of the Provost Audit Team Robin Woods, CPA, Director David Maggard, CPA, CISA, Senior Manager Chesney Cote, CPA, CISA Whitney Glenz, CISA Distribution List Mr. Michael K. Young, President Dr. Karan L. Watson, Provost and Executive Vice President for Academic Affairs Dr. Jerry R. Strawser, Vice President for Finance and Administration Mr. Joseph P. Pettibon II, Associate Vice President for Academic Services Mr. Juan E. Garza, Assistant Vice President for Academic Services Ms. Margaret Zapalac, Associate Vice President Risk and Compliance September 2016 Page 3 Project #
The Texas A&M University System Internal Audit Department MONTHLY AUDIT REPORT
The Texas A&M University System Internal Audit Department MONTHLY AUDIT REPORT December 19, 2016 The Texas A&M University System Internal Audit Department December 2016 TABLE OF CONTENTS Texas A&M Transportation
More informationTexas A&M University: Learning Management System General & Application Controls Review
Overall Conclusion Overall, the controls established over the primary learning management system at Texas A&M University, Blackboard Learn (ecampus), are effective in providing reasonable assurance that
More informationInternal Audit Report. Electronic Bidding and Contract Letting TxDOT Office of Internal Audit
Internal Audit Report Electronic Bidding and Contract Letting TxDOT Office of Internal Audit Objective Review of process controls and service delivery of the TxDOT electronic bidding process. Opinion Based
More informationSubject: University Information Technology Resource Security Policy: OUTDATED
Policy 1-18 Rev. 2 Date: September 7, 2006 Back to Index Subject: University Information Technology Resource Security Policy: I. PURPOSE II. University Information Technology Resources are at risk from
More informationUNIVERSITY OF NORTH CAROLINA CHARLOTTE
STATE OF NORTH CAROLINA OFFICE OF THE STATE AUDITOR BETH A. WOOD, CPA UNIVERSITY OF NORTH CAROLINA CHARLOTTE INFORMATION TECHNOLOGY GENERAL CONTROLS INFORMATION SYSTEMS AUDIT JULY 2017 EXECUTIVE SUMMARY
More informationGeneral Information Technology Controls Follow-up Review
Office of Internal Audit General Information Technology Controls Follow-up Review May 19, 2015 Internal Audit Team Shannon B. Henry Chief Audit Executive Stacy Sneed Audit Manager Rod Isom Auditor Winston-Salem
More informationDepartmental Change in Management Audit Fiscal Year 2012
Departmental Change in Management Audit Fiscal Year 2012 September 2013 The University of Texas at Austin Office of Internal Audits UTA 2.302 471-7117 The University of Texas at Austin Internal Audit Committee
More informationOffice of Internal Audit
Office of Internal Audit March 16, 2017 Dr. Kirk Calhoun, President UT Health Northeast 11937 U. S. Hwy 271 Tyler, TX 75708 Dr. Calhoun: We have completed the Security Control Standards as part of our
More informationUNIVERSITY OF NORTH CAROLINA CHAPEL HILL
abd STATE OF NORTH CAROLINA OFFICE OF THE STATE AUDITOR BETH A. WOOD, CPA UNIVERSITY OF NORTH CAROLINA CHAPEL HILL INFORMATION TECHNOLOGY GENERAL CONTROLS INFORMATION SYSTEMS AUDIT NOVEMBER 2017 EXECUTIVE
More informationINFORMATION TECHNOLOGY DATA MANAGEMENT PROCEDURES AND GOVERNANCE STRUCTURE BALL STATE UNIVERSITY OFFICE OF INFORMATION SECURITY SERVICES
INFORMATION TECHNOLOGY DATA MANAGEMENT PROCEDURES AND GOVERNANCE STRUCTURE BALL STATE UNIVERSITY OFFICE OF INFORMATION SECURITY SERVICES 1. INTRODUCTION If you are responsible for maintaining or using
More informationSTATE OF NORTH CAROLINA OFFICE OF THE STATE AUDITOR BETH A. WOOD, CPA FAYETTEVILLE STATE UNIVERSITY
STATE OF NORTH CAROLINA OFFICE OF THE STATE AUDITOR BETH A. WOOD, CPA FAYETTEVILLE STATE UNIVERSITY INFORMATION TECHNOLOGY GENERAL CONTROLS INFORMATION SYSTEMS AUDIT JANUARY 2016 EXECUTIVE SUMMARY PURPOSE
More informationCyber Security Program
Cyber Security Program Cyber Security Program Goals and Objectives Goals Provide comprehensive Security Education and Awareness to the University community Build trust with the University community by
More informationInternal Audit Follow-Up Report. Multiple Use Agreements TxDOT Office of Internal Audit
Internal Audit Follow-Up Report Multiple Use Agreements TxDOT Office of Internal Audit Objective Assess the status of corrective actions for high risk Management Action Plans (MAPs) previously communicated
More informationSubject: Audit Report 16-50, IT Disaster Recovery, California State University, Fresno
Larry Mandel Vice Chancellor and Chief Audit Officer Office of Audit and Advisory Services 401 Golden Shore, 4th Floor Long Beach, CA 90802-4210 562-951-4430 562-951-4955 (Fax) lmandel@calstate.edu February
More informationAboriginal Affairs and Northern Development Canada. Internal Audit Report Summary. Audit of Information Technology Security.
Aboriginal Affairs and Northern Development Canada Internal Audit Report Summary Audit of Information Technology Security Prepared by: Audit and Assurance Services Branch April 2015 NCR#7367040 - NCR#7358318
More informationB. To ensure compliance with federal and state laws, rules, and regulations, including, but not limited to:
Executive Policy, EP 2.215 Institutional Data Governance Page 1 of 14 Executive Policy Chapter 2, Administration Executive Policy EP 2.215, Institutional Data Governance Effective Date: xxxx 2017 Prior
More informationEMERGENCY MANAGEMENT
CSU The California State University Office of Audit and Advisory Services EMERGENCY MANAGEMENT California State University, Dominguez Hills Audit Report 16-43 August 30, 2016 EXECUTIVE SUMMARY OBJECTIVE
More informationSubject: Audit Report 18-84, IT Disaster Recovery, California State University, Sacramento
Larry Mandel Vice Chancellor and Chief Audit Officer Audit and Advisory Services 401 Golden Shore, 4th Floor Long Beach, CA 90802-4210 562-951-4430 562-951-4955 (Fax) lmandel@calstate.edu October 23, 2018
More informationTHE UNIVERSITY OF TEXAS-PAN AMERICAN OFFICE OF AUDITS & CONSULTING SERVICES. Computer Administrative Rights Report No
THE UNIVERSITY OF TEXAS-PAN AMERICAN OFFICE OF AUDITS & CONSULTING SERVICES Report No. 15-14 OFFICE OF INTERNAL AUDITS THE UNIVERSITY OF TEXAS - PAN AMERICAN 1201 West University Drive Edinburg, Texas
More informationIT Audit Process Prof. Liang Yao Week Two IT Audit Function
Week Two IT Audit Function Why we need IT audit A Case Study What You Can Learn about Risk Management from Societe Generale? https://www.cio.com/article/2436790/security0/what-you-can-learn-about-risk-management-fromsociete-generale.html
More informationKENYA SCHOOL OF GOVERNMENT EMPLOYMENT OPORTUNITY (EXTERNAL ADVERTISEMENT)
KENYA SCHOOL OF GOVERNMENT EMPLOYMENT OPORTUNITY (EXTERNAL ADVERTISEMENT) 1. DIRECTOR, LEARNING & DEVELOPMENT - LOWER KABETE Reporting to the Director General, Campus Directors will be responsible for
More informationOffice of Internal Audit 800 W. Campbell Rd. SPN 32, Richardson, TX Phone Fax December 12, 2016
Office of Internal Audit 800 W. Campbell Rd. SPN 32, Richardson, TX 75080 Phone 972-883-4876 Fax 972-883-6846 December 12, 2016 Dr. Richard C. Benson, President Ms. Lisa Choate, Chair of the Institutional
More informationArticle II - Standards Section V - Continuing Education Requirements
Article II - Standards Section V - Continuing Education Requirements 2.5.1 CONTINUING PROFESSIONAL EDUCATION Internal auditors are responsible for maintaining their knowledge and skills. They should update
More informationNERC Staff Organization Chart Budget 2019
NERC Staff Organization Chart Budget 2019 President and CEO Associate Director to the Office of the CEO Senior Vice President and Chief Reliability Senior Vice President, General Counsel and Corporate
More informationNERC Staff Organization Chart Budget 2018
NERC Staff Organization Chart Budget 2018 President and CEO Associate Director to the Office of the CEO Senior Vice President and Chief Reliability Senior Vice President, General Counsel and Corporate
More informationOffice of MN.IT Services Data Centers
Office of MN.IT Services Data Centers Information Technology Controls and Compliance Audit As of November 2016 March 2, 2017 REPORT 17-06 Financial Audit Division Office of the Legislative Auditor State
More informationArticle I - Administrative Bylaws Section IV - Coordinator Assignments
3 Article I - Administrative Bylaws Section IV - Coordinator Assignments 1.4.1 ASSIGNMENT OF COORDINATORS To fulfill the duties of the Fiscal Control and Internal Auditing Act (30 ILCS 10/2005), the Board
More informationAuditing and Monitoring in an Effective Institutional Compliance Program
Auditing and Monitoring in an Effective Institutional Compliance Program 6 th Conference for Effective Compliance Systems in Higher Education Presented by David B. Crawford, Audit Manager Emeritus The
More informationThe University of Texas at El Paso. Information Security Office Minimum Security Standards for Systems
The University of Texas at El Paso Information Security Office Minimum Security Standards for Systems 1 Table of Contents 1. Purpose... 3 2. Scope... 3 3. Audience... 3 4. Minimum Standards... 3 5. Security
More informationInternal Quality Assurance Report. Inspector General Department
Tim Parks, Chief Internal Audit Officer/Inspector General Sandy Bottone, Senior Internal Auditor/Accreditation Manager August 8, 2018 August 8, 2018 The Honorable Linda Doggett, Lee County Clerk of Circuit
More informationNERC Staff Organization Chart Budget 2019
NERC Staff Organization Chart Budget 2019 President and CEO Associate Director to the Office of the CEO Senior Vice President and Chief Reliability Officer Senior Vice President, General Counsel and Corporate
More informationSTATE OF NORTH CAROLINA
STATE OF NORTH CAROLINA UNIVERSITY OF NORTH CAROLINA SCHOOL OF THE ARTS INFORMATION TECHNOLOGY GENERAL CONTROLS MARCH 2011 PERFORMANCE AUDIT OFFICE OF THE STATE AUDITOR BETH A. WOOD, CPA STATE AUDITOR
More informationReviewed by ADM(RS) in accordance with the Access to Information Act. Information UNCLASSIFIED.
Assistant Deputy Minister (Review Services) Reviewed by in accordance with the Access to Information Act. Information UNCLASSIFIED. Security Audits: Management Action Plan Follow-up December 2015 1850-3-003
More informationSTATE OF NORTH CAROLINA
STATE OF NORTH CAROLINA AUDIT OF THE INFORMATION SYSTEMS GENERAL CONTROLS CARTERET COMMUNITY COLLEGE OCTOBER 2007 OFFICE OF THE STATE AUDITOR LESLIE MERRITT, JR., CPA, CFP STATE AUDITOR AUDIT OF THE INFORMATION
More informationTAC 202 Requirements 2017
TAC 202 Requirements 2017 Audit Report# 17-16 September 6, 2017 The University of Texas at El Paso Office of Auditing and Consulting Services "Committed to Service, Independence and Quality" The University
More informationOpportunities to Integrate Technology Into the Classroom. Presented by:
Opportunities to Integrate Technology Into the Classroom Presented by: Mark Salamasick, CIA, CISA, CRMA, CSP Executive Director of Audit University of Texas System Discussion Topics Internal Audit Textbook
More informationSALARY $ $72.54 Hourly $3, $5, Biweekly $8, $12, Monthly $103, $150, Annually
SALARY $49.72 - $72.54 Hourly $3,977.88 - $5,803.27 Biweekly $8,618.75 - $12,573.75 Monthly $103,425.00 - $150,885.00 Annually ISSUE DATE: 03/21/18 THE POSITION DIRECTOR OF CYBER SECURITY OPEN TO THE PUBLIC
More informationUniversity of North Texas System Administration Identity Theft Prevention Program
University of North Texas System Administration Identity Theft Prevention Program I. Purpose of the Identity Theft Prevention Program The Federal Trade Commission ( FTC ) requires certain entities, including
More informationAny observations not included in this report were discussed with your staff at the informal exit conference and may be subject to follow-up.
Larry Mandel Vice Chancellor and Chief Audit Officer Audit and Advisory Services 401 Golden Shore, 4th Floor Long Beach, CA 90802-4210 562-951-4430 562-951-4955 (Fax) lmandel@calstate.edu June 5, 2018
More informationInformation Technology General Control Review
Information Technology General Control Review David L. Shissler, Senior IT Auditor, CPA, CISA, CISSP Office of Internal Audit and Risk Assessment September 15, 2016 Background Presenter Senior IT Auditor
More informationSTOCKTON UNIVERSITY PROCEDURE DEFINITIONS
STOCKTON UNIVERSITY PROCEDURE Identity Theft Prevention Program Procedure Administrator: Director of Risk Management and Environmental/Health/Safety Authority: Fair and Accurate Credit Transactions Act
More informationTools & Techniques I: New Internal Auditor
About This Course Tools & Techniques I: New Internal Auditor Course Description Learn the basics of auditing at the new internal auditor level. This course provides an overview of the life cycle of an
More informationThe Texas A&M University System. Internal Audit Department. Fiscal Year 2014 Audit Plan
Introduction The purpose of the Audit Plan is to outline audits and other activities the System Internal Audit Department will conduct during fiscal year 2014. The plan is developed to satisfy responsibilities
More informationREPORT TO MANAGEMENT ON FOLLOW-UP AUDIT OF DATA, VOICE, AND VIDEO NETWORKING LAMAR INSTITUTE OF TECHNOLOGY
REPORT TO MANAGEMENT ON FOLLOW-UP AUDIT OF DATA, VOICE, AND VIDEO NETWORKING LAMAR INSTITUTE OF TECHNOLOGY JULY TABLE OF CONTENTS Fiscal Year TABLE OF CONTENTS TRANSMITTAL LETTER...3 DETAILED FINDINGS
More informationEXAM PREPARATION GUIDE
When Recognition Matters EXAM PREPARATION GUIDE PECB Certified ISO 22000 Lead Auditor www.pecb.com The objective of the Certified ISO 22000 Lead Auditor examination is to ensure that the candidate has
More informationInternal Quality Assurance Report. Inspector General Department
Tim Parks, Chief Internal Audit Officer/Inspector General Sandy Bottone, Senior Internal Auditor/Accreditation Manager August 30, 2017 August 30, 2017 The Honorable Linda Doggett, Lee County Clerk of Circuit
More informationAudit and Compliance Committee - Agenda
Audit and Compliance Committee - Agenda Board of Trustees Audit and Compliance Committee April 17, 2018, 1:30 2:30 p.m. President s Board Room Conference Call-In Phone #1-800-442-5794, passcode 463796
More informationA Global Look at IT Audit Best Practices
A Global Look at IT Audit Best Practices 2015 IT Audit Benchmarking Survey March 2015 Speakers Kevin McCreary is a Senior Manager in Protiviti s IT Risk practice. He has extensive IT audit and regulatory
More informationPostal Inspection Service Mail Covers Program
Postal Inspection Service Mail Covers Program May 28, 2014 AUDIT REPORT Report Number HIGHLIGHTS BACKGROUND: In fiscal year 2013, the U.S. Postal Inspection Service processed about 49,000 mail covers.
More informationDecentralized IT General Controls Review: Student Affairs Systems Group
Review: Student Affairs Systems Group December 2015 FY15 - #13 Submitted to: Kasandra Kay Urquidez, Vice President, Enrollment Management/Student Affairs Advancement and Dean, Undergraduate Admissions
More informationISACA Survey Results. 27 April Ms. Nancy M. Morris, Secretary Securities and Exchange Commission 100 F Street NE Washington, DC
3701 Algonquin Road, Suite 1010 Telephone: 847.253.1545 Rolling Meadows, Illinois 60008, USA Facsimile: 847.253.1443 Web Sites: www.isaca.org and www.itgi.org 27 April 2006 Ms. Nancy M. Morris, Secretary
More informationDIPLOMA COURSE IN INTERNAL AUDIT
DIPLOMA COURSE IN INTERNAL AUDIT Course Objective: Internal Audit is an assurance and consulting service that reviews the efficiency and effectiveness of the internal control.. It assists management at
More informationNew Jersey State Legislature Office of Legislative Services Office of the State Auditor. November 16, 2015 to November 30, 2017
New Jersey State Legislature Office of Legislative Services Office of the State Auditor Department of Human Services Division of Family Development Office of Child Support Services New Jersey Kids Deserve
More informationNERC Staff Organization Chart Budget 2017
NERC Staff Organization Chart Budget 2017 President and CEO Administrative Associate Director to the Office of the CEO Senior Vice President and Chief Reliability Senior Vice President, General Counsel
More informationSTAFF REPORT. January 26, Audit Committee. Information Security Framework. Purpose:
STAFF REPORT January 26, 2001 To: From: Subject: Audit Committee City Auditor Information Security Framework Purpose: To review the adequacy of the Information Security Framework governing the security
More informationJudiciary Judicial Information Systems
Audit Report Judiciary Judicial Information Systems August 2016 OFFICE OF LEGISLATIVE AUDITS DEPARTMENT OF LEGISLATIVE SERVICES MARYLAND GENERAL ASSEMBLY For further information concerning this report
More informationART CENTER AND SATELLITE PLANT
CSU The California State University Office of Audit and Advisory Services CONSTRUCTION California State University, Bakersfield ART CENTER AND SATELLITE PLANT Audit Report 15-09 May 7, 2015 EXECUTIVE SUMMARY
More informationNERC Staff Organization Chart Budget 2017
NERC Staff Organization Chart Budget 2017 President and CEO Administrative Associate Director to the Office of the CEO Senior Vice President and Chief Reliability Senior Vice President, General Counsel
More informationEXAM PREPARATION GUIDE
When Recognition Matters EXAM PREPARATION GUIDE PECB Certified ISO/IEC 20000 Lead Auditor www.pecb.com The objective of the Certified ISO/IEC 20000 Lead Auditor examination is to ensure that the candidate
More informationHIPAA COMPLIANCE CALIFORNIA STATE UNIVERSITY, LOS ANGELES. Audit Report October 29, 2010
HIPAA COMPLIANCE CALIFORNIA STATE UNIVERSITY, LOS ANGELES Audit Report 10-52 October 29, 2010 Members, Committee on Audit Henry Mendoza, Chair Raymond W. Holdsworth, Vice Chair Nicole M. Anderson Margaret
More informationISO STANDARD IMPLEMENTATION AND TECHNOLOGY CONSOLIDATION
ISO STANDARD IMPLEMENTATION AND TECHNOLOGY CONSOLIDATION Cathy Bates Senior Consultant, Vantage Technology Consulting Group January 30, 2018 Campus Orientation Initiative and Project Orientation Project
More informationPolicies and Procedures Date: February 28, 2012
No. 5200 Rev.: 1 Policies and Procedures Date: February 28, 2012 Subject: Information Technology Security Program 1. Purpose... 1 2. Policy... 1 2.1. Program Elements... 1 2.2. Applicability and Scope...
More informationApplication for Certification
Application for Certification Requirements to Become a Certified Information Security Manager To become a Certified Information Security Manager (CISM), an applicant must: 1. Score a passing grade on the
More informationDATA CENTER OPERATIONS CALIFORNIA STATE UNIVERSITY, DOMINGUEZ HILLS. Audit Report June 15, 2012
DATA CENTER OPERATIONS CALIFORNIA STATE UNIVERSITY, DOMINGUEZ HILLS Audit Report 12-31 June 15, 2012 Henry Mendoza, Chair William Hauck Steven M. Glazer Glen O. Toney Members, Committee on Audit University
More informationTable of Contents. Preface xvii PART ONE: FOUNDATIONS OF MODERN INTERNAL AUDITING
Table of Contents Preface xvii PART ONE: FOUNDATIONS OF MODERN INTERNAL AUDITING Chapter 1: Significance of Internal Auditing in Enterprises Today: An Update 3 1.1 Internal Auditing History and Background
More informationAny observations not included in this report were discussed with your staff at the informal exit conference and may be subject to follow-up.
Larry Mandel Vice Chancellor and Chief Audit Officer Audit and Advisory Services 401 Golden Shore, 4th Floor Long Beach, CA 90802-4210 562-951-4430 562-951-4955 (Fax) lmandel@calstate.edu October 10, 2018
More informationIS Audit and Assurance Guideline 2001 Audit Charter
IS Audit and Assurance Guideline 2001 Audit Charter The specialised nature of information systems (IS) audit and assurance and the skills necessary to perform such engagements require standards that apply
More informationVirginia Commonwealth University School of Medicine Information Security Standard
Virginia Commonwealth University School of Medicine Information Security Standard Title: Scope: Removable Storage Media Security Standard This standard is applicable to all VCU School of Medicine personnel.
More informationSTATE OF NORTH CAROLINA
STATE OF NORTH CAROLINA AUDIT OF THE INFORMATION SYSTEMS GENERAL CONTROLS ELIZABETH CITY STATE UNIVERSITY JULY 2006 OFFICE OF THE STATE AUDITOR LESLIE MERRITT, JR., CPA, CFP STATE AUDITOR AUDIT OF THE
More information"Charting the Course... Certified Information Systems Auditor (CISA) Course Summary
Course Summary Description In this course, you will perform evaluations of organizational policies, procedures, and processes to ensure that an organization's information systems align with overall business
More informationUniversity System of Maryland Frostburg State University
Audit Report University System of Maryland Frostburg State University August 2013 OFFICE OF LEGISLATIVE AUDITS DEPARTMENT OF LEGISLATIVE SERVICES MARYLAND GENERAL ASSEMBLY This report and any related follow-up
More informationRequest for Qualifications for Audit Services March 25, 2015
Request for Qualifications for Audit Services March 25, 2015 I. GENERAL INFORMATION A. Purpose This Request for Qualifications (RFQ) is to solicit a CPA firm with which to contract for a financial and
More informationUCLA AUDIT & ADVISORY SERVICES
UCLA AUDIT & ADVISORY SERVICES Edwin D. Pierce, CPA, CFE Director September 4, 2015 10920 Wilshire Boulevard, Suite 700 Los Angeles, California 90024-1366 310 794-6110 Fax: 310 794-8536 SENIOR VICE PRESIDENT/CHIEF
More informationOffice of Inspector General Office of Professional Practice Services
Office of Inspector General Office of Professional Practice Services Executive Summary In accordance with the Department of Education s fiscal year 2017-18 audit plan, the Office of Inspector General (OIG)
More informationPrivacy Breach Policy
1. PURPOSE 1.1 The purpose of this policy is to guide NB-IRDT employees and approved users on how to proceed in the event of a privacy breach, and to demonstrate to stakeholders that a systematic procedure
More informationNHS Fife. 2015/16 Audit Computer Service Review Follow Up
NHS Fife 2015/16 Audit Computer Service Review Follow Up Prepared for NHS Fife April 2016 Audit Scotland is a statutory body set up in April 2000 under the Public Finance and Accountability (Scotland)
More informationInternal Audit Report DATA CENTER LOGICAL SECURITY
Internal Audit Report DATA CENTER LOGICAL SECURITY Report No. SC 12 06 June 2012 David Lane Principal IT Auditor Jim Dougherty Principal Auditor Approved Barry Long, Director Internal Audit & Advisory
More informationmanner. IOPA conducts its reviews in conformance with Government Auditing Standards issued by the Comptroller General of the United States.
PCAOB Public Company Accounting Oversight Board 1666 K Street, N.W. Washington, DC 20006 Telephone: (202) 207-9100 Facsimile: (202) 862-8430 www.pcaobus.org The Honorable Christopher Cox Chairman Securities
More informationElectronic Signature Policy
Electronic Signature Policy Definitions The following terms are used in this policy. Term Definition Electronic Signature An electronic signature is a paperless method used to authorize or approve documents
More informationNew York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines
New York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines New York Department of Financial Services ( DFS ) Regulation 23 NYCRR 500 requires that entities
More informationTxDOT Internal Audit Materials and Testing Audit Department-wide Report
Materials and Testing Audit Department-wide Report Introduction This report has been prepared for the Transportation Commission, TxDOT Administration and management. The report presents the results of
More informationCentral IT Executive Commission (CITEC) Town Hall July 12, 2017
Central IT Executive Commission (CITEC) Town Hall July 12, 2017 Note: This event is being recorded and livestreamed for the benefit of those who cannot attend. Why was CITEC formed? q Central IT (ITS)
More informationRed Flags Program. Purpose
Red Flags Program Purpose The purpose of this Red Flags Rules Program is to document the protocol adopted by the University of Memphis in compliance with the Red Flags Rules. Many offices at the University
More information3/13/2015. COSO Revised: Implications for Compliance and Ethics Programs. Session Agenda. The COSO Framework
COSO Revised: Implications for Compliance and Ethics Programs Urton Anderson, CCEP Director of the Von Allmen School of Accountancy and EY Professor The University of Kentucky Session Agenda The COSO Framework
More informationCASA External Peer Review Program Guidelines. Table of Contents
CASA External Peer Review Program Guidelines Table of Contents Introduction... I-1 Eligibility/Point System... I-1 How to Request a Peer Review... I-1 Peer Reviewer Qualifications... I-2 CASA Peer Review
More informationREPORT 2015/149 INTERNAL AUDIT DIVISION
INTERNAL AUDIT DIVISION REPORT 2015/149 Audit of the information and communications technology operations in the Investment Management Division of the United Nations Joint Staff Pension Fund Overall results
More informationFOLLOW-UP REPORT Industrial Control Systems Audit
FOLLOW-UP REPORT Industrial Control Systems Audit February 2017 Office of the Auditor Audit Services Division City and County of Denver Timothy M. O Brien, CPA The Auditor of the City and County of Denver
More informationVal-EdTM. Valiant Technologies Education & Training Services. Workshop for CISM aspirants. All Trademarks and Copyrights recognized.
Val-EdTM Valiant Technologies Education & Training Services Workshop for CISM aspirants All Trademarks and Copyrights recognized Page 1 of 8 Welcome to Valiant Technologies. We are a specialty consulting
More informationHealth Insurance Portability and Accountability Act, Security Rule
Health Insurance Portability and Accountability Act, Security Rule Athletics Sports Medicine The University of Texas at Austin Office of Internal Audits UTA 2.302 (512) 471-7117 The University of Texas
More informationCISA EXAM PREPARATION - Weekend Program
CISA EXAM PREPARATION - Weekend Program THE CISA QUALIFICATION: CERTIFICATION PREPARATION COURSE SYLLABUS PT. RIALACHAS TATHYA PRAYUKTI Menara Palma 12th Floor Jalan HR Rasuna Said Blok X2 Kav 6 Jakarta,
More informationThis regulation outlines the policy and procedures for the implementation of wireless networking for the University Campus.
UAR NUMBER: 400.01 TITLE: Wireless Network Policy and Procedure INITIAL ADOPTION: 11/6/2003 REVISION DATES: PURPOSE: Set forth the policy for using wireless data technologies and assigns responsibilities
More informationInformation Security Policy
April 2016 Table of Contents PURPOSE AND SCOPE 5 I. CONFIDENTIAL INFORMATION 5 II. SCOPE 6 ORGANIZATION OF INFORMATION SECURITY 6 I. RESPONSIBILITY FOR INFORMATION SECURITY 6 II. COMMUNICATIONS REGARDING
More informationEXAM PREPARATION GUIDE
EXAM PREPARATION GUIDE PECB Certified ISO 50001 Lead Auditor The objective of the PECB Certified ISO 50001 Lead Auditor examination is to ensure that the candidate has the knowledge and skills to plan
More informationNERC Staff Organization Chart
NERC Staff Organization Chart President and CEO Administrative Associate Director to the Office of the CEO Associate Director, Member Relations and MRC Secretary Senior Vice President and Chief Reliability
More informationVirginia Commonwealth University School of Medicine Information Security Standard
Virginia Commonwealth University School of Medicine Information Security Standard Title: Scope: Personnel Security Standard This standard is applicable to all VCU School of Medicine personnel. Approval
More informationNERC Staff Organization Chart Budget
NERC Staff Organization Chart 2013 2014 President and CEO (Dept. 2100) Executive Assistant (Dept. 2100) Senior Vice President and Chief Operating Officer (Dept. 2100) Senior Vice President General Counsel
More information26 February Office of the Secretary Public Company Accounting Oversight Board 1666 K Street, NW Washington, DC
3701 Algonquin Road, Suite 1010 Telephone: 847.253.1545 Rolling Meadows, Illinois 60008, USA Facsimile: 847.253.1443 Web Sites: www.isaca.org and www.itgi.org 26 February 2007 Office of the Secretary Public
More informationPalo Alto Unified School District OCR Reference No
Resolution Agreement Palo Alto Unified School District OCR Reference No. 09-17-1194 The Office for Civil Rights (OCR) of the U.S. Department of Education initiated an investigation into an allegation that
More informationWireless Communication Stipend Effective Date: 9/1/2008
Category: Financial Policy applicable for: Faculty/Staff Policy Title: Policy Number: Wireless Communication Stipend Effective Date: 9/1/2008 Enabling Act(s) IRS rule 2.1.7 Policy Owner: Sr. VP for Administration
More informationIT Attestation in the Cloud Era
IT Attestation in the Cloud Era The need for increased assurance over outsourced operations/ controls April 2013 Symeon Kalamatianos M.Sc., CISA, CISM Senior Manager, IT Risk Consulting Contents Introduction
More information