About ITauditSecurity
Mack is an IT auditor and author of the ITauditSecurity blog for IT, audit, and security professionals. The blog provides HOW-TOs, analysis, and humor.
Contrary to what ACL has been touting as their new ‘robotics’ feature, it is NOT robotics process automation (RPA).
[The ‘robotics’ feature is due out later in 2018. It appears to be ACL’s latest attempt to get you to use their GRC software.]
ACL, via John Verver, defines the term this way in his RPA article: “The idea is a relatively simple one: get computers to perform tasks normally performed by humans, and cut resource and time requirements for many repetitive activities.”
Continue reading →
Like this:
Like Loading...
Filed under ACL, Audit, Data Analytics, Scripting (ACL), Technology
Tagged as acl, automation, data, flagship, grc, GUI, John Verver, process, robot, robotic, scheduler, visualization
When you need to rename ACL tables, be careful to also rename the associated .fil file also.
Otherwise, you (or your ACL script) might get confused. You might delete the wrong table or .fil file, and create a head-scratching problem.
I know because I confused myself.
Continue reading →
Like this:
Like Loading...
Recently, a large U.S. bank was found to have created unauthorized accounts; a similar bank closed one of my accounts, but doesn’t know why it happened.
More than a decade ago, I opened a safety deposit box at a local bank (a very large U.S. bank that all U.S. residents would have heard of). This wasn’t my regular bank, as my bank didn’t have such boxes; I only went to this other bank when I needed to access my safety deposit box, which was not often.
Continue reading →
Like this:
Like Loading...
Filed under Audit, Security
A while back, a reader named Kyle and I had a conversation about analytics.
It started with his reading my Excel:Basic Data Analytics post where I list a number of procedures that anyone can do in Excel.
Kyle said he was expecting some “super sophisticated process & methodology that works like magic.”
Continue reading →
Like this:
Like Loading...
If you’ve every wondered what Audit Command Language (ACL) is, here’s a quick way to find out.
ACL has provided a quick, one-page introduction to ACL. And I mean quick.
It doesn’t explain a lot, but it gives you a quick peek at the basic user interface.
You could call it the ACL Overview for Dummies.
Continue reading →
Like this:
Like Loading...
Filed under ACL, Audit, Data Analytics, Technology
Tagged as acl, analysis, audit command language, basic usage, commands, dummies, faq, introduction, overview, user interface
A debate on this blog over analytics and the future of internal audit is heating up.
A few readers, including our colleague across the sea, AuditMonkey, have dove in, and skyller and I have responded in kind.
Well, not exactly. AuditMonkey has been more kind, to his credit. But I digress.
Continue reading →
Like this:
Like Loading...
At a company I worked at recently, I ran across a Sharepoint site and wondered whether I could download data that I wasn’t supposed to see.
Now I understand the purpose of SharePoint and company intranets is to share data, but even then, some data should be restricted to a limited number of people.
So I decided to check (before doing things like this, you better know How to Stay Out of Jail).
Continue reading →
Like this:
Like Loading...
Filed under Audit, Excel, How to..., Security, Security Scout, Technology
Tagged as access, account, anonymous, authentication, database, download, excel, failure, intranet, lotus notes, permission, rights, risk, search, Security, sharepoint, stay out of jail
