IIA Analytics Article Dead Wrong

A recent IIA article on building an analytics function in internal audit is dead wrong.

At least on one major point, anyway. And it’s a big one.

As the tombstone reads, this point is D.O.A (dead on arrival, or more specifically, dead on analytics).

The article, Building a data analytics program, requires IIA membership to view, and is located at https://iaonline.theiia.org/2017/Pages/Building-a-Data-Analytics-Program.aspx (that’s actually good, as it means a lot fewer people will ever read it).

Continue reading →

Advertisement

No Analytics, No Audit Department

If YOUR audit department doesn’t embrace data, analytics, and automation eventually, your audit department will NOT exist.

No data, no analytics. No analytics, no automation. Eventually, no audit department.

Editor Note: This post really applies to all departments in a company, but mainly I’m addressing auditors, but you might want to read between the business lines….

By embrace, I don’t mean have one or two auditors working on this. I mean the entire department.

Before you cite all the regulatory requirements mandating the existence of an audit department in companies, having an audit department in name only won’t cut it.

Having an inept audit department will not be acceptable to regulators, and it shouldn’t be acceptable to company management either. Or Audit Committees!

Companies need skilled and efficient auditors that can do the heavy lifting, and this need will only increase.

Continue reading →

Your Social Media Data is Business Data

An Information Week article, From CRM to Social, noted that companies consider data mined from social media as business data. Basically, companies are supplementing their customer relationship management (CRM) database with the personal data from social networks. Consider these points:

If you don’ read anything else, see the quote in red below from the Guess CIO.

Continue reading →

IIA Basics for Auditors

The  Institute of Internal Auditors (IIA) has back-to-basics articles for new auditors (and like Dummies books, the topics can be a reference for the rest of us). Even security pros might want to read a few of these to better understand their auditors, or how those auditors should be doing their jobs.

The topics are as follows (no special order):

Continue reading →

Top 10 IT Jobs

According to CIO magazine, here’s the hot IT jobs (followed by comments by me in italics):

NOTE: IT Auditors, don’t pass over this article!

1. Security specialist/ethical hacker

One specialty, computer forensics, is hot. Forensic labs are almost always behind in their work. Is it due to a lack of good technicians or that forensic folks aren’t cheap? Either answer is good news.

Continue reading →

Write Safe and Secure Applications

The lead security study group (group 17) from the International Telecommunication Union provides a paper containing general suggestions for writing secure applications. In the paper, each item is hyperlinked to additional information.

Continue reading →