Tag Archives: finding

No Metrics, Little Analytics

analytic metrics, numbersIf your department doesn’t track metrics on your analytics, you are probably not doing analytics or you are making little progress in analytics.

In either case, its obvious that analytics isn’t very important to your management.

Which is one of the points I made in my post, 10 Signs Mgmt Doesn’t Really Support Analytics.

So far, I have encountered very few audit departments that track meaningful metrics about their analytics.

Counting the number of projects that include analytics isn’t enough.

Continue reading

Advertisements

1 Comment

Filed under Audit, Data Analytics, How to..., Written by Skyyler

Evaluating Risk in the Dark

risk in the dark2When you evaluate the risk of a vulnerability, do you do it in the dark?

Or do you take into account other factors that might affect the risk?

What if one of the factors is an existing audit issue that has not been remediated?

Continue reading

2 Comments

Filed under Audit

No Bad Audit Reports Allowed?

No Bad Audit ReportsIt’s getting to the point where some audit directors are saying, “No bad audit reports allowed.” In other words, don’t shoot the messenger, just the message. What follows is an experience from one of my audit colleagues…

First, a couple “I know” statements…I know auditors are supposed to be helpful and friendly. I know auditors are supposed to add value. I know auditors need to be careful about giving only bad news; we should also note in our report what the auditee is doing right (if anything). I know that it’s hard for auditees to get hammered again and again by audit reports.

Continue reading

14 Comments

Filed under Audit, Technology

Osama Bin Laden Death Photos Not Needed for Proof

Blogs are clamoring for proof that Osama Bin Laden is dead–show us the photos! However, I do not think Osama death photos are needed, at least not to prove he’s dead.  I also think that keeping this event in mind can help move your audits along. Let me explain.

Continue reading

8 Comments

Filed under Audit

Top 10 Ways to be a Lovable Auditor

A while back, I noted some reasons why people hate auditors. Well, you can hop those hurdles, and be an auditor that people love or at least respect. Here’s how:

Continue reading

3 Comments

Filed under Audit, How to..., Top 10

Quote of the Weak (Pass the control)

A colleague of mine is doing some testing for an audit director that changes her mind frequently on how to deal with audit findings. Occasionally, she is all about nailing control owners who do not have all their ducks groomed and in a row. At other times, she pushes Audit to work as hard as possible to pass all controls.

Continue reading

Leave a comment

Filed under Audit, Humor/Irony, Quote of the Weak

How was your day?

Yesterday was one of those days where the clock just spins, you get a lot done, and nothing out of the ordinary occurs. You have some meetings, dig into the data, and identify a finding, do a little more research, and fire off an email to get an explanation from the control owner.

Continue reading

4 Comments

Filed under Humor/Irony