IT Audit FAQ by ITAuditFAQ

VIEWS: 33 PAGES: 59

More Info
									        IT Audit FAQ
(Frequently Asked Questions)
Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                           Agenda
About IT Audit                                            About IT Audit Careers
What is IT audit?                                         What qualifications do I need to be an IT Auditor?
What is IT audit known as?
Who needs an IT audit?                                    What certification do I need to be an IT Auditor?
Why perform an IT audit?                                  Why should I be an IT Auditor?
What is IT external audit?                                What is the IT audit job description?
What is IT internal audit?                                What is the IT audit reporting structure?
What does IT auditing entail?
What is the IT audit process?                             What are IT audit job titles?
What are the two typical roles that IT audit              What are IT audit salaries?
performs?                                                 What is the career trajectory for IT auditors?
What does an IT audit include?
What are IT audit types?
What are the types of IT auditors?                        About IT Audit Tools & Resources
What is the IT audit manual?                              What software is needed for an IT Auditor/IT Audit?
What are IT audit standards?                              What resources are available for IT audit jobs?
What is IT audit strategy?                                What resources are available for IT auditors to remain
What is the IT audit universe?
What is an IT risk assessment?                            current?
What is an IT audit program?                              What websites to ask IT audit related questions?
What is an IT audit report?
What is IT audit co-sourcing?
What is IT audit outsourcing?
What is the IT audit plan?
What is the IT audit schedule?
Who audits the IT auditors?



                                    Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                                                                                   2
                                           http://itauditfaq.com
About IT Audit




 Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                          3
        http://itauditfaq.com
             What is IT audit?
An IT audit is a review of the controls of a
  technology environment. This may include IT
  infrastructure, applications, IT operations and
  IT projects.




                 Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                          4
                        http://itauditfaq.com
     What is IT audit known as?
An IT audit is also known as an information
  technology audit, a systems audit, an
  information systems audit or an electronic
  data processing (EDP) audit.




                Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                         5
                       http://itauditfaq.com
        Who needs an IT audit?
Publicly traded companies are required by the
  S.E.C. to report to their shareholders whether
  internal controls are operating effectively. This
  includes both operational/business controls
  and IT controls.




                 Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                          6
                        http://itauditfaq.com
      Why perform an IT audit?
An IT audit is typically performed to obtain an
  independent assessment of the technology
  environment. The technology department is
  likely to be less objective in assessing its
  environment.




                Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                         7
                       http://itauditfaq.com
        What is IT external audit?
An IT external auditor, typically a third party, is independent
  of the company, department or organization being
  audited. This may include Big 4 Auditors (e.g. EY, PWC,
  etc.) or government auditors (e.g. State Insurance
  Regulators, etc.).

External audit’s typical role is to express an opinion on the
  financial statements of an organization. IT external audit
  facilitates this process, by expressing an opinion on the
  technology environment of the systems which support,
  create and maintain the financial statements.

                     Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                                8
                            http://itauditfaq.com
       What is IT internal audit?
The IT internal audit team is typically part of the
  internal audit department of an organization.
  Whereas IT external audit is primarily focused
  on controls around financial reporting, IT
  internal audit’s focus is more broad. While a
  review may include financial reporting
  controls, areas such as fraud, regulatory
  compliance and operational effectiveness may
  also be covered.
                 Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                          9
                        http://itauditfaq.com
     What does IT auditing entail?
The three objectives of IT audits are to preserve the
  confidentiality, integrity, availability of information.

•Confidentiality – Preserving authorized restrictions on
  information access and disclosure, including means for
  protecting personal privacy and proprietary
  information.
•Integrity – Guarding against improper information
  modification or destruction, and includes ensuring
  information non-repudiation and authenticity.
•Availability – Ensuring timely and reliable access to and
  use of information
                     Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                              10
                            http://itauditfaq.com
    What is the IT audit process?
The IT audit process is similar to the audit
  process and basically includes three steps:

•audit planning,
•audit execution and
•audit wrap up.



                Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                         11
                       http://itauditfaq.com
What are the two typical roles that IT
          audit performs?
IT auditors generally perform
  two roles:
 –audit and
 –consulting.


            Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                     12
                   http://itauditfaq.com
 What are the two typical roles that IT
      audit performs? (cont’d)

IT Audit

In this role, the IT auditor performs traditional
  functions which include IT audit and IT
  Sarbanes-Oxley procedures.



                 Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                          13
                        http://itauditfaq.com
  What are the two typical roles that IT
            audit performs?
IT Consulting

In the consulting role, IT auditor are asked to perform roles outside of the traditional
    audit role including but not limited to the following:

•SAS70 – opine and/or participate in SAS70 reviews,
•Fraud Examination – participate in and/or lead the IT portion of fraud investigations,
•M&A – perform vendor due diligence of IT operations as part of the Mergers &
   Acquisitions process,
•Data Analysis – perform data analysis (e.g. expense accounts, procurement cards,
   etc.)
•Business Process Risk Assessments – participate in team exercises of the evaluation
   of business process for IT risks (e.g. infrastructure) and corresponding controls,
•Systems Development – participate in and/or lead pre or post implementation
   reviews of systems under development.
•External Audit Coordinator – serve as a liaison to facilitate the expedient provision of
   external audit requirements.

                              Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                                                           14
                                     http://itauditfaq.com
  What does an IT audit include?
IT audit typically evaluates control
  design and operational effectiveness.




             Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                      15
                    http://itauditfaq.com
         What does an IT audit include?
                   (cont’d)
Control Design

Management is responsible for developing and maintaining effective internal control.
  Effective internal control provides assurance that significant weaknesses in the
  design or operation of internal control, that could adversely affect the agency’s
  ability to meet its objectives, would be prevented or detected in a timely manner.

Assessing the effectiveness of the design of a control is concerned with whether the
   control is suitably designed to prevent or detect a material error related to an
   account or group of accounts. Procedures to obtain such evidential matter
   ordinarily include inquiries of appropriate agency personnel; inspection of
   documents, reports, or electronic files; and observation of the application of
   specific controls. This is sometimes referred to as a “walk-through” and helps the
   senior assessment team ensure its understanding of the controls. An assessment
   of the control design should identify controls as effective, moderately effective, or
   not effective.


                              Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                                                       16
                                     http://itauditfaq.com
      What does an IT audit include?
                (cont’d)
Operational Effectiveness

Assessing the effectiveness of the design of a control is
  concerned with whether the control is suitably designed to
  prevent or detect a material error related to an account or
  group of accounts. Procedures to obtain such evidential
  matter ordinarily include inquiries of appropriate agency
  personnel; inspection of documents, reports, or electronic
  files; and observation of the application of specific controls.
  This is sometimes referred to as a “walk-through” and helps
  the senior assessment team ensure its understanding of
  the controls. An assessment of the control design should
  identify controls as effective, moderately effective, or not
  effective.
                      Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                               17
                             http://itauditfaq.com
       What are IT audit types?
IT audits general come in two types:
  – Integrated IT Audit
  – IT Audit




                  Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                           18
                         http://itauditfaq.com
 What are IT audit types? (cont’d)
Integrated IT Audit
• These audits are where the IT audit portion of
  the review is a subset of a larger business
  audit review. For example the Internal Audit
  department may audit the Human Resources
  function, as a part of that review, the IT
  auditors may be asked to review the
  application that supports human resources
  administration and payroll.

                Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                         19
                       http://itauditfaq.com
 What are IT audit types? (cont’d)
IT Audits
These audits are not integrated, but focus on a
   particular technology area. Like ice cream, stand
   alone IT audits come in a variety of flavors.
   Generally IT audits fall into four buckets:
   –   General Controls Audits
   –   Application Control Audits
   –   Network/Infrastructure Audits
   –   System Development Audits
                     Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                              20
                            http://itauditfaq.com
What are the types of IT auditors?
IT auditors generally fall into two categories,
  technical and non-technical. The best auditor
  is one who can explain a technical deficiency
  in non-technical speak for the benefit of
  business auditors, the Chief Audit Executive
  and the Audit Committee.



                Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                         21
                       http://itauditfaq.com
    What is the IT audit manual?
The IT audit manual is a subset of the Internal
  Audit manual and includes standards, policies
  and procedures.




                Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                         22
                       http://itauditfaq.com
    What are IT audit standards?
Start with ISACA’s IS Standards, Guidelines and
  Procedures for Auditing and Control
  Professionals.

https://www.isaca.org




                Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                         23
                       http://itauditfaq.com
       What is IT audit strategy?
The IT audit strategy outlines the approach to
  address the items prioritized resulting from
  the IT risk assessment. Contingent upon the
  organization, the IT audit strategy can be
  defined for anywhere from one to five years.
  This strategy should not be defined in a silo,
  rather it should be co-developed and align
  with the Internal Audit strategy.

                 Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                          24
                        http://itauditfaq.com
    What is the IT audit universe?
The IT audit universe should reflect the universe
  of IT locations (e.g. data centers, etc.), IT
  functions (e.g. operations, etc.), IT projects, IT
  platforms (e.g. VOIP, etc.), operating systems
  and applications.




                  Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                           25
                         http://itauditfaq.com
   What is an IT risk assessment?
An IT risk assessment is a measurement of IT risks
  to the business. At a minimum, the IT risk
  assessment should include the risk likelihood,
  impact and risk rating/prioritization. When
  preparing the IT risk assessment, the IT auditor
  should have a full and complete understanding of
  the IT environment. IT risks rated should include
  all areas of the IT organization including but not
  limited to IT operations, infrastructure,
  applications, projects, etc.

                 Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                          26
                        http://itauditfaq.com
    What is an IT audit program?
The IT audit program details the steps to be
  performed in conducting the IT audit.




                Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                         27
                       http://itauditfaq.com
     What is an IT audit report?
The IT audit report summarizes the details of
  what was reviewed and the results of review
  for the IT audit.




                Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                         28
                       http://itauditfaq.com
     What is IT audit co-sourcing?
IT audit co-sourcing is when the resources and/or skills of
   an IT audit department are augmented by an external
   resource. This resource augmentation could be the
   result of staff shortage or technical expertise.

For example a small IT audit department may not have
  the budget to maintain a fulltime resident expert in
  Oracle databases in house. For an upcoming audit of
  Oracle databases, the department may hire a service
  provider external to the organization with sufficient
  expertise to perform the specific duties required.

                    Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                             29
                           http://itauditfaq.com
    What is IT audit outsourcing?
IT audit outsourcing is when the IT audit
  function is fully outsourced to a third party
  service provider. For example, an organization
  may have an Internal Audit department, but
  fully outsource the IT audit function due to
  headcount restrictions and/or the expense of
  maintaining a full time IT audit team.


                Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                         30
                       http://itauditfaq.com
      What is the IT audit plan?
The IT audit plan is just that, a plan for the
  coming year which includes the name of the
  audit and corresponding scope. The audit plan
  is approved by the Chief Audit executive and
  the Audit Committee and vetted with the
  auditee. Depending on the Internal Audit (IA)
  organization, the IT audit plan may be
  incorporated as part of the IA plan. In some
  cases the IT audit plan will be a stand alone
  plan.
                Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                         31
                       http://itauditfaq.com
   What is the IT audit schedule?
The audit schedule lists the names of IT audits
  for the coming year to which dates have been
  assigned (audit have been scheduled). This
  document is usually co-developed with the
  auditee to agree on timing, working around
  employee vacations, IT department busy
  periods, etc.


                Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                         32
                       http://itauditfaq.com
     Who audits the IT auditors?
The Institute of Internal Auditors (IIA) requires
  an independent Quality Assessment Review
  (QAR) to be performed at a minimum interval
  of every 5 years. This QAR review is to be
  performed by an independent third party to
  the organization, and includes a review of
  both the business and IT audit function.


                 Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                          33
                        http://itauditfaq.com
About IT Audit Careers




     Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                              34
            http://itauditfaq.com
What qualifications do I need to be an
             IT Auditor?
The requirements for becoming an IT auditor
  vary on the requirements of an organization
  and the specific IT audit role you are applying
  for (e.g. IT Audit Staff vs IT Audit Director).
  Generally, the following are desired baseline
  qualifications:



                 Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                          35
                        http://itauditfaq.com
What qualifications do I need to be an
        IT Auditor? (cont’d)

Education

Bachelor Degree in Technology (Information
  Systems, Computer Science, etc.), Accounting,
  Business or related field.



                Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                         36
                       http://itauditfaq.com
What qualifications do I need to be an
        IT Auditor? (cont’d)

Certification

Certified Information Systems Auditor (CISA)
  designation.




                Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                         37
                       http://itauditfaq.com
What qualifications do I need to be an
        IT Auditor? (cont’d)

Experience

Two to four years performing IT audits and/or
  related functions with Big 4 or similar CPA firm
  audit experience.



                 Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                          38
                        http://itauditfaq.com
 What qualifications do I need to be an
         IT Auditor? (cont’d)
Competencies

•Experience working in a global organization, interacting with all levels of
   management.
•Strong knowledge of financial systems, and general internal controls for
   information systems and data center operations.
•Experience managing a variety of audit assignments and implementing /
   testing compliance with the Sarbanes Oxley Act.
•Ability to work both independently and as a member of a team in a fast
   paced environment, handling multiple tasks simultaneously.
•Experience in auditing large scale system implementations and strong
   knowledge and understanding of Project / Software Development Life
   Cycle methodologies (i.e. Waterfall, Rational Unified Process and Agile
   Development)
•Strong written, verbal and interpersonal communication skills are required.


                          Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                                               39
                                 http://itauditfaq.com
 What certification do I need to be an
              IT Auditor?
The unofficial standard designation for IT
  auditors is the Certified Information Systems
  Auditor (CISA).




                Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                         40
                       http://itauditfaq.com
 What certification do I need to be an
        IT Auditor? (cont’d)
Other related technology or security related certifications to
  consider include:

•Certified Information Security Manager (CISM)
•Certified Information Systems Security Professional (CISSP)
•Certified Computer Professional (CCP)
•Certified Information Technology Professional (CITP)
•Certified in Risk and Information Systems Control (CRISC)
•Certified in the Governance of Enterprise Information
  Technology (CGEIT)



                     Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                                 41
                            http://itauditfaq.com
   Why should I be an IT Auditor?
Serving as an IT auditor is a great way to:

•network with all layers of the IT organization
  (CIO to Managers to IT staff),
•fully immerse into the IT department and its
  functions via auditing different areas,
•serve as a platform to gather the experience
  and expertise for a leading career such as
  Chief Security Officer or Chief Risk Officer.
                 Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                          42
                        http://itauditfaq.com
  What is the IT audit job description?
• RISK ASSESSMENT: Participate in the Annual Risk Assessment and Audit
  Plan Development with respect to information technology environment of
  all the business units;
• BUDGETING: Participate in the preparation of departmental budgets and
  forecasts;
• SCOPING: Manage the scoping and development of audit programs,
  working with business unit and operational management as well as
  Internal Audit managers on integration to financial and operational audits;
• PLANNING: Manage all planning and fieldwork activities for IT audits at
  domestic and international locations to evaluate and make
  recommendations for improvement with respect to the effectiveness and
  efficiency of the IT related function and processes, as well as to assess
  compliance with Company policies and external regulations;
• AUDIT: Perform integrated audits and reviews of general IT controls,
  system access security, and application system controls to ensure the
  processes and data are in compliance with policies, standards and
  procedures;

                          Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                                           43
                                 http://itauditfaq.com
  What is the IT audit job description?
                 (cont’d)
• TEST: Prepare, execute and document testing procedures and outcomes,
  perform detailed analysis and recognize relevant financial statement
  issues;
• ANALYZE: Analyze IT environment including: operating systems,
  applications, infrastructure, policies and procedures, etc.
• ISSUE IDENTIFICATION: Identify and communicate any control issues,
  process inefficiencies, or operational risks and recommend appropriate
  solutions.
• PROJECT MANAGEMENT: Manage special projects (e.g., reviews of system
  or policy implementations);
• QUALITY ASSURANCE: Conduct reviews of work performed to ensure
  compliance with auditing standards, including Generally Accepted
  Auditing Standards (GAAS) and the Institute of Internal Auditing (IIA);
• REPORT WRITING: Write and/or review/edit audit reports for the review
  and approval of the Chief Audit Executive.


                         Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                                        44
                                http://itauditfaq.com
  What is the IT audit job description?
                 (cont’d)
• PRESENTATION: Present audit observations and recommendations
  to management; Assist in developing presentations for senior
  management and the Audit Committee of the Board of Directors
  with respect to the IT audit scope, coverage, and findings.
• DOCUMENTATION REVIEW: Review management action plans and
  monitor implementation of recommendations proposed by Internal
  Audit to ensure that issues are adequately addressed and
  mitigated;
• RELATIONSHIP MANAGEMENT: Establish partnering, yet
  independent and objective, relationships with auditees;
• COORDINATION: Coordinate audit activities with the business unit’s
  IT function and IT Department as necessary, to minimize duplication
  and leverage combined efforts;



                       Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                                   45
                              http://itauditfaq.com
  What is the IT audit job description?
                 (cont’d)
• RECRUITING: Participate in recruiting and retaining
  high quality audit staff and seniors;
• TRAINING: Participate in Departmental training, career
  development and professional development activities;
  and Provide technical guidance, as well as coach audit
  staff and seniors to enhance their technical skill levels;
• COMPLIANCE: Ensure adherence to department
  policies and procedures.
• REMAIN CURRENT: Review and analyze new, proposed,
  or revised laws, regulations, policies, and procedures in
  order to interpret their meaning and determine impact
  to the company.

                    Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                             46
                           http://itauditfaq.com
      What is the IT audit reporting
                structure?
As a best practice, the IT Audit Director (or
  equivalent) should report to the Chief Audit
  Executive, who in turn reports to the Audit
  Committee and the Chief Executive Officer.




                Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                         47
                       http://itauditfaq.com
     What are IT audit job titles?
In a multi-layered big 4 accounting firm, IT audit job
   titles are typically as follows:
• Staff
• Senior
• Manager
• Senior Manager
• Director
• Principal
• Partner
                  Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                           48
                         http://itauditfaq.com
      What are IT audit salaries?
IT salaries vary depending on experience,
  certifications, type of organization and
  location. Generally they are up to 10% to 25%
  higher than traditional auditor salaries.

Explore IT audit salaries here:
http://www.glassdoor.com


                 Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                          49
                        http://itauditfaq.com
   What is the career trajectory for IT
                auditors?
The career trajectory for an IT auditor is contingent
  upon the opportunity within an organization, the
  opportunity within the department and the
  experience of the auditor. There are generally
  three career trajectories for IT auditors:

1.Up or Out
2.Rotation
3.Flatline

                  Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                           50
                         http://itauditfaq.com
   What is the career trajectory for IT
           auditors? (cont’d)
Up or Out
• The Up or Out model is typically followed by public
  accounting firms. The rotation is approximately two to
  five years at each level, after which you are promoted
  to the next level (staff, senior, manager, senior
  manager, director then partner). If you are not
  promoted within this timeframe, or if management
  does not feel you are ready for the next level within
  the organization, you are “counseled out”, that is,
  strongly encouraged to seek employment elsewhere,
  otherwise you’ll be terminated.

                   Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                            51
                          http://itauditfaq.com
  What is the career trajectory for IT
          auditors? (cont’d)
Rotation
• Top tier financial and multinational
  organizations often maintain a rotation model
  for their audit department. Auditors are
  encouraged to join the audit organization for
  two to four years, after which they’ve
  developed an understanding and expertise
  and are rotated into a specific department or
  business function.

                Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                         52
                       http://itauditfaq.com
   What is the career trajectory for IT
           auditors? (cont’d)
Flatline
• The flatline trajectory is typically found in small to
  medium size Internal Audit departments. By
  flatline, we mean, there is minimal room for
  upward mobility or growth in the department
  due to the size of the department and/or tenure
  of those there before you. As such, your career
  progression is flatlined, unless someone retires,
  quits or otherwise leaves the department, which
  would create an opportunity for you to move up.
                   Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                            53
                          http://itauditfaq.com
About IT Audit Tools & Resources




          Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                   54
                 http://itauditfaq.com
   What software is needed for an IT
          Auditor/IT Audit?
There are many types of audit software. There
  is:
• audit management software (e.g. Team Mate,
  Auto Audit, etc),
• risk assessment software (e.g. Compliance
  360, Resolver, etc.)
• data analysis software (e.g. ACL, IDEA, etc.),
• system configuration analysis tools (e.g. EY
  Mercury for SQL, OS400 and Windows, etc.)
                Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                         55
                       http://itauditfaq.com
    What resources are available for IT
              audit jobs?
•   http://www.indeed.com/
•   http://www.simplyhired.com/
•   http://www.dice.com/
•   http://www.monster.com/
•   http://hotjobs.yahoo.com/
•   http://it-audit-jobs.com/


                 Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                          56
                        http://itauditfaq.com
  What resources are available for IT
    auditors to remain current?
http://itauditandsecurity.com/

http://insuranceitaudit.com/

http://twitter.com/itaudit




                Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                         57
                       http://itauditfaq.com
 What websites to ask IT audit related
            questions?
http://itauditforum.com/




               Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                        58
                      http://itauditfaq.com
                   Contact
http://www.linkedin.com/in/muemalombe




              Muema Lombe, CRISC, CSSLP, CGEIT, CISA
                                                       59
                     http://itauditfaq.com

								
To top