2007 State of the Internal Audit Profession Study: Pressures Build for Continual Focus on Risk (PWC) resource White Papers Member contributionOCEG Reviewed
PriceWaterhouseCoopers - "Overview: To enhance organizational risk management, internal audit must embrace ongoing risk monitoring and frequent enterprise-wide risk assessments."
Read more
AICPA, Risk Assessment Standards Nos. 104-111 resource Guides OCEG Reviewed
In March 2006, the AICPA Auditing Standards Board (ASB) issued Statement on Auditing Standards (SAS) Nos. 104-111, commonly referred to as the "Risk Assessment Standards". These SASs are effective for audits of financial statements for periods beginning on or after December 15, 2006.
Read more
Aligning People, Processes, and Technology for Effective Risk Management (IIA, 2008) resource Articles OCEG Reviewed
Learning the basic components of a continuous risk management program can help auditors provide recommendations that enhance IT security risk management practices.
Author: Paul Reymann, CEO, ReymannGroup Inc.
An Introduction to IT Governance (Paisley, 2006) resource White Papers Member contributionOCEG Reviewed
As technology evolves so do the risks that threaten the security, stability and functionality of the information systems that are the backbone of an organization. Can an information technology department completely identify, measure and mitigate the threats or potential security breaches when the news is flooded with stories of system breakdowns?
Read more
Architectural Risk Analysis (2005) resource Articles Member contributionOCEG Reviewed
Architectural risk assessment is a risk management process that identifies flaws in a software architecture and determines risks to business information assets that result from those flaws.
ARRA and Single Audits: Addressing the Risks and Challenges (2010) resource Articles OCEG Reviewed
This articles discusses the process of an OMB A-133 audit and developing an audit strategy.
CPA Journal, May 2010
Asia Risk Magazine resource Books / Publications OCEG Reviewed
Published by Incisive Financial Publishing Limited (UK.) Posted at Risk.net.
Assessing, Managing Enterprise Risk: What it takes to manage virtual servers (2007) resource Articles OCEG Reviewed
IT executives must provide technologies and services to enable the business to thrive and grow, but at the same time they need to maintain tight controls on resources, access rights and the environment to prevent the risk of technology from outweighing the reward.
Network World, November 12, 2007
Auditing: Solving 10 problems implementing the New risk assessment standards (2008) resource Articles OCEG Reviewed
Much has been written about the technical requirements of Statements on Auditing Standards No. 104-111, collectively called the Risk Assessment Standards (Risk Standards). This article focuses on 10 steps to effectively implement them.
AccountingWeb.com, January, 2008)
Read more
Australia, Better Practice Guide - Risk Management (2008) resource Agency Guidances OCEG Reviewed
The Guide emphasises the importance of developing a positive culture for managing risk as well as providing a summary of the context for managing risk in the Australian Government.
Comcover, June 2008
Read more
