Saturday, October 15, 2011

MAXIMS OF WISDOM OF ANCIENT GREECE


E-Book: ‘MAXIMS OF WISDOM OF ANCIENT GREECE’.


39 Pages, English  and Ancient Greek. Cost: Free.


Publisher: John Kyriazoglou (July, 2011).



Summary: This book contains the ethical maxims and quotations (in English with their ancient Greek translation in the appendix) of the seven sages (Solon, Thales, Chilon, etc.) of ancient Greece (about 600 B.C.) on all aspects of life, in a simple, quick, practical and easy-to use guide, to enable, help and support all people (young, old, men, women, students, etc.) in their potential efforts to improve their life at all levels: personal, family, professional, community, etc.

Contents: Preface, The Maxims of Delphi, The Quotations of the Seven Sages of Ancient Greece, Appendix A: The Maxims of Delphi in English and Ancient Greek, Appendix B: The Quotations of the Seven Sages in English and Ancient Greek, and Bibliography.


Improving your Relationships with Friendship and Love (Greek)

E-Book:  ‘IMPROVING YOUR RELATIONSHIPS WITH FRIENDSHIP AND LOVE’

277 Pages. Greek only. Cost: $4.50. Publisher: John Kyriazoglou (July, 2011).



Περίληψη: Ένα βιβλίο που αποσαφηνίζει τις έννοιες και προσεγγίσεις της φιλίας και της αγάπης (από τον αρχαίο κόσμο έως σήμερα) και παρέχει ορισμένες τεχνικές και τρόπους αυτοβοήθειας που μας υποστηρίζουν στην βελτίωση των σχέσεων μας σε όλα τα επίπεδα (προσωπικό, οικογενειακό, εργασιακό, κλπ.), μέσω της φιλίας και της αγάπης, και χωρίς την συνδρομή των ειδικών, σε πρώτη φάση.


AN ESSAY ON MAN IN THE 21ST CENTURY (Greek)

E-Book: ‘ Ο ΑΝΘΡΩΠΟΣ ΣΤΗΝ ΗΛΕΚΤΡΟΝΙΚΗ ΕΠΟΧΗ’
(‘AN ESSAY ON MAN IN THE 21ST CENTURY’)

20 Pages, Greek only. Cost: $1.50. Publisher: John Kyriazoglou (July, 2011).





Περίληψη: Ένα δοκίμιο για την κατάσταση του ανθρώπου στον 21ο αιώνα, τα προβλήματα της υπερπληροφόρησης, και πως μπορούμε όλοι να αντιδράσουμε για να βελτιώσουμε την ζωή μας και να ζήσουμε πιο ήρεμα και ευτυχισμένα.

Anthology on Friendship and Love (Greek)


1. E-Book:  ΑΝΘΟΛΟΓΙΑ ΦΙΛΙΑΣ ΚΑΙ ΑΓΑΠΗΣ’

                 (Anthology on Friendship and Love)

ISBN: 978-960-9520-14-0.


84 Pages (Σελίδες).  Greek only. Date (Ημερ/νία): 7/2011


Cost (Κόστος): Euro 4.50. Publisher (Εκδότης): Digital Content A.E.





Περίληψη: Μια συλλογή διηγημάτων, ποιημάτων, ύμνων, προσευχών, γνωμικών και τεχνικών που βασίζονται στην φιλία και την αγάπη και που μπορούν να συνδράμουν στην βελτίωση της ζωής μας.


Maxims of Delphi and Quotations of the Seven Sages of ancient Greece


MAXIMS OF DELPHI AND QUOTATIONS OF THE SEVEN SAGES OF ANCIENT GREECE

                               (SUMMARY)


by John Kyriazoglou

ISBN 978-1-4507-5833-8


This is available at: http://store.payloadz.com/details/956148-ebooks-philosophy-maxims-and-quotations-of-the-seven-sages-of-ancient-greece.html, and
 http://i-proclaimbookstore.com/maofdeandquo.html

SYNOPSIS

This book contains a set of wisdom pieces of ancient Greece, in terms of the maxims of the oracle of Delphi and the quotations of the seven sages of ancient Greece.

 These maxims and quotations were translated from ancient Greek into English.

The original maxims and quotations (ancient Greek and current Greek) can be sent to anyone interested by a request to the author, without charge.

 The purpose of this book is to make all readers (general public, educated and not, young, old, men, women, high school, college and university students, managers, workers, professionals, etc.) aware of a set of classical quotations that could be used to help them in all walks and stages in their personal and professional life, and hopefully enable them to understand, reflect upon, and improve their relationships, in the long term.

 The translation of the maxims and quotations into English were done by the author on the basis of the original texts in both ancient Greek and current Greek and other sources noted in the bibliography.

 The Seven Sages (of ancient Greece) or Seven Wise Men  was the title given by ancient Greek cultural tradition to seven early 6th century B.C. philosophers, poets, rulers, statesmen and law-makers who were renowned in the following centuries for their wisdom, and which is still valid today. The seven sages were Thales, Pittacos, Bias, Solon, Cleovoulos, Periandros, and Chilon. They lived in ancient Greece over 600 years B.C. and before the advent of the classical Greek philosophers, like Socrates, Plato, Aristotle, etc.

Aristotle esteemed the wisdom of Bias. So did Plato who praises Bias, and Pittacos. Heracleitus had a very high respect for Bias and Pittacos. Also Plutarch, in his famous ‘Dinner of the seven sages’, refers to all seven sages with the highest remarks.

Their maxims and quotations set the background for the development of the classical Greek philosophy. The purpose of this book is to offer any reader a very simple guide into the wisdom of ancient Greece, improve his or her learning and thinking, because as Empedocles has said ‘learning really cultivates thinking’ and possibly allow him or her to gain some better understanding of this very old wisdom, and therefore see with their own ‘eyes’ and soul how these can help them in their every-day life.

 A SAMPLE OF THE MAXIMS OF DELPHI FOLLOW.

1. Follow God.

2. Obey the law.

3. Worship God.

4. Respect your parents.

 A SAMPLE OF THE QUOTATIONS OF THE SEVEN SAGES FOLLOW.
 
Quotations of Cleovoulos) 

1. The measure (limit, analogy) in all things is the best.

2. Respect your father.

3. Maintain your body and mind in good order.


1. Never exaggerate.

2. Do not take the position of a judge, as in this case you will be hated by the condemned.  

4. Keep the politeness and goodness of your character more faithful than your oath.   


1. Know yourself.

8. Respect your elders.

15. Control your anger.


2. Remember your friends, both, when they are near you, as well as when they are far away.

3. Do not beautify your external appearance, but you should look to become good in your behavior. 

4. Do not get rich in a bad way.           


7. Show tolerance to small damages inflicted upon you by your neighbors.

12. Acquire what is not destroyed by time: piety, education, prudence, thoughtful mind, truth, belief, expense, skills and dexterities, co-operation, care, effective management, professional knowledge.


2. Look into your mirror, and if you look nice, you must do nice things if, however, you look ugly, you must correct your physical deficiency with politeness and goodness

3. Do not be in a hurry to undertake something. When, however, you start, stay fixed to that until the end.


1. Exercising is the best thing.

2. To be quiet is a nice thing, to be arrogant and abusive, a dangerous one.

3. Profit is shameful.














CORPORATE CONTROLS BOOK


CORPORATE CONTROLS BOOK

To be published by the end of 2011


AUTHORS

 John KYRIAZOGLOU, CICA, M.S., B.A (Hon.)

and Dr. Frank Nasuti, Ph.D., CPA, CICA, CFE

  with Dr. C. J. Kyriazoglou, Ph.D., MSc.


BOOK SYNOPSIS 

This book is about corporate controls and how they enable and support all management levels of the organization (top, middle, and lower) to accomplish strategic and operational goals and specific time-bound business objectives. Corporate controls, also, facilitate all these management levels to function most effectively and efficiently, and in a beneficial way both to its stakeholders and to society, at large. The stated mission of this book is to provide a set of such Corporate Controls, and their design, implementation and audit issues.  Methodological processes are only described as to how controls are designed, implemented and audited.

The book is structured in three parts and an appendix, as noted below:

PART A: BASIC TERMS AND CONCEPTS

Chapter 1: Introduction to Management, Regulations and Controls, and
This chapter describes the basic concepts of management, regulations and controls, such as: Management Roles, Levels of Management Structure, Legal and Religious Systems, International Regulations and Guidelines, and Key Concepts of Management Controls.

Chapter 2: Proposed Organizational Controls Framework

This chapter describes the current socio-economic environment within which organizations and people operate, presents the most prevalent regulatory control frameworks, presents a diagram depicting the social and economic  needs and drivers for the existence of an Organizational Controls Framework, analyzes the characteristics of competitive advantage and how organizational controls interact and support them, and outlines the basic building blocks of the proposed Organizational Controls Framework.

PART B: MAIN ORGANIZATIONAL CONTROLS

Chapter 3: Corporate Philosophy Controls

This chapter describes the main Corporate Philosophy Controls, such as: Vision, Mission,  and Values Statements, Corporate Social Responsibility Policy, and Corporate Ethics (Policy, Office, Committee, and Program). Also the purpose of organizational philosophy controls, two models for creating a corporate ethics policy, examples of vision, mission and values statements, and a corporate ethics policy are presented. In addition to these a set of review and audit tools and techniques are depicted, such as:
Corporate Vision, Mission, and Values  Statements Checklist,
Departmental Corporate Vision, Mission, and Values  Statements Checklist, Corporate Ethics Program and Policy Checklists, and
Corporate Fraud Management Checklist.

Chapter 4: Corporate Governance Controls

This chapter describes the main Corporate Governance Controls, such as: Board of Directors Charter, Corporate Committees (for Audit, Benefits and Personnel, Information Technology, Financial Issues, and Business Continuity), Corporate Policies (for Financial Accounting, Customer Relations, Fraud and Theft, Community Relations, Health and Safety, and Environment Management,  and
Corporate Processes and Plans (for Performance Management, Internal Audit, Risk Management, Business Continuity Plan, Transaction Authorization Controls, Corporate Compliance Officer). Also examples of (a) charters for a board of directors, an audit committee, and a business continuity issues committee, (b) several policies (such as: customer relations, fraud and theft, community relations, health and safety, environment management, fixed asset management, and performance management), (c) a risk management process (with three steps), (d) a business continuity plan, and (e)  corporate governance performance measures, are presented. In addition to these the following audit programs and checklists are described:
Internal Controls Framework Checklist,  
Business Continuity Audit Review Program, and
Generic Performance Audit Program.

Chapter 5: Strategic Management Controls

This chapter describes the main Strategic Management Controls, such as: Corporate Strategic Planning Committee, Strategic Plans, Strategic Budgets, Strategy Implementation Action Plans, and
Performance Management Framework. Also examples of (a) a charter of a strategic planning committee, (b) strategies, mission, vision, and values statements, (c) a strategic process methodology  and a performance measurement procedure, (d) a corporate strategic plan and a strategy implementation plan, and (e) strategic performance measures, are presented. In addition to these the following audit checklists are described: Strategic Readiness Checklist, Business Idea Development Checklist, and Corporate Strategic Plan Checklist.

Chapter 6: Financial Controls

This chapter describes the main types of financial controls, such as: Financial Organization Controls (Financial Issues Committee, Function of the Controller, Accounting Manager – Job Description, and Budget Department), Financial Policies and Procedures (Financial Accounting Controls Policy, Financial Accounting Procedures, Financial Revenue Procedures, and Budgeting Procedure), General Ledger Controls (Chart of accounts, General Ledger, Trial balance, and  Financial Statements), and Computerized Financial Systems (General Ledger (GL) Systems, Customer Invoicing (CI) Systems, Accounts Payable (AP) Systems, Customer Orders / Sales Processing (COP) Systems, and  Payroll Systems). Also examples of (a) a charter of a financial issues committee, (b) a financial accounting controls policy (c) two budget formulation methodologies and a budgeting procedure, (d) two budget plans (income and expenses, and strategic initiatives), and (e) financial performance measures, are presented.
In addition to these the following audit programs and checklists are described: Detail Management Controls Checklist, Financial Management Controls Checklist, and Asset Management Controls Checklist.

Chapter 7: Administrative Controls

This chapter describes the main types of administrative controls, such as: Administrative Organizational Controls (Corporate Committees, and Departmental Terms of Reference), Administrative Procedures (Procedures Manual, Files, Documents and Records Management Procedures, Confidential Information Release Procedures, Management Reporting Procedures, Asset Protection Procedures, Legal Procedures, etc.),  Administrative Office Controls ( Physical Security Controls, Mail Controls, EDI Controls,  Facsimile Transmission Controls, daily activities controls, etc.), and
Policies, Procedures and Forms Controls.
Also examples of (a) the terms of reference for a production planning department, (b) the contents of an administrative procedures manual, (c) the clauses of an EDI standard contract, (d) five administrative forms (activities journal, visitors log, securities incidents log, problems log and mail log), and (e) administrative performance measures, are presented.
In addition to these the following audit checklists are described:
Internal Controls System: Policies and Procedures Checklist,
Departmental Terms of Reference Checklist,
Records Management System Checklist, and
Legal Issues Checklist.

Chapter 8: Human Resource Controls

This chapter describes the main types of human resource controls, such as: Human Rights Policy, Benefits and Personnel Committee,
Personnel Management Controls, Employee Management Policies and Procedures Handbook, and Human Resources (HR) Systems.

Also examples of (a) a human rights policy, (b) the contents of the charter of a benefits and personnel committee, (c) the job description of a CIO, (d) the contents of an employee management policies and procedures handbook, and (e) human resource performance measures, are presented.
In addition to these the following audit programs and checklists are described:
Human Resources Management System Checklist,
Personnel Responsibilities and Skills Checklist, and
Personnel Management Audit Program.

Chapter 9: Production Controls

This chapter describes the main types of production controls, such as: Operations Policies and Procedures (Purchasing Process and Procedural Controls, and Inventory Control Procedures), Manufacturing Process Controls, Manufacturing Process Controls (New Product Development Controls, Bill of Materials (BOM) File, Master Production Schedule (MPS), Material Requirements Planning (MRP), Inventory Master Records (IMR) File, Inventory Transactions File, Preventive Maintenance Controls), Computerized Production Information Systems (Material Requirements Planning (MRP) System, Cost Accounting (CA) System, Production planning and control (PPC) system, Enterprise Resource Planning (ERP) system),Quality Management Controls,  Standardization Procedures, Project Management Controls, Performance Management Controls, and Production Performance Measures.
Also examples of (a) a quality management policy, (b) the steps of a methodology for establishing operational policies and procedures, (c) a purchasing process, (d) a procurement procedure, and (e) production performance measures for innovation, inventory control, manufacturing, production cost, service productivity, supply chain, and quality, are presented. In addition to these the following audit programs and checklists are described:
Production Process Audit Program,
Purchasing Controls Checklist,
Inventory Controls Checklist, and
Quality Management Controls Checklist.


Chapter 10: Information Technology (IT) Controls

This chapter describes (in summary form) the main IT Controls, such as: IT Organization Controls, IT Administration Controls, IT Strategy Controls, System Development Controls, IT Security Controls, IT Operational Controls, IT Technical Controls, Computerized Application Controls, and IT Performance Management Controls. In addition to these the following audit programs and checklists are described:
IT Terms of Reference Checklist,
IT Vision, Mission, and Values Checklist,
IT  Strategic Planning Checklist,
IT Technology Coverage Checklist, and
IT Performance Assessment Audit Program.

PART C: DESIGN, IMPLEMENTATION AND MONITORING OF CONTROLS

The purpose of this part is to identify and propose the elements required to design, implement and monitor strategic and operational control systems more efficiently and effectively.

This part contains three chapters:

Chapter 11: Designing Strategic and Operational Controls

This chapter describes how to design strategic and operational controls for organizations, and the various elements required by the organizations to carry out the design process the best way. The contents of this chapter are:
Strategic and Operational Controls,
Objectives of a Strategic and Operational Control System,
Selecting a Strategic and Operational Control System,
Designing Strategic Management Controls,
Duties, Responsibilities, and Conflicts of Interest,
Key Issues in Designing Strategic and Operational Controls,
Frameworks for Implementing Strategic Controls, and
Comparative Analysis of Frameworks.
Also examples of (a) a strategic controls process and a corporate policies and procedures management plan, (b) a conflicts of interest policy, (c) the control duties and responsibilities of a CIO and a board of directors, (d) a BSC for a public ministry and a BSC for a large construction company, and (e) performance measures for designing controls, are presented.
In addition to these the following checklists are described:
Strategic Management Controls Checklist, and
Organizational Controls Readiness Checklist.

CHAPTER 12: Implementing Strategic and Operational Controls with the BSC

This chapter describes how to implement strategic and operational controls for organizations, and the various elements required by the organizations to carry out the implementation process the best way. The contents of this chapter are:
The rationale for BSC development and implementation, 
The BSC general implementation process,
BSC Detail Implementation Approaches, and
The critical success factors in implementing strategic controls.
Also examples of (a) a Full-Scale Methodology for implementing BSC, and a Quick way approach for implementing BSC, (b) the contents of a BSC implementation plan, BSC responsibilities, and a performance dictionary, (c) an employee performance review policy, (d) linking the various BSC components, and (e) performance measures for implementing controls, are presented.
In addition to these the following checklists are described:
BSC Implementation Checklist,
Strategic Controls Implementation Checklist, and
Strategic and Operational Controls Checklist.

Chapter 13: Monitoring and Review Controls

This chapter discusses the purpose and main types of monitoring and review controls, and describes the following controls, such as:
Monitoring Controls System,
Monitoring implementation of the strategic plan,
Monitoring implementation of policies and procedures (Continuous management monitoring procedures, Communicating performance information procedure, Management reports monitoring procedures, and Data Quality Monitoring Procedures), and Review and compliance controls (Internal Audit Process, Corporate Compliance Officer, Daily Activities Review Controls, Computer Security Monitoring and Review Procedures, The Corporate Governance Information System, External-Assessment Procedures, and Self-Assessment Procedures).
Also examples of (a) a data improvement methodology, (b) the contents of an internal audit report, (c) the contents of a customer satisfaction survey, (d) a Corporate Intelligence Monitoring Management Plan, and (d) performance measures for monitoring controls, are presented.
In addition to these the following audit programs and checklists are described:
Organizational Controls Monitoring Audit Program,
Communications System Review Checklist,
Internal Audit Checklist,
Monitoring Strategic Plan Checklist,
Monitoring Corporate Controls Checklist, and
Monitoring IT Controls Checklist.

APPENDICES

Appendix 1. The Code of Hammurabi
Appendix 2. The Ten Laws of Solon
Appendix 3. The Maxims of the Oracle of Delphi 
Appendix 4. Examples of BSC Implementations 
Appendix 5. Strategic Analysis and Assessment Methods and Tools 
Appendix 6. Chief Information Officer – Job Description 
Appendix 7. List of Audit and Review Programs 
Appendix 8. List of Audit and Review Checklists 

GLOSSARY

BIBLIOGRAPHY

                          AUTHORS



John KYRIAZOGLOU, CICA, M.S., B.A (Hon.)

                          and Dr. Frank Nasuti, Ph.D., CPA, CICA, CFE



                          with Dr. C. J. Kyriazoglou, Ph.D., MSc.

                                                    


IT STRATEGIC AND OPERATIONAL CONTROLS


IT STRATEGIC AND OPERATIONAL CONTROLS*

           By John KYRIAZOGLOU, CICA, M.S., B.A (Hon.)

  *This is summary of the following book

 ==== TITLE: 'IT STRATEGIC AND OPERATIONAL CONTROLS’ =====

PRINTED VERSION:                    www.itgovernance.co.uk/products/3066

E-BOOK FORMAT VERSION:    www.itgovernance.co.uk/products/3067

ADDENDUM TO THE BOOK (Customisable IT Audit Programmes and Checklists

                     (WORD FORMAT): www.itgovernance.co.uk/products/3143

 These can also be purchased from www.itgovernanceusa.com,  

itgovernanceasia.com and other major world distributors (e.g. AMAZON), etc.) and bookstores in several countries (England, India, Switzerland, Italy, Germany, Poland, Brazil, Canada, Australia, Japan, etc.).

 Author: John Kyriazoglou, Publisher: IT Governance Publishing

ISBN: 978-1-84928-061-7, Pages: 686, Format: Softcover, Date: 2 September 2010

 BOOK SYNOPSIS

 This book is about Information Technology (IT) Strategic and Operational Controls. IT controls (policies, procedures, forms, practices, audit programs, and checklists, etc.) enable and support all management levels of the organization (top, middle, and lower) to accomplish the IT strategic and operational goals of the organization. The book covers all the IT areas, such as: IT Organization Controls, IT Administration Controls, Enterprise Architecture Controls, IT Strategic Controls, System Development Controls, IT Security Controls, Data Center Operational and Support Controls, Systems Software Controls, Computerized Application Controls, and Using IT Controls in Audit and Consulting Assignments. Also the Appendix of the book contains examples of IT Security Policies, several examples of IT Forms, an IT Audit Methodology, a list of IT Audit Areas, an Internal Audit Report example, etc.

ADDENDUM to IT STRATEGIC AND OPERATIONAL CONTROLS

ISBN 978-1-84928-075-4. This separate volume contains Customisable IT audit programmes and checklists in word format.

 BENEFITS OF THE BOOK

 This book can guide, facilitate, enable, support and assist Organizations, Senior Executives, Boards, Managers, Professors, IT Professionals, and Auditors:  (1) in organizing, managing, controlling, dealing with, reviewing and improving IT operations and activities is the areas of Organization, Administration, Strategy, Contingency Planning and Disaster Recovery, System Development, Software Quality, Data Center Operations, etc.), (2) in Internal and External IT AUDITING activities including possible aversion and detection of ECONOMIC AND HIGH-TECH CRIMES,  (3) in UNIVERSITY EDUCATIONAL and Professional Training Programs for the areas of IT, BUSINESS ADMINISTRATION, MANAGERIAL ACCOUNTING AND CONTROL, COMPUTER SCIENCE, Information Management, Commerce, Finance, Accounting, Banking, Operations Management, etc., and (4) in CERTIFYING PROFESSIONALS IN IT CONTROLS and IT AUDITING.

 ENDORSEMENTS OF THE BOOK AND THE AUTHOR
'I wholeheartedly recommend this book to senior and operations managers who are the ultimate users of IT and who need to ensure that the information they receive is relevant, accurate, timely and, more importantly, the result of systems which are well controlled. Both internal and external auditors will find reference to a large number of very relevant tools for use in auditing and reviewing IT operations. I also highly recommend this book to any students studying for a degree that includes an auditing and IT module as part of their programme."

Professor Georges M Selim, Emeritus Professor and Former Head of the Faculty of Management, Cass Business School, London, U.K. (See also ‘FOREWORD’ Section in the book)

"John is highly experienced IT professional with extensive practical and theoretical knowledge. He is capable of managing complex engagements and maintains excellent relations with clients and peers. He is also a distinguished writer of both technical books as well as literature. Working with John is a professional and personal pleasure."

George Raounas, Partner, KPMG Advisory Services, Greece.



"Mr John Kyriazoglou is a multi-talented personality. His technical and managerial skills together with his deep knowledge and expertise, can guarantee the successful completion of any IT project. He is a writer of technical as well of philosophical books being capable of balancing hi tech expertise with humanities. I have the pleasure of knowing him and working with him for many years. He has always been a teacher to me, providing me with his expertise, as well as his advice and care."

 Michael Hadjiefthymiou, IT Audit Manager at a major Greek Bank

 SUMMARY OF BOOK CHAPTERS

 Chapter 1: IT Organization Controls  

This chapter describes the main IT Organization Controls, such as: IT Department Functional Description Controls, IT Organizational Controls, IT Vision, Mission and Values, Monitoring and Review Controls, IT Control Frameworks, and IT Organization Performance Measures. Also examples of (a) IT terms of reference, (b) the contents of four IT control frameworks (COBIT, ITIL, ISO/IEC 38500, and  The Calder-Moir IT Governance Framework), and (c) IT organization performance measures, are presented.

In addition to these a set of audit programs and checklists are described, such as: IT Terms of Reference Checklist, IT Organizational Assessment Audit Program, IT Functional Assessment Audit Program, etc.

Chapter 2: IT Administration Controls

 This chapter describes the main IT Administration Controls, such as: IT Standards, Policies and Procedures, IT Budget, IT Asset Controls, IT Personnel Management Controls, IT Purchasing Controls, IT Management Reporting, and IT Administration Performance Measures. Also examples of (a) an IT budget, (b) IT personnel job descriptions of a Chief Information Officer, Business Systems Analyst, Application Systems Analyst, etc., and (c) IT administration performance measures, are presented. In addition to these the following audit programs and checklists are described: IT Personnel Management Controls Audit Program, IT Procedures Audit Program, Standards Checklist and Segregation of Duties Checklist.

 Chapter 3: Enterprise Architecture Controls

This chapter describes the main Enterprise Architecture Controls, such as: Enterprise Architecture Frameworks, Enterprise or Operating Model of the Organization, Business Process Narratives, Enterprise Architecture Repository, etc., and Enterprise Architecture Performance Measures. Also examples of (a) strategies, general goals, and objectives, (b) mission, vision, and values statements, and (c) a corporate ethics policy are presented.

In addition to these a set of audit checklists are described, such as: Enterprise Architecture Framework Checklist, Corporate Vision, Mission, and Values Statements Checklist, and Corporate Strategic Plan Checklist.

 Chapter 4: IT Strategic Controls

This chapter describes the main IT Strategic Controls, such as: IT Strategic Process Controls, IT Strategy Implementation and Monitoring Controls, and IT Strategic Performance Management Controls. Also examples of (a) an IT Strategy Analysis Methodology, (b) an IT Strategy Implementation Action Plan, (c) the contents of an IT strategic plan and an IT Performance Management Policy, and (d) an IT Balanced Scorecard and IT strategic performance measures, are presented.

In addition to these the following audit programs and checklists are described: IT Strategic Planning Checklist, IT BSC Implementation Checklist, IT Strategic Controls Implementation Checklist, IT Performance Assessment Audit Program, and CIO Business Plan Assessment Audit Program.

Chapter 5: System Development Controls

This chapter describes the main IT System Development Controls, such as: Application Development Controls, IT Systems Testing Methodology, End User Application Development Controls, Audit Trails, Software Package Controls, and System Development Quality Controls. Also examples of:
(a) methodologies for systems development,
(b) the contents of a feasibility study, a systems analysis and design document, an application documentation set, an audit trail, an IT acceptance procedure and an IT application test plan,
(c) the contents of test forms,
(d) the contents of the documents of a software package purchase process, and (e) system development performance measures, are presented.
In addition to these the following audit programs and checklists are described: IT Data Management Controls Checklist, Documentation Checklist, System Development Strategy Checklist, System Development and Maintenance Checklist, End User Application Development Checklist, Software Requirements Specification Checklist, and Software Feasibility Approval Checklist.

 Chapter 6: IT Security Controls
This chapter describes the main IT Security Controls, such as: IT Security Guidelines and Standards, IT Security Policies and Plans, Computer Operations Controls, Personnel Security Management Controls, End User Security Administration Controls, Social Engineering Controls, Password Controls, IT Technical Protection Controls, Other Management Controls, Security Organizational Controls, and IT Security Performance Measures.
Also examples of: (a) the contents of an IT security management plan,
(b) the contents of a systems development security plan, and a site security handbook
(c) the contents of a physical and environmental security program, and
(d) IT security performance measures, are presented.
In addition to these the following audit program and checklists are described: IT Security Audit Program, IT Security Policy Checklist, and Logical Security Controls Checklist.

 Chapter 7: Data Center Operational and Support Controls

This chapter describes the main Data Center Operational and Support Controls, such as: Data Centre Controls, IT Contingency Planning and Disaster Recovery Controls, Hardware Controls, and Personal Computers Controls. Also examples of (a) an IT contingency planning methodology, (b) a personal computers use policy and safe operations procedure, (c) the contents of a vital records package and an IT disaster recovery plan, (d) a set of forms to manage various IT issues, and (e) IT operational performance measures, are presented.

In addition to these the following audit checklists are described: Physical Security Checklist, Environmental Issues Checklist, Production Environment Issues Checklist, Data Centre Management Checklist, Backup and Recovery Checklist, IT Disaster Recovery Checklist, and Personal Computers Checklist.

 Chapter 8: Systems Software Controls

 This chapter describes the main Systems Software Controls, such as: Systems Operating Environment Controls, Data Base Controls, Data Communications Controls, Audit Trail Controls, and Operating System, Data Base and Data Communications software Change Management Controls.

Also examples of (a) the software suppliers maintenance procedure, (b) the system software management process, (c) the contents of a data communications management plan, and an audit trail record, (d) a set of forms to manage the changes to system software, and (e) IT technical performance measures, are presented.

In addition to these the following audit programs and checklists are described: Systems Software Management Audit Program, System Software Acquisition Checklist, Systems Software Operation Checklist, Data Management Checklist, Data Base and Data Communications Checklist, Data Base Management System Checklist, Data Networking Audit Program, and Data Communications Checklist.

 Chapter 9: Computerized Application Controls

 This chapter describes the main Computerized Application Controls, such as: Input Controls, Processing Controls, Output Controls, Database Controls, Change Controls, and Testing Controls. Also examples of (a) a test methodology, (b) a test plan and an application audit trail record, (c) an organizational structure for application software testing, (d) a set of forms to manage the application software development and testing process, and (e) computerized application performance measures, are presented.

In addition to these the following audit programs are described: Computerized Application Controls Audit Program, Computerized Application Quality Audit Program, Post Implementation Review Audit Program, Web Applications Checklist, and Monitoring IT Application Controls Checklist.

 Chapter 10: Using IT Controls in Audit and Consulting Assignments

 This chapter contains three case studies and one IT audit assignment to improve the understanding of the IT controls contained in chapter 1 to 9 and the appendix of this book. These are: Retail Operation: IT Strategy Case Study, Trading Company: Applications Controls Case Study, Public Organization: IT Security Case Study, and IT Audit Assignment for Organization ‘ABCXYZ’.

APPENDICES

 Appendix 1: Examples of IT Security Policies

Appendix 2: IT Ethics Code-Example

Appendix 3: Monitoring IT Controls Checklist

Appendix 4: Examples of IT Forms

Appendix 5: IT Audit Methodology

Appendix 6: IT Audit Areas

Appendix 7: Internal Audit Report-Example

Appendix 8: Review Questions and Answers (for each chapter of this book)

Appendix 9. List of Governance and Control Frameworks.

 GLOSSARY

BIBLIOGRAPHY