- This topic has 12 replies, 5 voices, and was last updated 8 years, 2 months ago by FAR_WARS.
-
CreatorTopic
-
January 18, 2016 at 6:46 pm #199582AnonymousInactive
Any tips on getting to understand or know this IT cra* (chapter 4 of Becker) in time for my exam in 3 days?
-
AuthorReplies
-
January 18, 2016 at 6:50 pm #755088monikerncParticipant
Review IT vocabulary and read the free COSO docs here: https://www.coso.org/guidance.htm
Do you have flash cards? Quizlet has some bec it flashcards but you never know if those are valid.AUD - 93
BEC - 82
FAR - 76
REG - 88How have you been?
Ninja book and MCQs and the forum, all first try! 2016
Licensed State of Montana April Fool’s Day 2020
State of Colorado June 2020 - AICPA Ethics 93
Experience was the worst part of the journey for me. You?
If you want things to change you have to do something different.FAR 7/25/15 76!
AUD 10/30/15 93
BEC 2/27/16 82
REG 5/23/16 88!
Ninja Book and MCQ and the forum - all the way!!!
and a little thing i like to call, time and effort!
if you want things to change, you have to do something differentJanuary 18, 2016 at 7:32 pm #755089monikerncParticipantPosting again and hoping forum updates with my response this time.
Review IT vocabulary and read the free COSO docs here: https://www.coso.org/guidance.htm Do you have flash cards? Quizlet has some bec it flashcards but you never know if those are valid.AUD - 93
BEC - 82
FAR - 76
REG - 88How have you been?
Ninja book and MCQs and the forum, all first try! 2016
Licensed State of Montana April Fool’s Day 2020
State of Colorado June 2020 - AICPA Ethics 93
Experience was the worst part of the journey for me. You?
If you want things to change you have to do something different.FAR 7/25/15 76!
AUD 10/30/15 93
BEC 2/27/16 82
REG 5/23/16 88!
Ninja Book and MCQ and the forum - all the way!!!
and a little thing i like to call, time and effort!
if you want things to change, you have to do something differentJanuary 18, 2016 at 7:50 pm #755090Tripin93ParticipantThanks monikernc! I'll try these out.
Motivated by JC. I do it to make God proud.
FAR: 91 July 2015
AUD: 83 October 2015
REG: 81 January 2016
BEC: 83 February 2016January 18, 2016 at 7:51 pm #755091AnonymousInactiveThanks! I have the flashcards, but still struggle on longer IT questions that ask outside of just definition
January 18, 2016 at 8:55 pm #755092FAR_WARSParticipantJanuary 18, 2016 at 9:38 pm #755093monikerncParticipantChange management control is an IT process that is a control activity under COSO.
AUD - 93
BEC - 82
FAR - 76
REG - 88How have you been?
Ninja book and MCQs and the forum, all first try! 2016
Licensed State of Montana April Fool’s Day 2020
State of Colorado June 2020 - AICPA Ethics 93
Experience was the worst part of the journey for me. You?
If you want things to change you have to do something different.FAR 7/25/15 76!
AUD 10/30/15 93
BEC 2/27/16 82
REG 5/23/16 88!
Ninja Book and MCQ and the forum - all the way!!!
and a little thing i like to call, time and effort!
if you want things to change, you have to do something differentJanuary 18, 2016 at 10:06 pm #755094FAR_WARSParticipantThanks for response, but i think it is within the monitoring component. Look up “monitoring- for-change control continuum”.
Monitoring may be considered as consisting of the following sequence of activities:
(1) Control baseline
(2) Change identification
(3) Change management
(4) Control revalidation/updateFAR- 80
BEC- 75
AUD- 78
REG- ?January 18, 2016 at 11:13 pm #755095monikerncParticipantI googled and found your phrase in a wiley book with the list you provided. I am using ninja which never identifies where it falls in coso. Ninja does talk about IT roles as separation of duties, a control activity, in the context of making changes or limiting access to those who are authorized for particular IT functions.
I can't tell if we are talking about the same thing or different. I get what wiley is saying about change management being part of the monitoring activities and see where IT change processes could fall under it. Now i am not sure.
Maybe someone else will chime in.AUD - 93
BEC - 82
FAR - 76
REG - 88How have you been?
Ninja book and MCQs and the forum, all first try! 2016
Licensed State of Montana April Fool’s Day 2020
State of Colorado June 2020 - AICPA Ethics 93
Experience was the worst part of the journey for me. You?
If you want things to change you have to do something different.FAR 7/25/15 76!
AUD 10/30/15 93
BEC 2/27/16 82
REG 5/23/16 88!
Ninja Book and MCQ and the forum - all the way!!!
and a little thing i like to call, time and effort!
if you want things to change, you have to do something differentJanuary 18, 2016 at 11:56 pm #755096AnonymousInactiveMy understanding of Change Management is that it is not simply a component of the Monitoring part of the COSO framework. It also includes elements that could be considered Control Activities, such as testing and user approval before implementing a change to an IT system. I belive Change Management is more of an IT best-practices concept that is separate from COSO, but shares a lot of overlap. I'm not an expert though, I've only done one ITGC audit in between my bread-and-butter financial audits. Hope that helps. I think it would be easier to explain if you had a specific MCQ that dealt with the topic?
January 19, 2016 at 12:11 am #755097FAR_WARSParticipantI think I got it. Segregation of duties is a control activity. Change Control is within monitoring. Inadequate segregation of duties could allow our Change Control to fail.
Management of a company has a lack of segregation of duties within the application environment, with programmers having access to development and production. The programmers have ability to implement application code changes into production without monitoring or a quality assurance function. This is considered a deficiency in which of the following areas?
a. Change control
b. Management override.
c. Data integrity
d. Computer operations.Choice “a” is correct. Programmer access to development and production represents flawed segregation of duties that creates deficiencies for change control. Change control considers the manner in which management monitors and authorizes changes to a variety of information technology matters including software applications programs. Only authorized individuals should be allowed to move changes into production and the function of making the change should be segregated from the function of pulling the change into production. Programmers With access to both programming instructions and Iive data undermine management's control of data and their ability to verify that all changes have been performed in a manner consistent with their instructions.
FAR- 80
BEC- 75
AUD- 78
REG- ?January 19, 2016 at 12:32 am #755098monikerncParticipantthat explains it very well. i would have never put it in monitoring but i see it now. is that a becker question?
thanks!AUD - 93
BEC - 82
FAR - 76
REG - 88How have you been?
Ninja book and MCQs and the forum, all first try! 2016
Licensed State of Montana April Fool’s Day 2020
State of Colorado June 2020 - AICPA Ethics 93
Experience was the worst part of the journey for me. You?
If you want things to change you have to do something different.FAR 7/25/15 76!
AUD 10/30/15 93
BEC 2/27/16 82
REG 5/23/16 88!
Ninja Book and MCQ and the forum - all the way!!!
and a little thing i like to call, time and effort!
if you want things to change, you have to do something differentJanuary 19, 2016 at 12:36 am #755099 -
AuthorReplies
- You must be logged in to reply to this topic.