Jim Kaplan's
audnet.gif (4937 bytes)

 

  

newslogo.gif (7197 bytes)
ASK (Auditors Sharing Knowledge) for Progress

October 2003

Prior AuditNet-L Newsletters

The AuditNet-l Newsletter is sponsored by: PricewaterhouseCoopers TeamMate

"PricewaterhouseCoopers TeamMate is a database-driven audit management system that streamlines the audit process by providing integrated tools for documentation, report generation and file sharing."

 

 
AuditNet Links
Audit Programs
 AuditNet Library
AuditNet Newsletter
Ask the Auditor
AuditNet Lists
Audit Jobs
Travel
Career Links
Partner Discounts
Search
Sign Guestbook
AuditNet Sponsors
Advertising Opportunities
About AuditNet
About Jim Kaplan
AuditNet Seminars
AuditNet Homepage

 

 al_logo.gif (1206 bytes)

logo.jpg (1604 bytes)

 

  

Sponsor News!

logo.jpg (1604 bytes)

Thanks for all your support in the past and looking forward to continued support in the future. AuditNet® is a sponsor-supported site. Without sponsor advertising you would have to pay for use of this site.

This month check out Pentana, vendor that produces software for audit professionals, including integrated risk and audit management, staff scheduling and information security questionnaires. Remember! Clicking on sponsored ads helps support AuditNet®.

Building Enterprise Risk Management on the Foundation Laid by Sarbanes-Oxley

 

Compliance with Sarbanes-Oxley lays a foundation for implementing Enterprise Risk Management (ERM) capabilities that did not previously exist for many companies. Companies that have implemented improved disclosure processes and internal control over financial reporting should take a closer look at how they can expand these capabilities to encompass all business activities. Doing so gives executives and directors alike greater confidence that their organizations are identifying and managing all potentially significant business opportunities and risks.

This article was contributed by Protiviti KnowledgeLeader, an online service providing tools, templates, and other resources for internal audit and risk management. Free trials available at www.knowledgeleader.com. For a limited time KnowledgeLeader memberships are available for the reduced rate of $500 per year. Tell them you heard about it from AuditNet.org.

Click here for the article.

Trainee Auditors

by Kastuv Ray

There comes a time when we have to “pass the torch” to the next generation. It is important therefore to recruit the right staff with the right qualities so that these individuals can continue our legacy both within our organization and the internal audit profession. Organizations need to recruit trainee internal auditors with the future in their veins.

Click here for the rest of the story!

AuditNet Job Listings (& more)

Looking for an audit job? Go to the AuditNet® Audit Jobs section for the latest job opportunities. 24 hours a day, 7 days a week you have the ability to not only look at available jobs, but you can also post your resume, apply for open jobs, research companies and obtain career advice. If you are in the market for a new job, make AuditNet® your first stop to check out what's available.

This is just another benefit of using AuditNet® as your one stop shop for all your audit and career resources.

CAREER BOOT CAMP FOR AUDITORS

At A Loss For Words To Describe Your Organization?   

by Robbie Miller Kaplan

Who you work for Fortune 500 firm, entrepreneurial start-up, or retail chain can have an impact in future job or career opportunities. How you describe your organization on your resume, bio, or in framing the response to an interview question may be an influencing factor in moving on or staying put. Use the following tips as guidelines in writing powerful organization descriptions to maximize your credentials.

For the tips click here!

Good luck!

Each month the AuditNet® Newsletter includes a career-related tip from Robbie Miller Kaplan, author of How to Say It in Your Job Search. If you like these tips, check out her books! For more career tips go the Job-Resources Web site.

You and your password(s)…
Against the rest of the world! 

by André Viljoen

Nowadays, we are surrounded by computers and systems, which require us to provide a username and password in order to gain access to specific or required information. And this applies to each and every one of us: think of your Personal Identification Number (PIN) for your debit or credit card. This too, is a form of password protection.

For the purpose of this article, let us stick to the Local Area Network (LAN) or application software, e.g. Oracle or SAP, at work. In order to gain access to the LAN or specific software applications at work, you need to supply a username and password.

The objective of this article is to create a greater awareness, to provide information on the importance of selecting secure passwords as well as best practices relating to password management, e.g.. selecting, changing and managing your password.

The Employee, the Auditor (either internally or externally), as well as the Security Professional will be able to use the information contained within this article.

For the rest of the article click here.

Looking for Auditors?

If your company has any audit job vacancies that you are looking to fill, have your HR people contact AuditNet® to post the job and search for candidates. Using the jobs section helps support AuditNet® as well! For more information click here.

AuditNet® Resource List Updates

Click here for the new links!

Please let us know of links that are not working!

AuditNet® Statistics

For those who like to wade through the details on how popular AuditNet® is, click here for the current stats or go to the online WebTrends report.

 

AuditNet® Book Reviews

Payables Test Set for ACL 

by Richard B. Lanza

It is very rare that you see authors provide practical solutions to everyday audit situations in a logical and understandable format. In the Effective Analyst Series of books published by Ekaros Analytical Inc. Richard B. Lanza, the appointed guru of data and risk analysis auditing and computer aided audit tools and techniques, hits the nail right on the head!

For the rest of the review click here!

The only periodical of its kind bringing useful and timely advice and insights into the prevention detection, and investigation of all forms of computer and Internet crime. The October 2003 issue includes the following articles: Internal InfoSec Threat: ...How to Avoid Trouble, Health-Care Fraud Prevention, Honeypots ... How to Use... and more.  For more information visit www.cybercrimefighter.net

AuditNet® Feedback

I never knew this site existed - found it in Bank Research Assoc. Current Issues in Bank Auditing. Looks like a great tool.

I would like to express my appreciation for the site, especially ASK the shared programmes section This has proved to been an invaluable resource in my work and when tackling any new subject area (to me – that is) one of my very first steps is to visit Auditnet. I often find that ASK provides me with an immediate insight into the relevant control issues for the area under review from those ‘that have gone before’. Again many thanks to JK and the many other auditors whose contributions I have gratefully read. CS - Scotland

Have you ever stumbled and discover GOLD. This is real gold. I have everything i have ever wanted in one site. thank you so much - from Tanzania

I am glad to see that this type of website is available for auditors. Great work, keep up the good job.

 

  

The Auditor's Guide to Internet Resources, 2nd Edition!

Order it Now!

AuditNet® Internet Boot Camp for Auditors

Special Interest Groups (SIGs) for Auditors Update

Thanks to all who expressed an interest in SIG's. I am working on the plans for the areas that received the highest interest. Coordinators will be appointed and they will begin operating as soon as they are organized. The greatest way to integrate the use of the Internet into auditing is by sharing information via discussion groups. The foundation of these SIG's will be an email discussion forum where you can share resources and ideas with other peer professionals. The way to make this work is by participation. So when you join a SIG, participate, share, mentor and take advantage of this new and valuable Internet resource for audit.

If you are interested in forming an ASIG, send an email to editor@auditnet.org with the topic or industry, why you are qualified and at least three ideas on how you will handle the group. I will then post a message to see if there is sufficient interest (at least 10 members) and then create the Web page and establish a discussion forum.

Auditors Sharing Knowledge (ASK) for Progress; it's what AuditNet® is all about.

Stay tuned for the next Internet boot camp tip from the auditing Internet guru!

Audit Work Programs Corner

Auditors Sharing Audit Programs and Working Papers

The following audit programs, ICQs, checklist or working papers were added this month. They are in format unless otherwise specified. Some may only be available in exchange for an audit work program contribution. They are also available in format by email in exchange for a contribution of an audit work program, ICQ or checklist. Beginning in August 2003 all new programs contributed will include the date the program was added to the inventory (dd/mm/yy). This was at the suggestion of an AuditNet® user.

  1. Admissions & Transfers (Schools) ICQ (10/1/03)

  2. Corporate Cards (10/1/03)

  3. EDI Systems Audit Program (10/1/03)

  4. Inventory ICQ (10/1/03)

  5. HR Payroll & Personnel Audit Program (10/1/03)

  6. Internet Banking Audit Program (10/1/03)

  7. Recruitment Process (10/1/03)

  8. System Conversion Best Practices (10/1/03)

  9. Travel and Entertainment Expenses (10/1/03)

Audit Documents in the Queue!

The following audit documents will be posted next month. Interested in them now? Send an audit work program, ICQ, checklist or other audit template and receive them via e-mail. Your contribution must include your name and email address. 

  1. Business Plan Audit Program (11/1/03)

  2. Cash Collection and Bank Reconciliation - Fast Food (11/1/03)

  3. Cisco PIX Firewall Audit Program (11/1/03)

  4. Creditors ICQ (11/1/03)

  5. Data Communication Controls Review (11/1/03)

  6. Data Test Objective Audit Program (11/1/03)

  7. Desktop Software License Audit Program (11/1/03)

  8. Finance and Accounts - College (11/1/03)

  9. Finance and Accounts - Hotel (11/1/03)

  10. Fixed Assets Audit Program (11/1/03)

  11. Fixed Assets Audit Program 2 (11/1/03)

  12. Follow Up Audit Program (11/1/03)

  13. Human Resource and Administration College (11/1/03)

  14. Investments Internal Controls (11/1/03)

  15. IT General Risk Review (11/1/03)

  16. Payment Verification Audit Program (11/1/03)

  17. Protecting Personal Information Audit Program - SSN (11/1/03)

  18. Protecting Personal Information Survey (11/1/03)

  19. Purchasing and Payments Expenditure Cycle (11/1/03)

  20. Sales and Marketing (11/1/03)

  21. Sales and Marketing College (11/1/03)

  22. Sales & Marketing Audit Program (11/1/03)

  23. TCP IP and Internet Audit Program (11/1/03)

  24. Trade Debtors Audit Program (11/1/03)

  25. Windows 2000 Operating System Audit Checklist (11/1/03)

Capital Construction Auditing

Squandering Capital – Is the party REALLY over?

by Al M. Gray

With returns of several multiples of its costs, Construction Auditing has succeeded in capturing the attention of the auditing profession. However, there is the danger that success in controlling costs from outside contractors is not met with equal vigor in a sustained emphasis on sound internal controls over capital spending.

To read the rest of the story, click here!

Software Compliance Audit News

October 2003 Update 

Will you pass the Software Compliance test?

by Rob Harmer

Many auditors are well aware of software licensing issues and the requirements to manage your software licenses so that you can demonstrate that you have legitimately purchased what you have installed. However some auditors are not up to speed on the issues, and some find it difficult to budget for resources (labor and software tools) to enable checking to occur across an organization, as it is not seen as a priority issue to consider.

If you can answer the following questions and are better than 90% confident you know what is installed can be verified by proof of purchase records etc , then don't bother taking the quiz!

For the rest of the story click here.

Computer Security Policies – How do you know if yours is working?

by Andrew Chodelski

Have you been part of a Computer Security Policy implementation team?  Are you tasked with auditing (determining) the successful implementation of such a policy project?  How do you measure success, and how confident are you that it can be sustained?   

For the rest of the story click here.

Your Secret Weapon in the War on Fraud

The October issue of this fraud newsletter features articles on E-Commerce Fraud, Money Laundering 2003 What You Need to Know Now, Treasury Check Fraud and more. AuditNet® users qualify for special rates on this publication. For more information click here

The AuditNet® Audit Bookstore

Looking for books on auditing related topics? We suggest using the AuditNet® bookstore. The bookstore focuses on Internal Audit but includes other related subjects as well. AuditNet® uses Amazon to power the bookstore so each purchase you make through this link helps support AuditNet®.

FREE! The Auditor's Guide to Internet Resources 2nd Edition

Interested in a free copy of The Auditor's Guide to Internet Resources, 2nd Edition? Write an article for the next newsletter on how you are integrating the Internet in auditing. If your article is selected, I will send you either the book or CD. Send your article to editor@auditnet.org 

AuditNet® Vendor News

Check here for the latest news from our AuditNet® sponsors!

AuditNet® Partner Discounts

Check out SekChek Security Evaluator the newest AuditNet® partner offering discounts to AuditNet® users on their standard subscription rates.

For information on partner discounts click here.

Protiviti KnowledgeLeader

For a limited time KnowledgeLeader memberships are available for the reduced rate of $500 per year. Tell them you heard about it from AuditNet.org.

Preview of Coming Attractions!

The AuditNet Monograph Series  provides useful guides for all levels of auditors from juniors right up to audit directors. If you are interested in developing a monograph on a contract basis, send an email to editor@auditnet.org

Watch for articles about forensics for auditors, risk management, audit report structure, exit conferences and more.   More book reviews are coming so watch the newsletter. Have an idea for a column? Send it to editor@auditnet.org

AuditNet® is working on new specialized resources for auditors. Watch the newsletter and keep checking the Library page for updates and new resources.

AuditNet® Conference Corner

Want to announce your professional association conference to the global audit community? Send the conference name, date and URL details to editor@auditnet.org

The Winnipeg Internal Auditors (WIA) are proud to announce their fourth annual Information Security conference

Raising the Bar! In Security Management November 3-7, 2003

Register Now!

Seventeen Accounting Procedures That Put Credit Managers at Risk

by Gary D. Zeune, CPA

It took the bankruptcy of Enron, the largest in U.S. history, to prove that the fundamental auditing processes aren’t up to the task of protecting users of financial statements. Enron isn’t the only failure, just the latest and largest. Remember Sunbeam, Waste Management, Global Crossing, Xerox (which recently paid a re c o rd $10 million fine) and Leslie Fay (the CFO has been sentenced to prison for 9 years), just to name a few?

For the rest of the story reprinted from the Business Credit  click here.
q        

Copyright © Jim Kaplan
AuditNet® is a registered trademark of Jim Kaplan

Copyright and Disclaimer

All rights reserved. No part of this Website may be reproduced in any form, by copying from the Internet, photostat, microfilm, xerography, or any other means, or incorporated into any information retrieval system, electronic or mechanical, without the written permission of the copyright owner.

Send comments to: editor@auditnet.org



Revised: January 14, 2008

Address of this Page is http://www.auditnet.org/