|
|
|
Presented by:
Sarah Adams, CISA
Khalid Wasti, CPA.CITP, CISA
October 14, 2008 @ 2:00pm ET
REGISTER NOW
|
In today’s complex business and regulatory environment, risk and compliance are often addressed in silos, leading to fragmented, inconsistent processes involving substantial duplication of effort and reactive solutions in which employees are used as human “middleware.” IT is not adequately leveraged or aligned with risk and compliance needs. As a result, organizations are subject to excessive complexity, increased exposure and soaring compliance costs.
There is a better way. IT Governance Risk and Compliance (GRC) represents an integrative approach to addressing risk and compliance issues from an enterprise perspective, leveraging common risk-management and compliance objectives to employ a common control framework, automated controls and controls-based testing/monitoring.
In the May 28th IT Community Web Seminar, Khalid Wasti, CPA.CITP, CISA and Sarah Adams, CISA of Deloitte & Touche, LLP discuss the current environment and a road map to IT GRC. Using illustrative diagrams and real-world examples, they explain:
- What Integrated GRC is, why it is important, and how it can be applied to IT
- The differences between an integrated GRC and non-integrated GRC Enterprise
- How integrated GRC allows for better alignment of IT and risk and compliance efforts
- How GRC leverages common risk and compliance objectives to achieve an integrated control framework that supports efficient controls-based testing and monitoring
- How IT GRC can help reduce costly duplication of effort, procedural complexity and the compliance workload, promoting improved communication and increased Return On Investment (ROI), while yielding a more effective approach to compliance and risk management
About the Presenters:
|
 |
Sarah Adams, CISA
Director, IT Internal Audit Practice
Deloitte & Touche, LLP |
Sarah Adams is a Director at Deloitte & Touche LLP and the national leader of the firm’s IT Internal Audit practice. Sarah has over 20 years of audit, technology, operations and IT Risk and Controls experience. For the first twelve years of her career, Sarah worked in IT, and was responsible for the international communications network at a global bank before moving into that bank’s internal audit department.
As an auditor, Sarah has applied her knowledge of IT processes, risks, and controls to assist clients in establishing/strengthening the IT audit focus within their internal audit departments.
Before coming to Deloitte & Touche, Sarah was the Global IT Audit Director for The Walt Disney Company. She is a Certified Information Systems Auditor (CISA) and is active in the Institute of Internal Auditors (IIA), serving as an instructor for the IIA’s Introduction to IT Auditing course and presenting at several local chapter IIA meetings on a variety of auditing topics.
|
 |
Khalid Wasti, CPA.CITP, CISA
Senior Manager, Audit & Enterprise Risk Services
Deloitte & Touche, LLP |
Khalid Wasti is a Senior Manager at Deloitte & Touche LLP in the Enterprise Risk Services practice and has more than 15 years of audit, operations, and information technology experience. Since joining Deloitte & Touche he has managed IT audits, systems implementation reviews, business continuity reviews, quality assurance reviews, risk assessments, operational audits, security reviews, and SOX testing.
Prior to joining Deloitte, Khalid provided a broad range of audit and consulting services to clients in a variety of industries while working for PricewaterhouseCoopers, and IBM Business Consulting Services. He also worked as a Controller in the publishing industry and as a securities analyst for a Financial Services company.
Khalid is Certified Public Accountant, a Certified Information Systems Auditor (CISA), a Certified Information Technology Professional (CITP) and holds an MBA in Accounting. He is a member of the Information Technology Executive Committee of the American Institute of Certified Public Accountants, a member of the Institute of Internal Auditors, the New York State Society of Certified Public Accountants, and the Information Systems Audit and Control Association.
|