Application Controls Defined.
Enviado por emdiaza • 22 de Mayo de 2015 • Tesinas • 36.866 Palabras (148 Páginas) • 271 Visitas
A Management Guide
Application Controls Defined
Design and Implementation of Application Controls
Operation and Maintenance of Application Controls
Application Controls and IT General Controls
Application Controls Assurance
Personal Copy of: Mr. Manuel R. Castro
2
ISACA®
With more than 86,000 constituents in more than 160 countries, ISACA® (www.isaca.org) is a recognised worldwide leader
in IT governance, control, security and assurance. Founded in 1969, ISACA sponsors international conferences, publishes the
ISACA® Journal, and develops international information systems auditing and control standards. It also administers the globally
respected Certified Information Systems Auditor™ (CISA®) designation, earned by more than 60,000 professionals since 1978;
the Certified Information Security Manager® (CISM®) designation, earned by more than 10,000 professionals since 2002; and
the new Certified in the Governance of Enterprise IT® (CGEIT®) designation.1
Disclaimer
ISACA has designed this publication, CobiT® and Application Controls: A Management Guide (the ‘Work’), primarily as
an educational resource for control professionals. ISACA makes no claim that use of any of the Work will assure a successful
outcome. The Work should not be considered inclusive of any proper information, procedures and tests or exclusive of other
information, procedures and tests that are reasonably directed to obtaining the same results. In determining the propriety of
any specific information, procedure or test, control professionals should apply their own professional judgement to the specific
control circumstances presented by the particular systems or information technology environment.
Reservation of Rights
© 2009 ISACA. All rights reserved. No part of this publication may be used, copied, reproduced, modified, distributed,
displayed, stored in a retrieval system or transmitted in any form by any means (electronic, mechanical, photocopying, recording
or otherwise) without the prior written authorisation of ISACA. Reproduction and use of all or portions of this publication are
permitted solely for academic, internal, non-commercial use and for consulting/advisory engagements and must include full
attribution of the material’s source. No other right or permission is granted with respect to this work.
ISACA
3701 Algonquin Road, Suite 1010
Rolling Meadows, IL 60008 USA
Phone: +1.847.253.1545
Fax: +1.847.253.1443
E-mail: info@isaca.org
Web site: www.isaca.org
ISBN: 978-1-933284-85-9
CobiT® and Application Controls: A Management Guide
Printed in the United States of America
CobiT® and Application Controls
1 CGEIT is a trademark/servicemark of ISACA. The mark has been applied for or registered in countries throughout the world.
Personal Copy of: Mr. Manuel R. Castro
3
Acknowledgements
ISACA wishes to recognise:
Authors
Eugene Atangan, CISA, PMP, Deloitte & Touche LLP, Canada
Gary S. Baker, CGEIT, CA, Deloitte & Touche LLP, Canada
Steven Cauwenberghs, CISA, CISM, CIA, Deloitte, Belgium
Candy (Yi-Ting) Chen, Deloitte & Touche LLP, Canada
Dan Cimpean, CISA, CISM, CIA, Deloitte, Belgium
Cosmin Croitor, CISA, CGEIT, ACCA, CIA, Deloitte, Belgium
Jessica Galland, Deloitte, Belgium
Gary Hardy, CGEIT, IT Winners, South Africa
Tony Jiang, CISA, CPA, Deloitte & Touche LLP, Canada
Gord Kilarski, I.S.P., Deloitte & Touche LLP, Canada
Monica Tang, Deloitte & Touche LLP, Canada
Geert Thoelen, Deloitte, Belgium
Johan Van Grieken, CISA, CGEIT, Deloitte, Belgium
Expert Reviewers
Mark Adler, CISA, CISM, CIA, CISSP, Allstate Insurance Company, USA
Kenneth C. Brancik, Ph.D., CISA, CISM, CISSP, ITIL, Northrop Grumman Information Systems, USA
Dirk Bruyndonckx, CISA, CISM, MCA, KPMG Advisory, Belgium
Luis A. Capua, CISM, Sigen, Argentina
Muhammad Fadli Davies, CISA, Old Mutual, South Africa
Seda Demircioglu, PricewaterhouseCoopers, The Netherlands
Heidi L. Erchinger, CISA, CISSP, System Security Solutions, Inc., USA
Robert F. Frelinger, CISA, CGEIT, Sun Microsystems, Inc., USA
Erik Guldentops, CISA, CISM, University of Antwerp Management School, Belgium
J. Winston Hayden, CISA, IT Governance Service Consultants, South Africa
Monica Jain, CGEIT, CSQA, CSSBB, Covansys–A CSC Company, USA
Kamal Khan, CISA, Saudi Aramco, Saudi Arabia
Suzana S. Keller, CISM, CISSP, Coca Cola
...