| |
||
| July 2004 | The
Monthly Newspaper of the NYSSCPA |
Vol.
7, No.10 |
The Whys and Hows of Pre-Implementation Reviews
By Yigal Rechtman
Auditors, information technology professionals, risk management staff and audit committees need to understand the issues and pitfalls that accompany the implementation of a new application or environment. Pre-implementation reviews are critical to this end.
These reviews serve to define and mitigate the risks inherent in application implementations, and enable auditors to alert IT managers, business stakeholders and audit committee members to potential problems that exist in the application before the application enters the live environment. They also facilitate close scrutiny of the internal control environment in which the application is being developed.
The Society’s Technology Assurance Committee has organized an Aug. 17 continuing professional education (CPE) morning presentation that will cover the use of Control Objectives for Information Technology (COBIT) as a guideline for performing pre-implementation reviews. Topics will include:
-
The definitions and objectives of pre-implementation reviews
-
Understanding the use of pre-implementation reviews for managers and audit committee members
-
COBIT overview
-
Use of COBIT in pre-implementation reviews
Date:
Tuesday, Aug. 17
Time: 8:30 a.m. to 9:00 a.m.: registration, networking;
9:00 a.m. to 10:00 a.m.: CPE session
Presenters: Lucas Kowal, audit manager at Morgan Stanley,
and Jeffrey Saffer, senior audit manager at Morgan Stanley
Location: NYSSCPA headquarters, 530 Fifth Ave. (between
44th and 45th streets), fifth floor, New York City
About the Presenter
Lucas Kowal, CPA, MBA, CISA, CISSP, is an audit manager of institutional securities information systems at Morgan Stanley. Previously, he was an assistant vice president of information systems audit at BNP Paribas, an international financial services conglomerate. Kowal has several years of audit and consulting experience on information systems and technology applications. Kowal also worked with Arthur Andersen’s Technology Risk Consulting Group and the Depository Trust Clearing Co.
Jeffrey Saffer, CISA, CFSA, is senior audit manager of institutional securities information systems at Morgan Stanley. He has more than 20 years of experience in programming, systems analysis and information systems audit in the financial services industry. Prior to his current position, Saffer was an assistant vice president of information systems audit at Merrill Lynch and vice president of information systems audit at Westdeutsche Landesbank. He also is a registered stock representative. Saffer holds a bachelor’s degree from New Jersey City Universitya and master’s degrees from the University of West Alabama and the New Jersey Institute of Technology.
Additional Information
This Foundation for Accounting Education (FAE) CPE morning presentation is free to NYSSCPA members and $15.00 for nonmembers to qualify for one hour of CPE credit.
At the session you will get the chance to network with the profession’s and the industry’s IT leaders.
Advance registration is encouraged, because seating is limited.
For additional information, contact Gary E. Carpenter at 315-487-4567 or gcarpenter-cit@worldnet.att.net or the author at 212-684-0011 or yr@personcpa.com.
For more information on the Technology Assurance Committee, visit www.nysscpa.org, click on the Find Committees tab on the left-hand side of the page and then scroll down to the Technology Assurance Committee link.
Registration
To register: contact FAE at 212-719-8383 or 800-537-3635 or visit the Society’s website at www.nysscpa.org (you will need your Society member number to register). Go to the Technology Assurance Committee homepage and select “Pre-Implementation Reviews: How and Why” located within the “Free IT CPE” box.
Yigal Rechtman, CPA, CITP, CISM, is a partner with Person & Company, LLP CPAs, in New York City and is a member of the NYSSCPA’s Technology Assurance Committee. The views expressed in this article are Rechtman’s and not his firm’s.
