Control Objectives for Information Technology (COBIT)

By Bruce H. Nearon

Control Objectives for Information Technology (COBIT) has been developed as a generally applicable and accepted standard for good information technology (IT) security and control practices that provides a reference framework for management, users and information systems audit, control and security practitioners. The key to maintaining profitability in a technologically changing environment is through maintaining control. COBIT’s control objectives provide the critical insight needed to delineate a clear policy and establish good practice for IT controls.

Learn how COBIT can help managers control and manage IT and why organizations should adopt it as a governance tool by attending the June 17 continuing professional education (CPE) evening presentation organized by the New York State Society of CPAs’ Technology Assurance Committee.

COBIT also provides auditors with a generally accepted criteria to benchmark compliance with an entity’s control objectives. Topics covered at the presentation will include:

• The reasons for COBIT’s development;
• COBIT’s ability to evaluate and maintain control over IT;
• Real-world issues in adopting COBIT, and
• Using COBIT in internal auditing.

Date: Tuesday, June 17
Time: 5:30 p.m. to 6:00 p.m.: registration, networking, free sandwiches and soft drinks 6:00 p.m. to 8:30 P.M.: CPE session
Presenters: Steven Schon, George Durk, Lucas Kowal
Location: NYSSCPA headquarters, 530 Fifth Ave. (between 44th and 45th streets), fifth floor, New York City

About the Presenters

Steven Schon, CISA, is vice president and IT audit manager for the Bank of Tokyo-Mitsubishi’s Audit Office for the Americas. He has 22 years of audit and technology experience, all in the financial services industry. Mr. Schon is a past president of the New York Chapter of the Information Systems Audit and Control Association (ISACA). He has led COBIT presentations for ISACA and the Institute of Internal Auditors. Mr. Schon also holds a master’s in business administration degree in quantitative analysis from St. Johns University. He can be reached at sschon@btmna.com.

George Durk, CPA, is director of internal audit services for the American Institute of Certified Public Accountants (AICPA). He has 17 years of audit experience and currently is heading an AICPA strategic initiative for the CPA exam’s computer-based testing operations, scheduled for launch in April 2004. Mr. Durk can be reached at gdurk@aicpa.org.

Lucas Kowal, CPA, CISA, CISSP, is an assistant vice president of information systems audit at the international financial services conglomerate BNP Paribas. Mr. Kowal has several years of audit and consulting experience in information systems and technology applications, having worked with Arthur Andersen’s Technology Risk Consulting Group and the Depository Trust Clearing Co. prior to joining BNP Paribas.

Mr. Kowal holds a bachelor’s in science degree in public accounting and a master’s in business administration degree in management information systems, both from State University of New York at Buffalo. A member of the Society’s Technology Assurance Committee, Mr. Kowal can be reached at lucas.kowal@BNPPARIBAS.com.

Additional Information

This NYSSCPA/Foundation for Accounting Education CPE evening technical session is $45 for NYSSCPA members and $50 for nonmembers to qualify for three hours of CPE credit. A $25 additional walk-in fee will be charged to those who register at the door.

At the session you will get the chance to network with the profession’s and the industry’s IT leaders. Advance registration is recommended because seating is limited.

For additional information, contact Gary E. Carpenter at 315-487-4567 or gcarpenter-cit@worldnet.att.net or Bruce H. Nearon at 973-403-6955 or bnearon@jhcohn.com.

For more information on the Technology Assurance Committee, visit www.nysscpa.org, click on the Find Committees tab on the left-hand side of the page and then scroll down to the Technology Assurance Committee link.

Registration

To register: contact FAE at 212-719-8383 or 800-537-3635 or visit the Society’s website at www.nysscpa.org (you will need your Society member number to register). Go to the Technology Assurance Committee homepage and select “6/17/03—Control Objectives for Information Technology” located under the Evening Technical Session banner.

Acknowledgments

J.H. Cohn LLP and Carpenter Information Technologies, Inc., helped provide the funding and resources for the sandwiches and soft drinks, marketing and publicity, and administration of this event.