Suchergebnisse

• eJournal-Artikel aus "Risk, Fraud & Compliance" Ausgabe 1/2007

  IT-Security und die Haftung der Unternehmensleitung

  Die wichtigsten Rechtspflichten im Bereich der IT-Security
  

  Max-Lion Keller

  …IT-Security Max-Lion Keller LL.M* Inzwischen sind in der Geschäftswelt nahezu alle Prozesse von der Informationstechnologie (IT) abhängig – von der… …beklagte der Präsident des Bundesamts für Sicherheit in der Informationstechnik (BSI), Udo Helmbrecht, das Fehlen einer entsprechenden IT-Sicherheitskultur… …unternehmensweites Risikomanagement zu installieren, welches natürlich auch alle Bedrohungen erfasst, die durch IT- Systeme und deren Einsatz entstehen können. 4… …, Softwarelizenzrecht, IT-Security sowie den E-Commerce spezialisiert. 1 Vgl. Bundesamt für Sicherheit in der Informationstechnik (Hrsg.): „BSI-Präsident fordert mehr… …IT- Sicherheitsinfrastruktur können einem Unternehmen und auch der jeweiligen Unternehmensleitung erhebliche wirtschaftliche Schäden verursachen. Die… …IT-Security-Bestimmungen auf den Inhalt der anzubietenden IT-Leistung, werden die Antworten des Bieters auf die IT- Security-Anforderungen des öffentlichen Auftraggebers… …unternehmenseigenen IT geht (Stichwort Datenverlust). Zudem sind Imageverluste zu befürchten, gerade wenn grobe Versäumnisse im Bereich des Datenschutzes an die…

  Alle Treffer im Inhalt anzeigen
• eBook-Kapitel aus dem Buch Accounting Fraud

  Chapter 4: Conclusion and Outlook

  Prof. Dr. Klaus Henselmann, Dr. Stefan Hofmann

  …, relatively infrequent in occurrence), and it must be shocking (that is, counter to our norms and values). Wilson argued that the public pays little attention… …sible for fighting fraud, one inevitable reality remains: “fraud happens”. It is a given that economic crime will always be with us. Eliminating fraud is… …a super- human task. However, a review of the scandals shows that in most of the cases, it is basically the same common pattern. A company faced… …. Often it starts as a one-shot deal to meet short term fi- nancial expectations. But it escalates to ongoing fraudulent activity until, with some… …accounting fraud can be summarized as follows (see Young 2004, pp. 11–13): 1. It generally doesn’t origin from conscious dishonesty. It doesn’t start… …because the CEO is dishonest, or because the CFO is dishonest. It also doesn’t start because the company had the misfortune of hiring a group of dishonest… …employees in its accounting department. 2. It origins from pressure. In particular, it starts with an environment in which two things are present… …: challenging targets of financial performance, and the perception that missing these targets will be viewed as unforgivable. 3. It starts out small. The… …fraud starts with little alterations of results (typically in the form of borrowing from future quarters). It doesn’t start with a grand plan or… …conspiracy. Often, the one or two perpetrators don’t even realize that they are stepping over the line and might be violating accounting standards. 4. It…

  Alle Treffer im Inhalt anzeigen
• eBook-Kapitel aus dem Buch Global Management Challenges for Internal Auditors

  The Financial Sector: Risks, Controls and Assurance after the Financial Crisis

  Daniel Nelson

  …the US, Euro-area, Japan, and the UK – grew up to USD 4.1 trillion or 7 percent on a total stock of USD 57.7 trillion. How was it possible to fall… …countries being represented by their respec- tive heads of state or government. It had never done that before the financial crisis, when only ministers and… …capital for its operations as would have been the case with a lower credit rating. On September 16, 2008 AIG lost its AA- rating (it had already lost… …internal audit. 4 Lessons for Internal Auditors First of all it has been reported that internal audit did not have sufficient or adequate access to… …area in an entity. Nelson 96 It has also been reported that enterprise risk management (ERM) and the finance complex did not have adequate… …funds we can all assume that those resources will be closely scrutinized, particularly in the public media. I submit as discussed earlier that it is… …of the factors contributing to this financial cri- sis. It would be interesting for internal audit to review whether the organization’s compensation… …policies and model are indeed appropriately tailored to its business model or whether it is a risk in itself.…

  Alle Treffer im Inhalt anzeigen
• eBook-Kapitel aus dem Buch Global Management Challenges for Internal Auditors

  Doing More with Less

  Neil Baker

  …does, and why it is important. He’s been making real progress. So how does he feel now that his budget is being cut? “If I was a newly minted auditor… …organisations. If I know in advance that I’m going to be somewhat resource constrained, then I can deal with it.” Despite the stoicism, Storms says he argued… …losing controls; it might even be a time to strengthen them,” he says. Storms is not alone. Other internal auditors have been waging the same battle, try-… …piece of a shrinking budget pie. So does internal audit really deserve special protection? And if it does have to take a share of the pain – which seems… …. He told the audit committee that performing fewer audits was better than cutting quality. How did the committee respond? “I’ll put it this way: It… …. The head of internal audit should ask the committee what areas it wants to priori- tise, he says. “It’s easy for chief audit executives to start by… …department wants to cut the budget? “If the chief financial officer has decided that the audit function should be reduced, it is vital for the audit com-… …mittee to be aware of that,” Chambers says. And if the committee members don’t know about it, internal audit should tell them, he adds. “I would never… …work on procurement fraud; for example, trying to spot fraudsters who submit fictional invoices in the hope they’ll be paid. It is also checking the… …way contracts are awarded, looking at background checks on suppli- ers, and auditing payroll. “Believe it or not, I even added petty cash audit to the…

  Alle Treffer im Inhalt anzeigen
• eJournal-Artikel aus "PinG Privacy in Germany" Ausgabe 5/2014

  The Right to be Forgotten in the post-Snowden era

  Paul Bernal

  …Paul Bernal is a lecturer in IT, IP and Media Law at the UEA Law School, and the author of Internet Privacy Rights – Rights to Protect Autonomy (CUP… …. Though the information revealed relates primarily to government surveillance, the ramifications are far wider and far greater than that. It is hard to find… …changes, and those changes have an impact. The right to be forgotten is one of those issues: it may seem to have nothing to do with government surveillance… …forgotten, how the right to be forgotten is being implemented, and how we might find an appropriate future for it. 1. Data Protection reform The right to be… …forgotten has been the subject of much discussion since it was first mooted as a key part of the reform of the European data protection regime. The progress… …early arguments about it have been extreme – including suggestions from American academics that the right to be forgotten ‘represents the biggest threat… …to free speech on the Internet in the coming decade’ 1 or describing it as ‘[m]ore crap from the EU’. 2 1 Rosen, Stanford Law Review Online, available… …its name, to include the word ‘erasure’, it is still a crucial part of the proposed reform. In May 2014 another critical event happened that has made… …, a form of the right to be forgotten already exists at least in relation to search engines. It is at least possible that the outcome of the case was… …influenced by the attitude of courts to privacy in the post-Snowden era. 3 Fleischer makes it clear that the blogs represent his own views, not those of Google…

  Alle Treffer im Inhalt anzeigen
• eBook-Kapitel aus dem Buch IT-Governance

  Entscheidungsdomänen der IT-Governance

  Christopher Rentrop

  …subsumiert werden, die spürbare Auswirkun- gen auf das Leistungsangebot, die Funktionsfähigkeit und die Kostenstruktur der IT haben. Für ein besseres… …Ausrichtung der IT zusammen- gefasst. In dieser Domäne stehen das „warum“ und das „was“ der IT im Vordergrund. – Steuerung der IT Die Entscheidungsdomäne… …. – Architektur In der Entscheidungsdomäne Architektur werden die Entscheidungen rund um die technologische Ausrichtung der IT zusammengefasst. Hier… …auf die Make-or-buy-Entscheidun- gen, also das „wer“ der IT ausgerichtet. – Security, Risk &Compliance Aufgrund der hohen Bedeutung für viele… …rund um die Umset- zung einer ordnungsgemäßen IT. – Organisation& Personal Die Domäne Organisation & Personal umfasst vor allem die Prozesse und… …Ressourcen und damit das „wie“ der IT-Leistungserbringung. Diese Domäne ist weitgehend innerhalb der IT angesiedelt, betrifft jedoch auch die Fachbe- reiche… …zugeordnet. Dabei ist zu beachten, dass diese Entscheidungsbereiche nicht völlig unabhängig voneinander sind. Abbildung 28: Entscheidungsdomänen der IT Quelle… …geht es um die grundlegende Ausrichtung der IT im Unternehmen. Zu den zentralen Entschei- dungen gehören die Frage nach dem strategischen Beitrag der IT… …Ausrichtung der IT als Business Partner, die Fokussierung auf Standards oder eine integrierte Sicht auf alle Kundendaten.77 Diese Prinzipien bilden damit auch… …Abbildung 25. der Entwicklung der IT-Prinzipien gehört wie beschrieben die Analyse der stra- tegischen Rolle der IT, da abhängig von ihr unterschiedliche…

  Alle Treffer im Inhalt anzeigen
• eBook-Kapitel aus dem Buch Accounting Fraud

  Case 31: Bankgesellschaft Berlin (Germany, 2001)

  Prof. Dr. Klaus Henselmann, Dr. Stefan Hofmann

  …Accounting Fraud in European Companies 186 Case 31: Bankgesellschaft Berlin (Germany, 2001) It is a spectacular tale of incompetence… …bank insolvency), this time it did not involve any elite private bank, but the most powerful banking house in the German capital. The crisis ex- posed… …. While Berlin’s city-state government owned the majority of BGB’s shares, the new institution was also publicly listed. That made it an unusual hybrid in… …the German banking system. Moreover, the way BGB was structured and managed left it vulnerable to weak controls and conflicts of interest. Its complex… …mix of businesses made it difficult for the supervisory board of the parent institution to maintain control and insist on clear risk reporting from… …Aubis and agreed on the credit line without the usual collat- erals and checks. However, Aubis failed as it saw itself unable to rent out the refur-… …were not just businessmen, but old CDU colleagues who had sat alongside him in parliament for many years. Then it came to light that Landowsky had… …, BGB quickly became one of the leading players in the Euro- pean real estate investment fund market. However, it was buying market share by assuming… …admitted it could not complete its 2000 accounts because of the ongoing investiga- tion and deep uncertainties about the potential risk in the… …property-linked portfolio. When BGB belatedly reported its official figures for 2000 in July 2001, it had to reveal a startling EUR 1.65 billion loss. It also…

  Alle Treffer im Inhalt anzeigen
• eJournal-Artikel aus "Zeitschrift Interne Revision" Ausgabe 4/2006

  Prüfungsplanung in der EDV-Revision – Ein IT-Audit-Universe Modell

  Dipl. Wirt.-Inf. (BA) Stefan Taubenberger

  …Welche Funktionen oder Systeme existieren innerhalb der IT? Welche Risiken existieren und welche Themen sind zu prüfen? Sind Ihnen diese oder ähnliche… …, vielmehr wird auf den Unterstützungsprozess Informationstechnologie (IT) ein gegangen. Unterstützungsprozess Informationstechnologie (IT) Den… …Unterstützungsprozess IT nur als einzelnes Element zu bewerten, ist nicht sinnvoll, aufgrund der Komplexität, der Organisation sowie der unterschiedlichen Einzelrisiken… …. Der Unterstützungsprozess IT ist deshalb weiter zu unterteilen, doch wie, um eine sinnvolle Bewertung der Risiken vornehmen zu können? Die… …Informationstechnologie wird den Unterstützungsprozessen zugerechnet. Dies bedeutet, dass die Informationstechnologie verschiedene Dienstleistungen, oder nach ITIL Services… …Unterstützungsprozesse nutzen/benötigen (externe DL) ◆ Prozesse/Services, die in der Informationstechnologie genutzt werden (interne DL) Die externen und internen… …erbracht. Des- Interne Revision 4 · 2006 161 ---INTERNE REVISION--- Prüfungsplanung in der EDV-Revision Abbildung 1: IT AU-Modell Customer Interface /… …Business Process IT Process internal 1. Infrastructure and Device Services (global/local) 1.1 Network (global/local) Net.: DMZ (Firewall, IDS ...) and… …Account Management Acc. M.: HW/SW Requests Acc. M.: Customer Care, Reporting 3.3 User Administration 3.4 User Training 4. Support Processes 4.1 IT… …Strategy/Architecture/Standards S. A. S.: Standardization (SLA, OLA) and Standards (Security, Installation, Usage S. A. S.: IT Strategy S. A. S.: IT Architecture Management 4.2 IT…

  Alle Treffer im Inhalt anzeigen
• eBook-Kapitel aus dem Buch Accounting Fraud

  Case 40: Kanebo (Japan, 2005)

  Prof. Dr. Klaus Henselmann, Dr. Stefan Hofmann

  …corporations. It had started making cotton in the 19th century and went on to become the number two in Japan’s cosmetic market. Its principal operations… …discovery of a series of accounting frauds in companies in the Japanese IT industry, and the frauds in Japan reminded many observers of the “Enron… …guilty to falsifying Kanebo’s financial statements. He had taken over the company in 1996, and when it became clear that he couldn’t stop the… …order to improve the company’s operating results and to make it appear solvent. Another method was improperly “de-consolidating” certain Kanebo… …those entries. When they pressed the issue, Hoashi argued that Chuo Aoyama had long accepted the company’s accounting practices and said it was pointless… …auditors. The presiding judge said: “The crime significantly eroded the public trust in the auditing system. It is shameful that they have failed to… …market turmoil in its wake. In a statement, PricewaterhouseCoopers said it would assist Chuo Aoyama in its reform efforts but at the same time… …called “Aarata” (meaning “new and fresh” in Japanese) commenced operations. In the subsequent weeks, it acquired dozens of former Chuo Aoyama clients. In… …addition, about one-fourth of the employees left Chuo Aoyama and joined Aarata. (Given the dire lack of qualified auditors in Japan, it would have been… …2007, Misuzu announced that it was disbanding. In the aftermath of the Kanebo audit failure, the FSA began to investigate the audit practices of…

  Alle Treffer im Inhalt anzeigen
• eBook-Kapitel aus dem Buch Auditing Payroll

  Payroll Run

  DIIR – Deutsches Institut für Interne Revision e. V.

  …49 7 Payroll Run 7.1 Payroll Calculation Salaries and wages are paid to employees on the settlement date. It should always correspond to a fixed… …payment period. The dates of the wage run and the corresponding wage periods can be viewed in the wage calendar. It is im- portant to use a central system… …Calculation It is important that payroll (including compensation and time-based allow- ances such as overtime and deductions) is accurately calculated and… …determine whether the payroll has been accurate- ly calculated and recorded (including compensation and withholdings) and whether it is complete. • Is a… …should enable a payroll administrator to generate a payroll report and send it for approval, preferably online. This process allows the re- sponsible…

  Alle Treffer im Inhalt anzeigen