[kictanet] Why ISACA is cracking the whip on individual auditors

Walubengo J jwalu at yahoo.com
Fri Apr 8 16:45:53 EAT 2016


My bad,
CBK does provide comprehensive guidelines on IS/IT audits for banks as @
https://www.centralbank.go.ke/images/docs/legislation/risk-management-guidelines-january-2013.pdf

Pg 53: ICT Risk Management.
The guidelines are straight out of the ISACA manuals.
So the problem is not that folks are not aware of what needs to be done. Perhaps it is a simple case of not doing what the regulation demands.  With the new CBK governor cracking whip, perhaps things will improve - assuming he stays long enough before our MPs find a clause to delete him :-)
walu.
      From: Walubengo J via kictanet <kictanet at lists.kictanet.or.ke>
 To: jwalu at yahoo.com 
Cc: Walubengo J <jwalu at yahoo.com>
 Sent: Friday, April 8, 2016 4:23 PM
 Subject: Re: [kictanet] Why ISACA is cracking the whip on individual auditors
   
Mr. President Paul Roy,
I totally concur.
We must stop the 'Enron' effect from consuming us in .KE
As for IS/IT Audits, I suspect that they are rarely (or perhaps shoddily) done since they seem not to be explicitly expected @https://www.centralbank.go.ke/index.php/regulations-and-guidelines

As such, Info Systems Audits tend to be an 'after-thought' executed after the Accounting professionals are with the Financial audits.
As the Ministry of ICT embarks on reviewing the ICT policy, this point should be at the back of our mind -how to lay the blueprint for future legislation around IS/IT audits.
walu.

      From: Paul Roy via kictanet <kictanet at lists.kictanet.or.ke>
 To: jwalu at yahoo.com 
Cc: Paul Roy <roykoikai at gmail.com>
 Sent: Friday, April 8, 2016 2:55 PM
 Subject: [kictanet] Why ISACA is cracking the whip on individual auditors
  
Dear Listers,
On November 13, 2015 I wrote to the CBK governor Dr. Njoroge expressing concerns over the conduct of audit firms in Kenya. Top of my agenda was to instill discipline to the auditors in Kenya and restore confidence to shareholders over reported state of their business. This was as a result of the collapse of Imperial bank with blames pointing to weak audit practices and some sort of collusion.
As you may know, I am the current President of ISACA Kenya the body that certifies and regulates IT/System Auditors(CISA). ISACA has a code of conduct for all it's professionals working in the cybersecurity, assurance, audit and risk management functions. All certified members know that they are required to adhere to strict ethical standards.
That's why in the wake of the mounting blames on poor audits and in particular IT audits, as an association we are going to investigate individual auditors and recommend that they are struck off their title should they be found culpable. Further we are going to work with CBK to enforce that all IT/System auditors must be fully certified and also be in good standing with professional bodies ICPAK, ISACA & others.
By holding individuals accountable will help eliminate instances of collusion and professional negligence in performance of IT/System Audits and give shareholders and the regulator a true reflection of their financial institutions.
Your views and suggestions are welcome.
regards,
Paul Roy Owino.ISACA President.



_______________________________________________
kictanet mailing list
kictanet at lists.kictanet.or.ke
https://lists.kictanet.or.ke/mailman/listinfo/kictanet

Unsubscribe or change your options at https://lists.kictanet.or.ke/mailman/options/kictanet/jwalu%40yahoo.com

The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.

KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.

   
_______________________________________________
kictanet mailing list
kictanet at lists.kictanet.or.ke
https://lists.kictanet.or.ke/mailman/listinfo/kictanet

Unsubscribe or change your options at https://lists.kictanet.or.ke/mailman/options/kictanet/jwalu%40yahoo.com

The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.

KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.

  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20160408/bec28fab/attachment.htm>


More information about the KICTANet mailing list