Meet eSAC, IIA's New Model for Technology Audits

Posted by accountingweb on 695 printer friendly

At Fidelity Investments, the internal auditors use a heat map to discuss concerns and issues related to information technology (IT). The heat map communicates priorities and potential consequences though a range of colors from gray or white (cool) through blue and green to yellow (caution)and orange or red (hot). This innovative presentation is based on the eSAC Model recently developed by the Research Foundation of the Institute of Internal Auditors (IIA).

The Foundation named its model eSAC to reflect the nature of today’s e-business models and the accompanying need for Electronic Systems Assurance and Control. A key purpose of the model is to provide management and auditors with a practical framework for relating basic assurance objectives to the dynamic environments in which companies operate today.

The basic assurance objectives included in the eSAC Model are:

  • Availability: The system is able to receive, accept, process, and support transactions at all times, as required, (e.g., 7 days a week, 24 hours a day, 365 days a year).
  • Capability: The system allows for end-to-end reliable, timely completion and fulfillment of all transactions.
  • Functionality: The system provides necessary facilities, responsiveness, and ease-of-use to meet user needs and expectations.
  • Protectability: The system includes logical and physical security controls ensure authorized access and deny unauthorized access to servers, applications, and information assets.
  • Accountability: The transaction processing is accurate, complete, and non-refutable.

The model also incorporates the building blocks that make assurances possible, (i.e., people, technology, processes, investment, and communication), the external forces that impact assurances, (e.g., ever-increasing interaction, interconnectivity, and system sharing with customers, competition, regulators, community, and owners), and difficult-to-monitor intangibles, such as the speed of change and external interdependencies (e.g., providers, alliances, and agents).

Learn more about eSAC.

-Rosemary Schlank

Tags 
Auditing

Voice of the Editor

Results from a recent AICPA survey disclosed the two top priorities for CPA firms as they plan for the future: bringing in new business and finding talent. Our goal at Sift Media is to help our readers deal with the issues most important to them. One way in which we are doing this is through the launch of our new recruitment/placement service, Going Concern Jobs. Check it out today for your talent needs.
Read more
Gail Perry, CPA
Publisher/Editor-in-Chief, AccountingWEB
editor@accountingweb.com
ADVERTISEMENT

This Week on AccountingWEB

Russ Wilson of Moss Adams talks with us about the firm's collaboration with WWU in educating and developing talented accounting and business professionals.
Plante Moran CPAs Gordon Krater, Alicia Sturtevant, and Susan Perline spoke with AccountingWEB about the firm's Women in Leadership initiative.
Jeff Thomson, CMA, president and CEO of the IMA, talks with us about the 2013 jobs market for accounting professionals.
Todd Lisle of BKD LLP and Amy Welch of OSCPA share their stories of helping tornado victims in Moore, Oklahoma.
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT