institute of internal auditors in b&h - Udruženje internih revizora BiH
institute of internal auditors in b&h - Udruženje internih revizora BiH
institute of internal auditors in b&h - Udruženje internih revizora BiH
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Višnja Komnenic, univ.spec. <strong>in</strong>f., dipl. <strong>in</strong>g. el.<br />
"ICT Security Audit accord<strong>in</strong>g ISO 27001 and 27002 "<br />
In all modern companies that rely on <strong>in</strong>formation system <strong>in</strong> ther operations, there is a need for<br />
for <strong><strong>in</strong>ternal</strong> audit <strong>of</strong> IT system safety. The whole audit<strong>in</strong>g process as well as IT security audit<strong>in</strong>g<br />
depends on the concept <strong>of</strong> <strong><strong>in</strong>ternal</strong> controls <strong>in</strong> all parts <strong>of</strong> bus<strong>in</strong>ess. Top management must be<br />
assured that the company IT systems operates <strong>in</strong> a controlled environment and that the adequate<br />
controls are <strong>in</strong> place. Exactly <strong>of</strong> that the clear vision <strong>of</strong> the future <strong>of</strong> provid<strong>in</strong>g IT security audits<br />
can be perceived, as well as the future development <strong>of</strong> IT audit pr<strong>of</strong>ession.<br />
Sonja Jovanovic, Ernst & Young d.o.o. Beograd<br />
Natasa Vuksic, Ernst & Young d.o.o. Beograd<br />
"Code <strong>of</strong> ethics, comunication <strong>in</strong> <strong><strong>in</strong>ternal</strong> audit"<br />
An effective Internal Audit function has to f<strong>in</strong>d the balance between risk, cost and value. Not<br />
hav<strong>in</strong>g that balance results <strong>in</strong> sub-optimization creates a value gap. Issues could lie <strong>in</strong> the areas<br />
<strong>of</strong> enablement or competency, or both. From an enablement perspective, Internal Audit may<br />
not be aligned with the bus<strong>in</strong>ess risks, may be us<strong>in</strong>g out-<strong>of</strong>-date technology or may not know<br />
how to prioritize effectively. In terms <strong>of</strong> capabilities, the Internal Audit function may not have<br />
the <strong>in</strong>dustry <strong>in</strong>sight and functional <strong>in</strong>sight it needs. It may have <strong>in</strong>flexible staff<strong>in</strong>g models. Or it<br />
may lack skills <strong>in</strong> specific areas, such as tax or IT. Both types <strong>of</strong> gaps can limit Internal Audit’s<br />
ability to operate at higher levels. Identify<strong>in</strong>g these challenges — and establish<strong>in</strong>g solutions to<br />
address them — will form the foundation <strong>of</strong> the bus<strong>in</strong>ess case for change.<br />
Pr<strong>of</strong>. dr. Vera Leko<br />
dr. Danica Leko<br />
"Contol <strong>of</strong> public f<strong>in</strong>ances"<br />
Studies on issues <strong>of</strong> public f<strong>in</strong>ances’ controls on <strong>in</strong>ternational level, and especially <strong>in</strong> Serbia, are<br />
covered <strong>in</strong> this paper. By analyz<strong>in</strong>g world trends <strong>in</strong> the sphere <strong>of</strong> public assets’ control, it can be<br />
concluded that currently there is almost no county without some k<strong>in</strong>d <strong>of</strong> state control over<br />
public f<strong>in</strong>ances. In most <strong>of</strong> the countries, supervision over public assets is under direct or<br />
<strong>in</strong>direct supervision <strong>of</strong> the Parliament. Parliament, as the highest Regulatory body approv<strong>in</strong>g the<br />
level <strong>of</strong> public assets (<strong>in</strong>comes and expenses) is controll<strong>in</strong>g annual f<strong>in</strong>ancial reports as well as<br />
the efficiency <strong>of</strong> national asset consumption. Studies <strong>of</strong> this subject on <strong>in</strong>ternational level are<br />
show<strong>in</strong>g that each country with<strong>in</strong> their own scope <strong>of</strong> controls is giv<strong>in</strong>g special contribution on<br />
establishment <strong>of</strong> <strong><strong>in</strong>ternal</strong> control system. In western developed countries, this <strong><strong>in</strong>ternal</strong><br />
pr<strong>of</strong>essional control mechanism over the public asset is done by the <strong><strong>in</strong>ternal</strong> control. In order to<br />
put <strong>in</strong> place this control, most <strong>of</strong> the parliaments abroad have brought laws on public assets’<br />
audit, which is therefore becom<strong>in</strong>g pr<strong>of</strong>essional control function.<br />
11