Top IT Audit Observations

Presented by: Suz Friedly, Wayne Carpenter, Paul Millis, Shelley Curry & Barry MacDougall | UM Audit Services

Abstract

UM Audit Services performs over 40 audits every year with units across the Ann Arbor, Dearborn, Flint, and Michigan Medicine campuses. Most audits performed are planned with the input of 100+ leaders from across the university, including Michigan Medicine. The President and his executive officers review the plan before it is finalized and approved by the Regents.

Nearly every audit includes aspects of IT controls critical to the audit objectives. The audit findings can provide insight into common IT control gaps. The Audit Services IT team analyzed 5 years of audit findings … over 300 audits in total to identify common IT control gaps, changes over time, and how units addressed the gaps.

This poster session will provide symposium participants an opportunity to learn and discuss these findings and real ways other units have addressed similar gaps in their own units. It will provide units with upcoming audits an opportunity to identify gaps prior to their audit.

Discussions of recurrent control gaps across the university, will allow participants to find creative and effective ways to increase IT security and compliance with university policy, IT standards, laws and regulations and industry guidance.

As with most professions, data analytics is fast becoming a common tool in the internal audit world. This poster session will demonstrate how a small unit was able to quickly review and analyze a vast repository of report text, ideas, and concepts.

#Enterprise IT Risk and Security

Poster Session

  • Poster Session 3: Thursday

Category

  • Current trends/topics/projects

Area(s) of Focus

  • Knowledge
  • Administrative