Toby DeRoche – författare

Auditing at the speed of risk requires internal auditors to rethink the way we work. Agile auditing provides a path forward that blends the best elements from agile project management and internal audit best practices.Leaders in internal audit are ready to incorporate an agile audit mindset in their departments, but most of the available resources provide theoretical ideas. Even when outside consultants lead an agile transition, the consultants primarily focus on adding agile ceremonies without addressing the fundamental mindset change required for an agile audit transformation. This book provides a practical guide for audit leaders to follow as a playbook for implementing agile across their department, impacting every facet of the audit lifecycle, and addressing the mental shift required for making a lasting change. Every chapter includes discussion questions to facilitate discourse or just to help you analyze your own department. Next, we look at a typical internal audit department as they attempt the transition from a traditional audit methodology to agile auditing so we can learn from their missteps and successes.The guidance in Agile Audit Transformation and Beyond includes the basics of agile auditing, practical directions for shifting each phase of the audit life cycle, common hurdles faced during the transition, and forward-looking thought leadership on expanding beyond internal audit into agile assurance.

Auditing at the speed of risk requires internal auditors to rethink the way we work. Agile auditing provides a path forward that blends the best elements from agile project management and internal audit best practices.Leaders in internal audit are ready to incorporate an agile audit mindset in their departments, but most of the available resources provide theoretical ideas. Even when outside consultants lead an agile transition, the consultants primarily focus on adding agile ceremonies without addressing the fundamental mindset change required for an agile audit transformation. This book provides a practical guide for audit leaders to follow as a playbook for implementing agile across their department, impacting every facet of the audit lifecycle, and addressing the mental shift required for making a lasting change. Every chapter includes discussion questions to facilitate discourse or just to help you analyze your own department. Next, we look at a typical internal audit department as they attempt the transition from a traditional audit methodology to agile auditing so we can learn from their missteps and successes.The guidance in Agile Audit Transformation and Beyond includes the basics of agile auditing, practical directions for shifting each phase of the audit life cycle, common hurdles faced during the transition, and forward-looking thought leadership on expanding beyond internal audit into agile assurance.

Build and audit cybersecurity controls to better protect your organization from damaging cyber attacks.Cybersecurity Controls is a strategic guide for mid-career IT, cybersecurity and audit professionals who must protect critical systems, reduce enterprise risk and deliver resilience in the face of escalating cyber threats. Written by Toby DeRoche, it shows how to establish the rules, procedures and policies that will protect an organizations. It covers both how to build cybersecurity controls, but also how to validate controls.You'll learn how to:- Build cybersecurity controls- Translate risk assessments and business impact analysis into actionable safeguards- Integrate administrative, physical and technical controls for enterprise-wide protection- Develop a robust control testing strategy that improves assurance - Strengthen collaboration between IT, cybersecurity and audit to validate resilienceWith guidance on strategy, preparation for audits and emerging industry trends and extensive real-world examples, this book equips leaders to make informed decisions, improve control maturity and deliver durable security outcomes.Themes include: cybersecurity governance, IT controls, risk assessment, resilience strategy