IT Auditing: IT Outsourcing
- Balancing Risk vs. Reward
CISA, is a 25-year
seasoned Internal Audit Professional with experience in
services, state government and healthcare.
Michael’s responsibilities have
Internal Audit, Performance
Appraisal, TQM, and Information Security.
Michael is a recipient of the prestigious "Tom Johnson
Achievement" award granted by the New York Chapter of The
is very active with The IIA as both Past President of the
York Chapter and a member of the Board of Governors.
He has served as a member of the Executive
of the ISACA New
York Chapter and a member of the
Michael is a frequent instructor and seminar leader for The
of Internal Auditors, USDA Graduate School, and the Foundation
Accounting Education (FAE) teaching various seminars
published several articles including Internal Auditor Toolkit,
Internal Auditing and
the New Model Economy, Outsourcing Self Test, Auditing
Companies, and Auditing at the Crossroads.
Auditors Best Practices
Auditors Standards and
- CISA Review
- COSO Self
- EDP Auditing
- Auditing a
Fraud: A Proactive
Local Area Networks
Auditing: Hitting the Hot
Michael is an Adjunct Professor at
College teaching Accounting
Information Systems and Internal Audit. He was a driving
developing the Internal
Audit curriculum at Baruch College.
His electronic publications include "IT Auditing: The
Auditing: New Systems", “Modern Integrated
(a complete seminar
including PowerPoint slides accompanied with a digital
available on CD-ROM for both individual and chapter use at http://www.pleier.com.
Technology (IT) functions has gone from a specialized trend
to an integral component of today’s modern business
properly managed, the benefits derived from such an approach
substantial, both from a cost and efficiency standpoint.
IT Auditing: IT
Risk vs. Reward
However, in the rush to eliminate costs from the financial
managing the transition, actually achieving measurable
understanding risks inherent in outsourcing IT functions
be a mysterious world. Coupled with the issues related to
IT activities, this complex process is fraught with error,
inadequate or non-existent control, and operational
Finally, changes in the regulatory, legal and compliance
increase the difficulty in achieving superior performance and
in the company becoming overly reliant on the outsource vendor
process critical IT functions.
Michael’s latest electronic publication, “IT Auditing:
Balancing Risk vs. Reward” navigates the outsource / off-shore
by illustrating IT risks and controls that management needs to
consider before, during, and after IT functions are migrated
outsource vendor. He regularly reminds the viewer that
outsource the function, but not the risk!”
You can outsource the
but not the risk!
As an Audit Director and Information Technology Auditor with
years experience in the profession, Michael Lapelosa grappled
issues related to outsourcing / off-shoring for such major
Mellon Bank; Cushman and Wakefield; and First Data
Corporation. As a
result, he is in a unique position to provide insight
pitfalls to avoid and critical success factors.
Throughout this digital product Michael shares a standardized
he has developed which provides the viewer with a presentation
consisting of 82 information packed slides. In addition,
usual, he has prepared an extensive audit work program that
the shelf” or customized as needed.
Auditing: IT Outsourcing - Balancing Risk vs. Reward"
the link above to access the
The 82-slide self-paced PowerPoint offers some excellent
to the world of IT Outsourcing with an
emphasis on opportunities for internal audit to add value in
The PowerPoint material highlights numerous insights to that
Audit Opportunities to Add Value
Methodology & Objectives
Pitfalls to Avoid
Critical Success Factors
Outsourcing - Balancing Risk vs. Reward" Audit Program
Open in MS Word -
landscape on 81/2" x 11" paper
Open in MS Word -
landscape on 81/2" x 14" paper
a link above to access an actual 13-page audit program with
audit steps is in MS Word
format that follows and
supplements the ideas presented in the PowerPoint
program can be used to help develop an approach to
deploying IT Audit resource productively to the audit of "IT
Outsourcing" or to modify your current approach.
approach ensures the audit objectives of these audits since
controls are addressed in audit program with Work Paper
This audit program addresses specific audit concerns in
Governance and Oversight Framework
Vendor Selection and
If you like the quality of this
product please check http://www.pleier.com
for additional resources.
tell other Audit Professionals during your sharing about these