Due diligence, fiduciary responsibility, statutory liability, regulatory compliance and internal control are not words normally associated with IT departments – at least not by IT professionals. Nevertheless, these concepts form part of the IT governance for which executive management is ultimately responsible. Computer security, well designed IT organizations, documented policies, standards and procedures can provide a level of comfort – but are far from sufficient when measured against the 21st century expectations of shareholders, governments and the public.
Jerrard Gaertner
Director, Technology Assurance Service, Soberman LLPJerrard Gaertner is Director, Technology Assurance Services at Soberman LLP. A graduate of MIT, he is a chartered accountant (specialties in information systems auditing and IT), certified in the governance of enterprise IT, a Certified Information System Security Professional and Information Technology Certified Professional. He has conducted a wide variety of statutory computer audits, security reviews and computer fraud investigations and now advises Boards of Directors on technology strategy, IT governance and risk management. His clients include governments and public companies.
