Bring your own Device (BYOD)
Remember that you are writing these papers from an auditor’s perspective asking the question, “How would I test these IT controls?” This will be part of your critical thinking grade.
1. FACTS: Present the FACTS about BYOD in business today. How many companies have adopted these ideas in part or in full? What are the predicted trends for the future of BYOD?
In expressing your answer, evaluate based on the following:
– How does BYOD fit into client’s needs in light of regulations and security baselines?
– What policies need to be established and enforced to ensure confidentiality, Integrity, and availability?
– How would an organization monitor and test compliance with regulatory guidelines?
2. POSITIVES: What have been some positive experiences with BYOD? What have companies found that has made this a good idea? What are some of the budget savings that companies have experienced? Are there any “pleasant surprises” or side-affects that have been obtained? What good “tips/best practices” have successful companies used to make this a good undertaking?
3. NEGATIVES: What problems have companies had with BYOD? What are some of the negative aspects of BYOD? Have there been problems that were not anticipated? Has there been any negative influence on the IT budget process? What are some areas of networking and security that are causing issues or potential problems? Are there instances where BYOD has jeopardized the regulatory compliance of organizations? Provide examples and what problems should have been addressed?
4. AFFECT ON IT (and other) AUDITS: Have there been any negative consequences on the auditing of data and information? What are some problems for companies that might be anticipated with the storage and retrieval of business records from devices they do not own? What are some of the unique challenges that auditors might face in the future as the trend of BYOD continues to grow?