On 26 and 27 May, in cooperation with dab:Software, the dab:Group was present on the 10th DIIR - IT Conference in Frankfurt as silver sponsor. The event dealt with "current developments, methods, IT security, tools, and technology."
A variety of lectures delivered the IT audience a refresher of known, but also the development of new areas of inquiry.
For example the term "bring-your-own-device" was discussed in the presentation of Ms. Claudia Stange-Gathmann (Authorised Representative, Ebner, Dr. Stolz GmbH & Co. KG, Hamburg). Clearly has been shown, how much work a connection of thus devices at the IT departments are and which are the legal circumstances, such as loss of a private employee device with corporate data access. This topic is already known within the IT department and will be there in the future more and more.
The mass data analysis and various applications such as continuous auditing where discussed in lectures too.
Mr. Artur Kalinicheko (Internal Audit, BASF SE, Ludwigshafen, Germany) detailed the difference between Continuous Auditing and Continuous Monitoring. Finally stating the difference is only marginally and is mainly because which department performs and executes the continuous analysis. In addition, there was agreement that a continuous auditing / monitoring can miss the real benefits quickly with insufficient focus.
The presentation "Integration of mass data analysis in the business process-oriented audit approach" brought the audience on the one hand the necessity closer and also showed the direct application in a tool. Small critical note, the analytic steps were executed manually and this is in my opinion not the current state of the art.
In sum, we can state that the 10 DIIR IT conference was a solid event with updates and views on the IT audit field. Moreover, the participants use the event to encourage the exchange of information among each other.
Best Regards Florian Popan
P.S. For questions or comments please feel free to contact us at firstname.lastname@example.org.