Thank you all, actually i think this should be a multi-stakeholder approach not any single entity. 

Can i ask kicktanet to get a speaker for the upcoming Secure Kenya II in May to talk about this issue?  I will be keen to get a topic around policy and framework? checkout www.isaca.or.ke for the conference details.

I will invite CBK leadership to attend as well. The CS Joe Mucheru will be the chief guest.

Thanks,
Paul Roy.


On Fri, Apr 8, 2016 at 5:31 PM, Ali Hussein <ali@hussein.me.ke> wrote:
Paul

Great initiative. I'm keen to get more details on this as we all know that the old saying:-

G - Garbage
 I -  In 
G - Garbage
O - Out

Holds even more true today in the age of automation than it did before.

Regards  

Ali Hussein
Principal
Hussein & Associates

Twitter: @AliHKassim

Skype: abu-jomo

LinkedIn: http://ke.linkedin.com/in/alihkassim



"Discovery consists in seeing what everyone else has seen and thinking what no one else has thought".  ~ Albert Szent-Györgyi

Sent from my iPad

On 8 Apr 2016, at 2:55 PM, Paul Roy via kictanet <kictanet@lists.kictanet.or.ke> wrote:

Dear Listers,

On November 13, 2015 I wrote to the CBK governor Dr. Njoroge expressing concerns over the conduct of audit firms in Kenya. Top of my agenda was to instill discipline to the auditors in Kenya and restore confidence to shareholders over reported state of their business. This was as a result of the collapse of Imperial bank with blames pointing to weak audit practices and some sort of collusion.

As you may know, I am the current President of ISACA Kenya the body that certifies and regulates IT/System Auditors(CISA). ISACA has a code of conduct for all it's professionals working in the cybersecurity, assurance, audit and risk management functions. All certified members know that they are required to adhere to strict ethical standards.

That's why in the wake of the mounting blames on poor audits and in particular IT audits, as an association we are going to investigate individual auditors and recommend that they are struck off their title should they be found culpable. Further we are going to work with CBK to enforce that all IT/System auditors must be fully certified and also be in good standing with professional bodies ICPAK, ISACA & others.

By holding individuals accountable will help eliminate instances of collusion and professional negligence in performance of IT/System Audits and give shareholders and the regulator a true reflection of their financial institutions.

Your views and suggestions are welcome.

regards,

Paul Roy Owino.
ISACA President.



_______________________________________________
kictanet mailing list
kictanet@lists.kictanet.or.ke
https://lists.kictanet.or.ke/mailman/listinfo/kictanet

Unsubscribe or change your options at https://lists.kictanet.or.ke/mailman/options/kictanet/info%40alyhussein.com

The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.

KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.



--
"Change is slow and gradual. It requires hardwork, a bit of
luck, a fair amount of self-sacrifice and a lot of patience."

Roy.