• Unit Audit Dalam (UAD)
  • audit@um.edu.my
logo
logo
Menu

Information Security

  • Home
  • Information Security

As the organization and stakeholders need evolving over time, be it digital transformation, adoptions of emerging technologies, complexity and changes in regulatory. We assist UM through various assurance activities related to information security and compliance assessments in its day-to-day operations.

In establishing a good information security management, UM adopted ISO/IEC 27001:2013. The implementation of ISMS can also provide a benchmark to the level of data and information security management in UM based on international standards. ISMS will also strengthen the protection of information and ICT assets based on the principles of data or information Confidentiality, Integrity and Availability as well as provide confidence to stakeholders that risks are properly controlled. Apart from the ISMS, SKAD actively refers to COBIT 2019 and GTAG, IIA as well as other guidelines to help SKAD perform IT audits in a broader perspective.

SKAD auditors are qualified to conduct the audit with regards to the standards and best practices. We strive to provide the best possible audit activities in line with current requirement in information security and beyond the normal IT audit.

SKAD analyzing a myriad of audit data using Computerized Audit Tools & Techniques (CAATs). ACL Analytics is the main CAATs used to analyze data for the purpose of identifying risks and trends in every UM work process. As such all SKAD auditors are trained to use ACL Analytics on an ongoing basis to ensure more advanced efficiency and utilization.

SKAD auditors hold professional certificates and the right skillset to perform the audit. From time to time the auditors will increase their knowledge and competency through professional courses, seminar, workshop as well as collaboration with professional bodies and other universities.

We are confident that we are able to give reasonable assurance to UM in information security with our knowledge, appropriate skillset, experiences as well as guidance from the Audit Committee, Management of UM and the Board of Directors.

Aizuddin bin Abdul Ghani

Aizuddin joined the Internal Audit Section in 2010 and has over ten years of expertise in internal auditing and IT auditing. He graduated from the University of Malaya with a Master of Business Administration in internal auditing. He's also a Certified Information Security Management System Auditor, which he acquired professionally (CISMSA).

              

Hazima binti Mohd Saad

Hazima joined the Internal Audit Section in 2007 with 12 years of IT audit. She holds a Bachelor in Accountancy from MARA University of Technology. She maintains professional certification as a Certified Information Security Management System Auditor (CISMSA)

                                                                                                                                                                                                                                                                           

Last Update: 08/09/2022