IT AUDIT Questionnaire (IT Audit).pdfFull description
Deskripsi lengkap
Full description
auditDeskripsi lengkap
Solution ManualDeskripsi lengkap
Computer Information Systems
Auditing in CIS Environment
Answer key in Hunton IT Audit
Full description
Deskripsi lengkap
Computer Information Systems
Auditing in CIS Environment
testbank for IT class quiz 1
Information Systems Audit Manual and Checklist.
Information Systems Audit Manual and Checklist.Full description
lectureDeskripsi lengkap
auditFull description
auditDeskripsi lengkap
auditDeskripsi lengkap
ENTITY NAME GOES HERE March 31, 20XX
IT ENVIRONMENT DOCUMENT
Purpo! o" Docu#!$% This is a PLANNING document that is intended to provide a high level overview of the general IT environment. It is important to note that the work documented is NOT sufficient, ! itself, to conclude that IT controls are operating effectivel!.
o/ is t!e IT %ud"et dete*mined and cont*olled0 ae any *epo*ts %een issued %y inte*nal audit o* ot!e* pa*ties on t!e IT eni*onment o* on specific financial applications e.".2 ITS0$ If so2 /!at /e*e t!e main findin"s0 /u%ur! D'r!c%'o$ a$* I$'%'a%'!. A*e t!e*e si"nificant IT actiities outside t!e IT function0 6!at is t!e futu*e di*ection of IT /it!in t!e o*"ani7ation i.e. IT st*ate"y$0 Is t!e*e a documented and up to date IT st*ate"ic plan0 6!at mao* IT initiaties a*e planned2 /it!in t!e net 1mont!s and in t!e lon" te*m0 u'$!C+'!$% N!!*. o/ does non satisfaction0 6!at a*e t!e *esults of latest su*ey0 o/ does t!e IT function %enc!ma*@ its ope*ations /it! ot!e* o*"ani7ations0 Or(a$'4a%'o$ S%ruc%ur!. 6!at is t!e IT o*"ani7ation st*uctu*e0 6!o does t!e ead of IT *epo*t to0 o/ does mana"ement ensu*e t!e app*op*iate se"*e"ation of duties /it!in t!e IT function fo* eample2 data%ase administ*ato*2 net/o*@ administ*ato*2
I#p+!#!$%a%'o$ a$* Ma'$%!$a$c!. App+'ca%'o$ S)%!# So"%5ar! S)%!# Da%aa! Is a fo*mal systems deelopment met!odolo"y used0 6!at ne/ financial systems !ae %een implemented0
Docu#!$%a%'o$
O!ra%'o$ a$* R!"!r!$c!
ENTITY NAME GOES HERE March 31, 20XX
3& u'$! Co$%'$u'%) C+'!$% Co$%ac%-. Po'$% o" /ocu # 3.1 as t!e o*"ani7ation add*essed %usiness continuity plannin" and disaste* *ecoe*y plannin" issues0 3.- as mana"ement put in place a system to test t!ese plans on a pe*iodic %asis0 6!en /as it last tested0 3.3 'oes mana"ement !ae a fo*mal p*ocess *e"a*din" t!e %ac@up of financial info*mation i.e. %ac@up f*euency2 %ac@up testin"2 *etention pe*iod and sto*a"e location$0
Docu#!$%a%'o$
O!ra%'o$ a$* R!"!r!$c!
ENTITY NAME GOES HERE March 31, 20XX
6& I$"or#a%'o$ S!cur'%) C+'!$% Co$%ac%-. Po'$% o" /ocu # 4.1 o/ does mana"ement ensu*e t!at Access to t!e IT eni*onment e.".2 data%ase2 net/o*@2 ope*atin" system2 !a*d/a*e o* applications$ a*e mana"ed app*op*iately0 4.'oes t!e o*"ani7ation !ae a secu*ity policy0 4.3 6!o is *esponsi%le fo* administe*in" t!e secu*ity policy0 4.4 o/ is t!e policy communicated to employees and cont*acto*s and enfo*ced0 4.5 o/ does mana"ement ensu*e t!at use*s *eceie app*op*iate education and t*ainin" on info*mation secu*ity0 4.8 6!en /as t!e most *ecent T!*eat and Bis@ Assessment TBA$ done0
Docu#!$%a%'o$
O!ra%'o$ a$* R!"!r!$c!
ENTITY NAME GOES HERE March 31, 20XX
7& I$"or#a%'o$ S)%!# Op!ra%'o$ C+'!$% Co$%ac%-. Po'$% o" /ocu # 5.1 o/ is info*mation *e"a*din" any p*o%lems /it! systems communicated to non
Docu#!$%a%'o$
O!ra%'o$ a$* R!"!r!$c!
ENTITY NAME GOES HERE March 31, 20XX
8& R!+a%'o$h'p 5'%h Ou%ourc!* V!$*or C+'!$% Co$%ac%-. 9 Po'$% o" /ocu 8.1 Is use made of outsou*ced se*ice p*oide*s0 If so2 identify /!at @ey components !ae %een outsou*ced and p*oide Se*ice eel A"*eements. 8.- 6!o is *esponsi%le fo* monito*in" se*ice delie*y of t!e outsou*ced se*ice p*oide*0 8.3 A*e t!e*e *epo*ts fo* T!i*d Pa*ty Assu*ance p*oided %y a endo* o* !ost0 CICA Section 59;? o* SAS;?$
Docu#!$%a%'o$
O!ra%'o$ a$* R!"!r!$c!
ENTITY NAME GOES HERE March 31, 20XX
:& N!%5or; Suppor% C+'!$% Co$%ac%-. 9 Po'$% o" /ocu ;.1 'oes t!e o*"ani7ation !ae a net/o*@ dia"*am0 6!en /as it last updated0 ;.- 6!at p*ocess is in place to maintain t!e net/o*@ dia"*am e.".2 o/ne*2 f*euency0$