the same is true for the third thrust the systems

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: Controls); and third to assess the controls being provided for the management of the system's operation (System Management Controls). The first thrust is pursued by having the auditor attend project and steering committee meetings, examining project control documentation and conducting interviews. As for the second thrust, the auditor is limited to examining system documentation, such as functional specifications, to arrive at an opinion on controls.. The same is true for the third thrust, the system's operational controls. IT Audit Manual Volume III 72 IT Audit Manual Audit Checklist : I PROJECT INITIATION PHASE (PI) At this stage, terms of reference for the project should be formally defined and the project control parameters established. Procedures involve performing a preliminary review of the existing system (including manual system) to assess the need for change and the nature of the suggested changes. The "problem" must be defined. A potential solution should be conceptualized for reference during the feasibility study phase. The description of the solution need not be so detailed that it prejudices the alternatives examined during the feasibility study. At this time all external and internal constraints (cost, time, legislation, departmental guidelines, user needs, etc.) should be identified along with their impact on the problem and the solution. This phase produces a Project Initiation Report. Audit objective: To establish that project is formally initiated and that appropriate project control measures exist. Checklist (PI) PI.1. Review the business and ensure a formal business case exists for the project. PI.2. Ensure that a Project Initiation document exists and it has the approval of the competent authority. PI.3 If yes, then verify that the Project Initiation document contains at least the following features: Broad reasons for undertaking the Project, such as: The problem to be remedied or process to be improved, and/or Enhancing the organisation's ability to achieve its goals, and/or Description of the deficiencies in relevant existing system; and/or The opportunities that would be provided for increasing economy or efficiency of operations; and/or Internal controls and security need...
View Full Document

This note was uploaded on 10/27/2013 for the course LAW 10-100 taught by Professor Parsons during the One '10 term at Bond College.

Ask a homework question - tutors are online