Has there been adequate capacity planning for the

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: Was the system planned and developed in a systematic manner taking into account the business and security requirements of the user departments and the ease of use by the citizens? IT Audit Manual Volume III 98 IT Audit Manual OPERATIONAL ISSUES KD reference • Have the requirements of all the departments concerned been considered? • Is there a formal and proper process in place for procuring/developing technical solutions? • Are standard products and solutions used where feasible? • Is there a middleware in place to connect the front end with the back end systems (possibly legacy systems) in various departments? • Has there been adequate capacity planning for the hardware? • Is the application software compatible with the back end applications in the departments? • Is the system scaleable to include the provision of new services? • Is there adequate bandwidth to provide speedy services? • What is the periodicity of information updation? SECURITY ISSUES • Is a risk management methodology followed for identifying and addressing risks? • Is security considered at various stages of system design, development and implementation? • Are there adequate physical and logical access controls? • How secure is the network? • Are there firewalls and intrusion detection systems in place? • What is the mechanism for identification and authentication of citizens? IT Audit Manual Volume III 99 IT Audit Manual OPERATIONAL ISSUES • KD reference Can the public view the data/update the data dynamically/transact on-line? BUSINESS CONTINUITY PLAN • Is there an approved, documented and tested business continuity/disaster recovery plan? • What is the timeframe for turnaround after a disaster? • What is the security mechanism at the alternate site? HUMAN RESOURCES • Was the staffing requirement evaluated and provided for? • Were the key e-government positions identified, defined and filled? • Do the personnel know their responsibilities and are they competent to discharge them? • Was there an analysis of the skills requirement of the personnel and was training prov...
View Full Document

Ask a homework question - tutors are online