It audit manual volume iii 11 it audit manual 43 kd

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: on a regular basis? IT Audit Manual Volume III 11 IT Audit Manual 43 KD Reference: _______________________________ _ Whether policies and procedures exist for describing supervisory practices to ensure that roles and responsibilities are properly exercised, and all personnel have sufficient authority and resources to perform their roles and responsibilities? KD Reference: _______________________________ _ IT Audit Manual Volume III 12 IT Audit Manual No. Item 44 Whether segregation of duties exists between the following pairs of units: • systems development and maintenance • systems development and operations • systems development/maintenance and information security • operations and data control • operations and users • operations and information security KD Reference: _______________________________ _ Whether IT staffing and competence is maintained to ensure its ability to provide effective technology solutions? KD Reference: _______________________________ _ Whether policies and procedures exist for the evaluation and re-evaluation of IT position (job) descriptions? KD Reference: _______________________________ _ Whether appropriate roles and responsibilities exist for key processes, including system development life cycle activities (requirements, design, development, testing), information security, acquisition and capacity planning? KD Reference: _______________________________ _ Whether appropriate and effective key performance indicators and/or critical success factors are used in measuring results of the IT function in achieving organisational objectives? KD Reference: _______________________________ _ Whether IT policies and procedures exist to control the activities of consultants and other contract personnel, and thereby ensure the protection of the organisation's assets? KD Reference: _______________________________ _ Whether procedures applicable to contracted IT services for adequacy and consistency with organisation acquisition policies? KD Reference: _______________________________ _ Whether processes exist to coordinate, communicate and document interests both inside and outside...
View Full Document

Ask a homework question - tutors are online