Item yes response no kd kd reference

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: nce of the IT function? Item Yes Response No KD KD Reference: _______________________________ _ Whether senior management ensures roles and responsibilities are carried out? KD Reference: _______________________________ _ Whether policies exist for outlining roles and responsibilities for all personnel within the organisation with respect to information systems, internal control and security? KD Reference: _______________________________ _ Whether regular campaigns exist to increase internal control and security awareness and discipline? KD Reference: _______________________________ _ Whether quality assurance function and policies exist? KD Reference: _______________________________ _ Whether quality assurance function has sufficient independence from system development personnel, and adequate staffing and expertise to perform its responsibilities? KD Reference: _______________________________ _ Whether processes are in place within quality assurance to schedule resources and ensure completion of quality assurance testing and sign-off before systems or system changes are implemented? KD Reference: _______________________________ _ Whether management has formally assigned organisation-wide responsibility for formulation of internal control and security (both logical and physical) policies and procedures to a security officer? KD Reference: _______________________________ _ Whether security officer's understanding of the office's roles and responsibilities are adequately understood and demonstrated as consistent with the organisation's information security policy? KD Reference: _______________________________ _ Whether organisation's security policy clearly defines responsibilities for information security that each information asset owner (e.g., users, management, and security administrators) is required to perform? KD Reference: _______________________________ _ Whether policies and procedures exist, covering data and system ownership for all major data sources and systems? KD Reference: _______________________________ _ Whether procedures exist to review and maintain changes in data and system ownership...
View Full Document

Ask a homework question - tutors are online