Kd reference whether acceptance

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: mitigate the risks, threats and exposures? KD Reference: _______________________________ _ Whether acceptance of residual risk, takes into account: • organisational policy • risk identification and measurement • uncertainty incorporated in the risk assessment approach itself • cost and effectiveness of implementing safeguards and controls KD Reference: _______________________________ _ Whether insurance coverage offsets the residual risk? KD Reference: _______________________________ _ Whether formal quantitative and/or qualitative approaches exist to select control measures that maximize return on investment? KD Reference: _______________________________ _ Whether there is a balance between the detection, prevention, correction and recovery measures used? KD Reference: _______________________________ _ Whether formal procedures exist to communicate the purpose of the control measurers? KD Reference: _______________________________ IT Audit Manual Volume III 18 IT Audit Manual No. 101 Item Yes Response No KD Project Management Whether project management framework: • defines scope and boundaries for managing projects • provides for project requests to be reviewed for their consistency with the approved operational plan and projects prioritised according to this plan • defines the project management methodology to be adopted and applied to each project undertaken, including: • project planning • staffing • allocation of responsibilities and authorities • • • • • • • task breakdown budgeting of time and resources milestones checkpoints approvals is complete and current provides for participation by the affected user department (owner/sponsor) management in the definition and authorisation of a development, implementation or modification project • specifies the basis on which staff members are assigned to projects • defines responsibilities and authorities of project team members • • provides for the creation of a clear written statement defining the nature and scope of the project before work on the project begins • provides for an initial project definition document which includes a clear...
View Full Document

{[ snackBarMessage ]}

Ask a homework question - tutors are online