Kd reference whether formal 2

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: policies? KD Reference: _______________________________ _ Whether formal security and internal control policies identify the organisation's internal control process and includes control components such as: • control environment • risk assessment • control activities • information and communication • monitoring KD Reference: _______________________________ _ Whether issue specific policies exist to document management decisions addressing particular activities, applications, systems or technologies? KD Reference: _______________________________ _ Human Resources Management Whether criteria are used for recruiting and selecting personnel to fill open positions? KD Reference: _______________________________ _ Whether specifications of required qualifications for staff positions take into account relevant requirements of professional bodies where appropriate? KD Reference: _______________________________ _ Whether management and employees are accepting of the job competency process? IT Audit Manual Volume III 15 IT Audit Manual No. 73 74 75 76 77 78 79 80 81 82 Item Yes Response No KD KD Reference: _______________________________ _ Whether training programmes are consistent with the organisation's documented minimum requirements concerning education and general awareness covering security issues? KD Reference: _______________________________ _ Whether management is committed to personnel training and career development? KD Reference: _______________________________ _ Whether technical and management skill gaps are identified and appropriate actions are taken to address these gaps? KD Reference: _______________________________ _ On-going cross-training and back-up of staff for critical job functions occurs KD Reference: _______________________________ _ Whether enforcement of uninterrupted holiday policy occurs? KD Reference: _______________________________ _ Whether organisation's security clearance process is adequate? KD Reference: _______________________________ _ Whether employees are evaluated based on a standard set of competency profiles for the position and evaluations are held on a p...
View Full Document

Ask a homework question - tutors are online