Kd reference whether formal

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: eral aims and directives? KD Reference: _______________________________ _ Whether formal awareness programme exists to provide ongoing communication and training related to management's positive control environment? KD Reference: _______________________________ ___________________________________________ Whether organisation policies and procedures exist to ensure that appropriate and adequate resources are assigned to implement the organisation's policies in a timely manner? KD Reference: _______________________________ _ Whether appropriate procedures are in place to ensure personnel understand the implemented policies and procedures, and that the policies and procedures are being followed? IT Audit Manual Volume III 14 IT Audit Manual No. 63 64 65 66 67 68 69 70 71 72 Item Yes Response No KD KD Reference: _______________________________ _ Whether IT policies and procedures define, document and maintain a formal philosophy policies and objectives governing quality of systems and services produced which are consistent with the organisation's philosophy, policies and objectives? KD Reference: _______________________________ _ Whether IT management ensures that the quality philosophy, policies and objectives are understood, implemented and maintained at all levels of the IT function? KD Reference: _______________________________ _ Whether procedures exist which address the need to periodically review and re-approve key standards, directives, policies and procedures relating to information technology? KD Reference: _______________________________ _ Whether senior management has accepted full responsibility for developing a framework for the overall approach to security and internal control? KD Reference: _______________________________ _ Whether security and internal control framework document specifies the security and internal control policy, purpose and objectives, management structure, scope within the organisation, assignment of responsibilities, and definition of penalties and disciplinary actions associated with failing to complying with security and internal control...
View Full Document

This note was uploaded on 10/27/2013 for the course LAW 10-100 taught by Professor Parsons during the One '10 term at Bond College.

Ask a homework question - tutors are online