Kd reference whether standards

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: ly and appropriately defined? KD Reference: _______________________________ _ Whether standards define the default classification for data assets which do not contain a data classification identifier? KD Reference: _______________________________ _ Whether IT policies and procedures address the following: • authorisation process is in place requiring the owner of the data (as defined in the data ownership policy) to authorise all access to that data and to the security attributes of the data • security levels are defined for each data classification • access levels are defined and are appropriate for the data classification • access to sensitive data requires explicit access levels and data is only provided on a "need to know" basis KD Reference: _______________________________ _ Technology Direction Whether there is a process for creating and regularly updating the technological infrastructure plan for confirming that proposed changes are first examined to assess associated costs and risks and that senior management sign-off is obtained prior to making changes to the plan? KD Reference: _______________________________ _ IT Audit Manual Volume III 9 IT Audit Manual 18 19 No. 20 21 22 23 24 25 26 27 28 29 Whether technological infrastructure plan is compared to the IT long- and short-range plans? KD Reference: _______________________________ _ Whether there is a process for evaluating the organisation's current technological status to ensure that it encompasses aspects such as systems architecture, technological direction and migration strategies? KD Reference: _______________________________ _ Item Yes Response No KD Whether the IT policies and procedures ensure addressing the need to evaluate and monitor current and future technology trends and regulatory conditions, and that they are taken into consideration during the development and maintenance of the technological infrastructure plan? KD Reference: _______________________________ _ Whether the logistical and environmental impact of technol...
View Full Document

This note was uploaded on 10/27/2013 for the course LAW 10-100 taught by Professor Parsons during the One '10 term at Bond College.

Ask a homework question - tutors are online