To industry expectations or user alternative sourcing

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: pment Telecommunications usage Applications development and support Administrative overhead External vendor service costs Help desk Facilities and maintenance Direct/indirect costs Fixed and variable expenses Sunk and discretionary costs • for regular reporting to users on performance for the various cost categories • report to users on external benchmarks regarding cost effectiveness so as to allow comparison to industry expectations, or user alternative sourcing for services • for timely modification to cost allocations to reflect changing business needs formally approve and accept charges as received • identify IT improvement opportunities to reduce chargebacks or get greater value for chargebacks KD Reference: _______________________________ _ Whether reports provide assurance that chargeable items are identifiable, measurable and predictable? KD Reference: _______________________________ _ Whether reports capture and highlight changes in the underlying cost components or allocation algorithm? KD Reference: _______________________________ _ Educate and train users Whether policies and procedures relating to ongoing security and controls awareness exist? KD Reference: _______________________________ _ Whether there is an education/training programme focusing on information systems security and control principles? KD Reference: _______________________________ _ Whether new employees are made aware of security and control responsibility with respect to using and having custody of IT resources? KD Reference: _______________________________ ___________________________________________ IT Audit Manual Volume III 44 IT Audit Manual No. Item 72 Whether there are policies and procedures in effect relating to training and they are current with respect to technical configuration of IT resources? KD Reference: _______________________________ _ Whether availability of in-house training opportunities and frequency of employee attendance? KD Reference: _______________________________ _ Whether availability of external technical training opportunities and frequency of employee attendance? KD Reference: _______________________________ _ Whether a training function is assessing training needs of personnel with respect to security and controls, and translating those needs into in-house or external training opportunities? KD Reference: _______________________________ _ Whether all employees are required to attend security and control awareness training on...
View Full Document

Ask a homework question - tutors are online