Budget variances not adequately monitored and

Info icon This preview shows pages 4–7. Sign up to view the full content.

View Full Document Right Arrow Icon
Budget variances not adequately monitored and evaluated may result in department budget overdrafts, or project cost overruns. Improper classification of costs may cause regulatory compliance concerns (A-21, cost accounting standards). Recharge methodologies and Page 4 of 13
Image of page 4

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
UC Core Audit Program Audit Program and Internal Control Questionnaire Network Management overhead rate calculations may not provide adequate funding for continued level of service. B. The following procedures should be considered whenever the core audit is conducted. Financial Support 1. Evaluate the budget and plan for network growth and equipment replacement. 2. Evaluate budgeted staff compensation. Will this reasonably ensure a proper level of talent to adequately support the network? 3. Review training levels and plans for network staff. 4. Where contracts are used for maintenance and support, are they at an appropriate level to provide proper support? 5. Review the recharge rate and calculations of expected “revenue”. Will it be adequate for proper recovery of all expected costs? Page 5 of 13
Image of page 5
UC Core Audit Program Audit Program and Internal Control Questionnaire Network Management IV. Compliance (150 hrs) A. The following table summarizes audit objectives and corresponding high-level risks regarding compliance with policies and procedures, and regulatory requirements. Audit Objective Areas of Risk Evaluate compliance with the following requirements: UCOP Policies. IS3 IS10 Other Business and Finance Bulletins and other University policies Electronic communications policy; Applicable State and Federal laws and regulations including; FERPA Gramm Leach Bliley (GLBA) HIPAA SB 1392 Evaluate adequacy and compliance with local policies, standards and guidelines Poor security, Poor performance, from lack of adequate guidance policy Delegations of authority may be inappropriate. Non-compliance with laws and regulations may put the University at risk with law enforcement or regulatory agencies. Non-compliance of local processes with University requirements may negatively impact reliability and security of the systems. B. The following procedures should be considered whenever the review is conducted. Physical Security 1. Review security of open network ports in private and public areas. 2. Review access control systems for the rooms housing the equipment and connections. 3. Review administration of the access control system. 4. Review visitor monitoring procedures to the areas housing the network and devices. 5. Evaluate security breach procedures. 6. Briefly describe any machine specific access controls used. 7. Have there been any physical security compromises in the last year? What were the results of these incidents? Business Continuity Planning 1. Evaluate the DRP portions affecting the network. 2. Is the DRP integrated with the campus Business Continuity Plan (BCP)?
Image of page 6

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Image of page 7
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern