IT General Controls Audit


Audit Objective

Provide management assurance that the proper system controls have been implemented across its IT Systems and Network environments

 

Potential Scope Areas

 

  • Problem Management
  • Host Security Review
  • Internal Network Domain Security Review
  • Backup/Recovery & Disaster Recovery Review
  • Security Administration
  • Database Security
  • Workstation Security Review
  • Policy/Procedures Review
  • Physical Security Review
  • Network Security Review

Type of Issues Identified by an Audit Serve IT General Controls Audit

 

  • Internal systems are accessible from the Internet
  • Monitoring processes are not in place to detect external attacks
  • Applications IDs used by the application to authenticate to the database are not properly secured
  • Detective review processes do not exist to identify production job & backup failures


Next Steps

Complete the Information Request form  and Audit Serve will contact you to scale the audit scope to the requirements of your organization and establish a proposal for the engagement.

 

AuditNet - The Global Resource for Auditors

Free
Audit Vision
Newsletter

Since 1991
Join 3,500 other subscribers

 

 

Free Audit Serve Seminars Posted Online

25 minute extract from the seminar entitled "Alternate Control Design Approaches for z/OS" presented by Mitch Levine in London (at the Churchill War Rooms) March, 2018 which would be of interest to IT Audit, Security and GRC personnel

General Data Protection Regulation Seminar

Copyright © 2015. All Rights Reserved.