Approach and Methodology
Our systems and technology audit process is consistent with our overall audit approach in that it uses
a top-down process that starts with understanding of key Management controls and identifying critical
risk areas. Most systems and technology audit procedures take place in the following areas based on
the needs of the engagement team
Critical Applications
-
IT DRP Controls
-
IT Strategy Planning
-
IT Steering Committee
-
Policies and Procedures
-
SDLC & Change Management
-
Access Controls
-
Backup and Contingency Planning
Business Continuity Management
Holistic management process that identifies potential threats to an organization and the impacts to business operations those threats, if realized, might cause, and which provides a framework for building organizational resilience with the capability of an effective response that safeguards the interests of its key stakeholders, reputation, brand and value-creating activities.
Technical Infrastructure
-
Problem & Incident Management
-
Operating System Controls
-
Database Security Controls
-
Data Centre Environmental Controls
-
IT Org Chant
System & Process Changes
-
Security Controls (e.g. Password, Auditing)
-
Data Encryption
