Controls
IT Governance
Structure of the IT Function
The Computer Center
Disaster Recovery Planning
Outsourcing the IT Function
IT Governance
Key objectives:
-Data Administration
-Data Processing
-data conversion
-computer operations
-data library
Systems Development and Maintenance
Participants:
-system professionals
-end users
-stakeholders
Segregation of Incompatible IT Functions
-inadequate documentation
-program fraud
The Computer Center
Physical Location
Construction
Access
Air Conditioning
Fire Suppression
Fault Tolerance
Audit Objectives
to evaluate the controls governing computer center
security
Test of:
Physical construction
Access Control
Raid
Insurance Coverage
Disaster Recovery Planning
- Empty Shell
- Application backup
- Backup documentation
Software Backup
Data Backup
Vendor exploitation
Reduced security