IT Governance, Risk, and Compliance

Nov 8 2011   8:45PM GMT

Auditing Information Assets Protection – Part VI

Robert Davis Robert Davis Profile: Robert Davis

Alternatively, IAP may be within the ambit of other IT audit areas. Under these circumstances, a ‘functional-based’, ‘application based’, or ‘compliance-based’ examination may be appropriate. ‘Functional-based’ audits address identified processes as auditable units that can include goals and objectives, ownership, repeatability, as well as roles and responsibilities. ‘Application-based’ audits address identified areas where IT is superposed to complete a task that can accommodate completeness, accuracy, validity, authorization, and segregation-of-duties. Lastly, ‘compliance-based’ audits redress adherence to externally and internally imposed entity requirements that can encompass national laws, and regulations, as well as standards.

View Part I of the Auditing Information Assets Protection series here

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: