Posted by: Robert Davis
Certified Information Systems Auditor, Certified Information Technology Professional, Certified Internal Auditor, Certified Internal Controls Auditor, Certified Public Accountant, COBIT, Infrastructure, ISO, IT Audit, ITSM, Service Delivery, Systems
An IT auditor assigned an IT service delivery and support engagement should consider performing assurance services based on major process points established in the ISO/IEC 20000 as well as COBIT frameworks. Where entity-centric ITSM is extracted from the ISO framework, an IT auditor will probably find assertion veracity or direct subject matter verification more productive if they are well versed in service delivery and support concepts. When confronted with an uninitiated entity, the risk-based IT assurance program addressing relevant ISO/IEC 20000 and COBIT areas can assist IT management through valuable process improvement recommendations that reflect generally accepted ITSM global standards.
“View Part I of the Auditing IT Service Delivery and Support series here“
Post Note: As of January 12, 2012, Robert E. Davis, MBA, CISA, CICA is a Master of Science in IT Auditing and Cyber-Security Program instructor at Temple University.