Posted by: Robert Davis
Certified Information Systems Auditor, Certified Information Technology Professional, Certified Internal Auditor, Certified Internal Controls Auditor, Certified Public Accountant, Infrastructure, IT Audit, Life Cycle Management, SDLC, Systems
SILCM audits normally have a functional focus. ‘Functional-based’ SILCM audits examine identified processes as auditable units. However, if during ‘functional-based’ planning the IT auditor discovers a SILCM related framework is not deployed, the audit planner should consider utilizing the COBIT framework domain processes as a baseline for setting objectives. Typically, for SILCM assurance services, effectiveness and efficiency are the primary information criteria; while integrity, availability, compliance, and reliability should be considered secondary information criteria, even when other audit measurement standards are included within the audit ambit.
“View Part I of the Auditing Systems and Infrastructure Life Cycle Management series here“