IT Governance, Risk, and Compliance

Dec 23 2011   8:48PM GMT

Auditing Systems and Infrastructure Life Cycle Management – Part III

Robert Davis Robert Davis Profile: Robert Davis

Categorically, ‘Application-based’ pre-acquisition audits assess a system prior to obtaining usage rights considering such matters as: software requirements, vendor bidding, and system selection. Specifically, pre-acquisition assurance service coverage includes effects on IT resources, cost, and plans.

Whereas; ‘Application-based’ pre-implementation audits assess a system under construction considering matters such as, whether: appropriate controls are designed into the system; the application will process information in a complete, accurate and reliable manner; the application will function as intended; the application will function in compliance with any applicable statutory provisions; the system is developed in compliance with the established systems development life cycle process. Whereby, at the detail-level, a pre-implementation application audit normally addresses the architecture of application-level security, plans for the implementation of security, the adequacy of system and user documentation, and the adequacy of actual or planned user-acceptance testing.

View Part I of the Auditing Systems and Infrastructure Life Cycle Management series here

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: