Primary drivers for IT systems and/or infrastructure life cycle management assurance planning are verifying control utilization, existence and adequacy. However, as with standard IT audits, a general control environment, information systems, and control procedures understanding should be obtained during engagement planning to comply with ISACA’s assurance standards and guidelines as well as other applicable attestation, audit, accounting, and IT standards.
Typically, management is interested in IT project management work performance processes — with emphasis on requirements and expectations ensuring entity-centric objectives achievement. Consequently, the focus of SILCM engagements should be on project management processes; with the objective of improving implementation efficiency and effectiveness.
“View Part I of the Auditing Systems and Infrastructure Life Cycle Management series here“