May 4, 2012 11:35 PM
Posted by: Robert Davis
COBIT,
Control Environment,
Control Techniques,
Infrastructure,
ISO,
ITSM,
Service Delivery,
Service Support,
SystemsThe control environment is an important component of an entity’s control structure or system that directly impacts IT governance. Literally, an entity’s control environment sets the “
February 7, 2012 9:57 PM
Posted by: Robert Davis
Certified Information Systems Auditor,
Certified Information Technology Professional,
Certified Internal Auditor,
Certified Internal Controls Auditor,
Certified Public Accountant,
COBIT,
Infrastructure,
ISO,
IT Audit,
ITSM,
Service Delivery,
SystemsAudit evidence for elements of an adequate CE may not be available in documentary form. In addition, responsibility for IT governance is often undertaken by the owner/manager where there are no other...
February 3, 2012 9:29 PM
Posted by: Robert Davis
Certified Information Systems Auditor,
Certified Information Technology Professional,
Certified Internal Auditor,
Certified Internal Controls Auditor,
Certified Public Accountant,
COBIT,
Infrastructure,
ISO,
IT Audit,
ITSM,
Service Delivery,
SystemsRegarding outsourced services, among other expectations, an IT auditor should obtain and document an understanding of the relationship between the services provided by third parties and the entity’s control environment. An IT auditor should consider reviewing such items as contracts,
January 31, 2012 8:41 PM
Posted by: Robert Davis
Certified Information Systems Auditor,
Certified Information Technology Professional,
Certified Internal Auditor,
Certified Internal Controls Auditor,
Certified Public Accountant,
COBIT,
Infrastructure,
ISO,
IT Audit,
ITSM,
Service Delivery,
SystemsOrdinarily, an IT auditor obtains relevant CE audit evidence through a combination of inquiries and other risk assessment procedures. For example, through management and employee inquiries, an IT auditor may obtain an...
January 27, 2012 9:23 PM
Posted by: Robert Davis
Certified Information Systems Auditor,
Certified Information Technology Professional,
Certified Internal Auditor,
Certified Internal Controls Auditor,
Certified Public Accountant,
COBIT,
Infrastructure,
ISO,
IT Audit,
ITSM,
Service Delivery,
SystemsWhen acquiring an understanding of control environment (CE) components, IT auditors should consider whether pertinent elements have been implemented for the entity and IT. Assessing how much CE risk is associated with a particular entity may be performed using various techniques...
January 24, 2012 8:34 PM
Posted by: Robert Davis
Certified Information Systems Auditor,
Certified Information Technology Professional,
Certified Internal Auditor,
Certified Internal Controls Auditor,
Certified Public Accountant,
COBIT,
Infrastructure,
ISO,
IT Audit,
ITSM,
Service Delivery,
SystemsEntities may partially or fully delegate some or all of its IT delivery and support activities to a Third Party Provider (TPP). IT activities that may be outsourced include IT functions such as, data center operations, IT security, and application...
January 20, 2012 9:06 PM
Posted by: Robert Davis
Certified Information Systems Auditor,
Certified Information Technology Professional,
Certified Internal Auditor,
Certified Internal Controls Auditor,
Certified Public Accountant,
COBIT,
Infrastructure,
ISO,
IT Audit,
ITSM,
Service Delivery,
SystemsPrimary drivers for IT service audit planning are verifying delivery and support existence and adequacy. However, as with standard IT audits, a general control environment, information systems, and control procedures understanding should be obtained during...
January 17, 2012 8:20 PM
Posted by: Robert Davis
Certified Information Systems Auditor,
Certified Information Technology Professional,
Certified Internal Auditor,
Certified Internal Controls Auditor,
Certified Public Accountant,
COBIT,
Infrastructure,
ISO,
IT Audit,
ITSM,
Service Delivery,
SystemsAn IT auditor assigned an IT service delivery and support engagement should consider performing assurance services based on major process points established in the ISO/IEC 20000 as well as COBIT...
August 23, 2011 8:30 PM
Posted by: Robert Davis
Asset Management,
Availability Management,
Capacity Management,
Change Management,
Configuration Management,
Continuity Management,
Financial Management,
IEC,
Information Security Management,
ISO,
ITSM,
Service Level ManagementAligned with the generally accepted IT value definition; IT service basic principles should deliver appropriate quality, on-time and within-budget, while achieving promised benefits. Where these basic principles are earnestly harmonized, IT service delivery and support benefits...
