IT Governance, Risk, and Compliance:

IT Audit


January 27, 2012  9:23 PM

Auditing IT Service Delivery and Support – Part V



Posted by: Robert Davis
Certified Information Systems Auditor, Certified Information Technology Professional, Certified Internal Auditor, Certified Internal Controls Auditor, Certified Public Accountant, COBIT, Infrastructure, ISO, IT Audit, ITSM, Service Delivery, Systems

When acquiring an understanding of control environment (CE) components, IT auditors should consider whether pertinent elements have been implemented for the entity and IT. Assessing how much CE risk is associated with a particular entity may be performed using various techniques...

January 24, 2012  8:34 PM

Auditing IT Service Delivery and Support – Part IV



Posted by: Robert Davis
Certified Information Systems Auditor, Certified Information Technology Professional, Certified Internal Auditor, Certified Internal Controls Auditor, Certified Public Accountant, COBIT, Infrastructure, ISO, IT Audit, ITSM, Service Delivery, Systems

Entities may partially or fully delegate some or all of its IT delivery and support activities to a Third Party Provider (TPP). IT activities that may be outsourced include IT functions such as, data center operations, IT security, and application...


January 20, 2012  9:06 PM

Auditing IT Service Delivery and Support – Part III



Posted by: Robert Davis
Certified Information Systems Auditor, Certified Information Technology Professional, Certified Internal Auditor, Certified Internal Controls Auditor, Certified Public Accountant, COBIT, Infrastructure, ISO, IT Audit, ITSM, Service Delivery, Systems

Primary drivers for IT service audit planning are verifying delivery and support existence and adequacy. However, as with standard IT audits, a general control environment, information systems, and control procedures understanding should be obtained during...


January 17, 2012  8:20 PM

Auditing IT Service Delivery and Support – Part II



Posted by: Robert Davis
Certified Information Systems Auditor, Certified Information Technology Professional, Certified Internal Auditor, Certified Internal Controls Auditor, Certified Public Accountant, COBIT, Infrastructure, ISO, IT Audit, ITSM, Service Delivery, Systems

An IT auditor assigned an IT service delivery and support engagement should consider performing assurance services based on major process points established in the ISO/IEC 20000 as well as COBIT...


January 13, 2012  11:17 PM

Auditing IT Service Delivery and Support – Part I



Posted by: Robert Davis
Certified Information Systems Auditor, Certified Information Technology Professional, Certified Internal Auditor, Certified Internal Controls Auditor, Certified Public Accountant, COBIT, Infrastructure, IT Audit, Service Delivery, Systems

IT service management (ITSM) extraction, decomposition, analysis and assessment can provide the key to unlock the knowledge door for understanding an entity’s IT governance framework. The way in which IT is delivered as a service to end...


January 10, 2012  3:45 PM

Auditing Systems and Infrastructure Life Cycle Management – Part VIII



Posted by: Robert Davis
Certified Information Systems Auditor, Certified Information Technology Professional, Certified Internal Auditor, Certified Internal Controls Auditor, Certified Public Accountant, Infrastructure, IT Audit, Life Cycle Management, SDLC, Systems

Although most business processes rely upon planning, projects and the IT infrastructure to ensure effective management, IT infrastructure management (ITIM) is typically undervalued. In fact, according to


January 6, 2012  10:01 PM

Auditing Systems and Infrastructure Life Cycle Management – Part VII



Posted by: Robert Davis
Certified Information Systems Auditor, Certified Information Technology Professional, Certified Internal Auditor, Certified Internal Controls Auditor, Certified Public Accountant, Infrastructure, IT Audit, Life Cycle Management, SDLC, Systems

Because tasks and titles vary, an IT auditor should concentrate upon the analysis and development processes that should be considered in SILCM, despite what any individual or group choose for delineation or designation. Objectives should be developed to address the seven COBIT information criteria...


January 3, 2012  8:55 PM

Auditing Systems and Infrastructure Life Cycle Management – Part VI



Posted by: Robert Davis
Certified Information Systems Auditor, Certified Information Technology Professional, Certified Internal Auditor, Certified Internal Controls Auditor, Certified Public Accountant, Infrastructure, IT Audit, Life Cycle Management, SDLC, Systems

Primary drivers for IT systems and/or infrastructure life cycle management assurance planning are verifying control utilization, existence and adequacy. However, as with standard IT audits, a general control environment, information systems, and...


December 30, 2011  9:55 PM

Auditing Systems and Infrastructure Life Cycle Management – Part V



Posted by: Robert Davis
Certified Information Systems Auditor, Certified Information Technology Professional, Certified Internal Auditor, Certified Internal Controls Auditor, Certified Public Accountant, Infrastructure, IT Audit, Life Cycle Management, SDLC, Systems

Entities may partially or fully delegate some or all of its IT asset development to a third party processor (TPP). Whereby, IT resources that may be outsourced include: infrastructure, platforms, and applications. Usually, the responsibility for...


December 27, 2011  9:38 PM

Auditing Systems and Infrastructure Life Cycle Management – Part IV



Posted by: Robert Davis
Certified Information Systems Auditor, Certified Information Technology Professional, Certified Internal Auditor, Certified Internal Controls Auditor, Certified Public Accountant, Infrastructure, IT Audit, Life Cycle Management, SDLC, Systems

‘Application-based’ implementation audits assess any or all parts of the deployment process of a project. The IT auditor should assess relevant SDLC stages, as they are occurring, to highlight risks or issues and provide necessary risk mitigation recommendations to the...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: