December 20, 2011 8:54 PM
Posted by: Robert Davis
Certified Information Systems Auditor,
Certified Information Technology Professional,
Certified Internal Auditor,
Certified Internal Controls Auditor,
Certified Public Accountant,
Infrastructure,
IT Audit,
Life Cycle Management,
SDLC,
SystemsSILCM audits normally have a functional focus. ‘Functional-based’ SILCM audits examine identified processes as auditable units. However, if during ‘functional-based’ planning the IT auditor...
December 16, 2011 9:54 PM
Posted by: Robert Davis
Certified Information Systems Auditor,
Certified Information Technology Professional,
Certified Internal Auditor,
Certified Internal Controls Auditor,
Certified Public Accountant,
Infrastructure,
IT Audit,
Life Cycle Management,
SDLC,
SystemsThere is general agreement that IT auditor involvement in systems and infrastructure development life cycle (SIDLC) projects would aid in ensuring IT architecture items work properly and include adequate controls. However, there is less agreement as to role IT auditors should play in the SIDLC. ...
December 13, 2011 9:15 PM
Posted by: Robert Davis
BCP,
Business Continuity,
Certified Information Systems Auditor,
Certified Information Technology Professional,
Certified Internal Auditor,
Certified Internal Controls Auditor,
Certified Public Accountant,
Crisis Management,
Disaster Recovery,
DRP,
IT AuditAn IT auditor should perform a preliminary control environment (CE) assessment corresponding to the audit area being examined to enable reasonable assurance that all significant items will be adequately addressed during the
December 9, 2011 10:39 PM
Posted by: Robert Davis
BCP,
Business Continuity,
Certified Information Systems Auditor,
Certified Information Technology Professional,
Certified Internal Auditor,
Certified Internal Controls Auditor,
Certified Public Accountant,
Crisis Management,
Disaster Recovery,
DRP,
IT AuditPrimary drivers for organizational continuity assurance service planning are: verifying continuity plan existence and assessing continuity plan adequacy. However, as with standard IT audits, a general control environment, information systems, and control procedures understanding should be obtained...
December 6, 2011 8:32 PM
Posted by: Robert Davis
BCP,
Business Continuity,
Certified Information Systems Auditor,
Certified Information Technology Professional,
Certified Internal Auditor,
Certified Internal Controls Auditor,
Certified Public Accountant,
Crisis Management,
Disaster Recovery,
DRP,
IT AuditBCP audits normally have an organizational focus. ‘Organizational-based’ BCP audits examine deployed frameworks, managerial issues, and departmental activities. However, if during...
December 2, 2011 8:53 PM
Posted by: Robert Davis
BCP,
Business Continuity,
Certified Information Systems Auditor,
Certified Information Technology Professional,
Certified Internal Auditor,
Certified Internal Controls Auditor,
Certified Public Accountant,
Crisis Management,
Disaster Recovery,
DRP,
IT AuditThe IT auditor’s primary purpose, when performing an audit of business continuity and/or disaster recovery, should be to identify, document, test, evaluate, and report the controls as well as the associated risks related to
November 29, 2011 8:44 PM
Posted by: Robert Davis
BCP,
Business Continuity,
Certified Information Systems Auditor,
Certified Information Technology Professional,
Certified Internal Auditor,
Certified Internal Controls Auditor,
Certified Public Accountant,
Crisis Management,
Disaster Recovery,
DRP,
IT AuditAlthough often referred to as disaster recovery plans, controls to ensure service continuity should address the entire range of potential disruptions. These may include relatively minor interruptions, such as temporary power failures, as well as
November 25, 2011 8:41 PM
Posted by: Robert Davis
BCP,
Business Continuity,
Certified Information Systems Auditor,
Certified Information Technology Professional,
Certified Internal Auditor,
Certified Internal Controls Auditor,
Certified Public Accountant,
Crisis Management,
Disaster Recovery,
DRP,
IT AuditAs with a business continuity plan (BCP); a disaster recovery plan (DRP) contains the consistent actions to be undertaken prior to, during and after a disaster. A sound DRP is built from a comprehensive planning system, involving all of the entity’s business processes. Disaster recovery...
November 22, 2011 9:07 PM
Posted by: Robert Davis
BCP,
Business Continuity,
Certified Information Systems Auditor,
Certified Information Technology Professional,
Certified Internal Auditor,
Certified Internal Controls Auditor,
Certified Public Accountant,
Crisis Management,
Disaster Recovery,
DRP,
IT AuditFor most professionals, business continuity planning refers to the process for developing advance arrangements and procedures enabling an entity to respond to service interruptions in such a manner...
