January 6, 2012 10:01 PM
Posted by: Robert Davis
Certified Information Systems Auditor,
Certified Information Technology Professional,
Certified Internal Auditor,
Certified Internal Controls Auditor,
Certified Public Accountant,
Infrastructure,
IT Audit,
Life Cycle Management,
SDLC,
SystemsBecause tasks and titles vary, an IT auditor should concentrate upon the analysis and development processes that should be considered in SILCM, despite what any individual or group choose for delineation or designation. Objectives should be developed to address the seven COBIT information criteria...
January 3, 2012 8:55 PM
Posted by: Robert Davis
Certified Information Systems Auditor,
Certified Information Technology Professional,
Certified Internal Auditor,
Certified Internal Controls Auditor,
Certified Public Accountant,
Infrastructure,
IT Audit,
Life Cycle Management,
SDLC,
SystemsPrimary drivers for IT systems and/or infrastructure life cycle management assurance planning are verifying control utilization, existence and adequacy. However, as with standard IT audits, a general control environment, information systems, and...
December 30, 2011 9:55 PM
Posted by: Robert Davis
Certified Information Systems Auditor,
Certified Information Technology Professional,
Certified Internal Auditor,
Certified Internal Controls Auditor,
Certified Public Accountant,
Infrastructure,
IT Audit,
Life Cycle Management,
SDLC,
SystemsEntities may partially or fully delegate some or all of its IT asset development to a third party processor (TPP). Whereby, IT resources that may be outsourced include: infrastructure, platforms, and applications. Usually, the responsibility for...
December 27, 2011 9:38 PM
Posted by: Robert Davis
Certified Information Systems Auditor,
Certified Information Technology Professional,
Certified Internal Auditor,
Certified Internal Controls Auditor,
Certified Public Accountant,
Infrastructure,
IT Audit,
Life Cycle Management,
SDLC,
Systems‘Application-based’ implementation audits assess any or all parts of the deployment process of a project. The IT auditor should assess relevant SDLC stages, as they are occurring, to highlight risks or issues and provide necessary risk mitigation recommendations to the...
December 23, 2011 8:48 PM
Posted by: Robert Davis
Certified Information Systems Auditor,
Certified Information Technology Professional,
Certified Internal Auditor,
Certified Internal Controls Auditor,
Certified Public Accountant,
Infrastructure,
IT Audit,
Life Cycle Management,
SDLC,
SystemsCategorically, ‘Application-based’ pre-acquisition audits assess a system prior to obtaining usage rights considering such matters as: software requirements, vendor bidding, and system selection. Specifically, pre-acquisition assurance service coverage includes effects on IT...
December 20, 2011 8:54 PM
Posted by: Robert Davis
Certified Information Systems Auditor,
Certified Information Technology Professional,
Certified Internal Auditor,
Certified Internal Controls Auditor,
Certified Public Accountant,
Infrastructure,
IT Audit,
Life Cycle Management,
SDLC,
SystemsSILCM audits normally have a functional focus. ‘Functional-based’ SILCM audits examine identified processes as auditable units. However, if during ‘functional-based’ planning the IT auditor...
December 16, 2011 9:54 PM
Posted by: Robert Davis
Certified Information Systems Auditor,
Certified Information Technology Professional,
Certified Internal Auditor,
Certified Internal Controls Auditor,
Certified Public Accountant,
Infrastructure,
IT Audit,
Life Cycle Management,
SDLC,
SystemsThere is general agreement that IT auditor involvement in systems and infrastructure development life cycle (SIDLC) projects would aid in ensuring IT architecture items work properly and include adequate controls. However, there is less agreement as to role IT auditors should play in the SIDLC. ...
December 3, 2009 9:07 PM
Posted by: Robert Davis
Applications,
Asset,
Implementation,
Information Technology,
Infrastructure,
IT,
Project Management,
Risk Management,
SDLC,
System Development Life Cycle,
Systems Analysis,
Systems Design,
Value DeliverySystems and infrastructure design effects the controls relied on by an entity’s management, therefore, effecting control processes. Because systems and infrastructure are critical to an entity’s success, control processes should be designed...
November 30, 2009 7:22 PM
Posted by: Robert Davis
Applications,
Asset,
IDLC,
Implementation,
Information Technology,
Infrastructure,
Infrastructure Development Life Cycle,
IT,
Project Management,
Risk Management,
SDLC,
System Development Life Cycle,
Systems Analysis,
Systems Design,
Value DeliveryAn adequate IT infrastructure permits the continuance and growth of technology-based systems. Considering the Control Objectives for Information and related Technology (
