How to conduct an IT General Controls Audit for a Holdings & Investments Company and a Real Estate Company (Developers)

5 pts.
Tags:
IT auditing
IT audits
Microsoft Windows Server 2003
Red Hat
Windows Server 2008
How to conduct an IT General Controls Audit for a Holdings & Investments Company and a Real Estate Company (Developers) using HP Servers, Windows 2008, windows 2003 (backend) and Red Hat Operating Systems.



Software/Hardware used:
HP Servers, Windows 2008, windows 2003 (backend) and Red Hat Operating Systems.

Answer Wiki

Thanks. We'll let you know when a new response is added.

How do you mean? Sounds like hiring an outside expert would be your best bet.

Discuss This Question: 1  Reply

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Cybernorris
    The first step is to determine their controls and the standards to which the audit should be performed. General controls typically start at the top with the policies set in place by the board. These should be expanded upon and enumerated in the company's various policies and procedures. General controls includes information security, change management, incident management, software policy, hardware policy, backup/recovery, information controls, physical security, privacy policies, HR practices and much more. Depending on the size of the organization, a thorough audit could take many months. There are a few steps. First determine what the controls are, then audit against the controls... is the company doing what it says it should. Finally are the controls sufficient to meet the needs and/or requirements. You'll need to take into consideration any regulations or required standards Check out www.ISACA.org for COBIT (the best IT controls framework in the world) as well as tons of info on how to perform an IT audit. Oh yeah, the auditor should not be anyone with operational responsibility. One cannot audit what one does. If you don't have the staff for this, Kevin is right... hire an outside expert.
    50 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following