IT Governance, Risk, and Compliance

Jan 27 2012   9:23PM GMT

Auditing IT Service Delivery and Support – Part V

Robert Davis Robert Davis Profile: Robert Davis

When acquiring an understanding of control environment (CE) components, IT auditors should consider whether pertinent elements have been implemented for the entity and IT. Assessing how much CE risk is associated with a particular entity may be performed using various techniques and tools, including CE Characteristics – Internal Policies, Maturity Model Assessment and/or Entity Culture/Audit Area Personnel Matrices. For each of the selected audit CE statements, a compliance value needs to be defined, which enables the IT assurance professional to calculate a ‘compliance profile’.

View Part I of the Auditing IT Service Delivery and Support series here

Post Note: As of January 12, 2012, Robert E. Davis, MBA, CISA, CICA is a Master of Science in IT Auditing and Cyber-Security Program instructor at Temple University.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: