IT Governance, Risk, and Compliance

Feb 3 2012   9:29PM GMT

Auditing IT Service Delivery and Support – Part VII

Robert Davis Robert Davis Profile: Robert Davis

Regarding outsourced services, among other expectations, an IT auditor should obtain and document an understanding of the relationship between the services provided by third parties and the entity’s control environment. An IT auditor should consider reviewing such items as contracts, service level agreements, policies and procedures between TPPs and the entity. Furthermore, an IT auditor should review any previous TPP audit reports prepared for the entity, and plan the IT audit work to address the audit objectives relevant to the service provider’s environment; taking into account the information obtained during planning. Lastly, an IT auditor should plan TPP audit work to comply with applicable professional audit standards, as if the audit were performed in the entity’s own environment.

View Part I of the Auditing IT Service Delivery and Support series here

Post Note: As of January 12, 2012, Robert E. Davis, MBA, CISA, CICA is a Master of Science in IT Auditing and Cyber-Security Program instructor at Temple University.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: