From the IT Compliance Institute:
This checklist offers:
· 74 specific checklist items to help assess your audit-readiness
· A breakdown of suggested management, operational, and technical controls
· Clarification on what auditors want (and don’t want) to see
· Pointers on audit planning, preparation, testing, and reporting
Download the Checklist
(Requires brief registration for non-members of ITCi)
More Information
What is the IT Audit Checklist Series? | What Is This Paper About? | About the authors | About ITCi
What is the IT Audit Checklist Series?
The ITCi IT Audit Checklists are a series of topical papers that provide practical guidance for IT, compliance, and business managers on preparing for successful internal audits of various aspects of their operations. In addition to helping managers understand what auditors look for and why, the IT Audit Checklists can also help managers complete proactive self assessments of their operations, thereby identifying opportunities for system and process improvements that can be performed in advance of an audit.
What Is This Paper About?
This paper, "IT Audit Checklist: IT Governance and Strategy," supports an internal audit of the organization’s IT leadership and high-level planning resources, systems, and processes. The paper includes guidance on assessing the completeness, effectiveness, and sustainability of existing IT governance and strategy; guidance on supporting effective IT leadership; and information on ensuring continual improvement of governance efforts. The paper is intended to help IT, compliance, business, and audit managers prepare for an audit of high-level processes and resources and to provide concrete tools managers can use to ensure that the audit experience and results are as beneficial as possible to both IT leaders and the company as a whole.
About the Authors
Dan Swanson, CMA, CIA, CISA, CISSP, CAP, is a 24-year internal audit veteran who was most recently director of professional practices at the Institute of Internal Auditors. Prior to his work with the IIA, Swanson was an independent management consultant for over 10 years. Swanson has completed internal audit projects for more than 30 different organizations, spending almost 10 years in government auditing at the federal, provincial, and municipal levels, and the rest in the private sector, mainly in the financial services, transportation, and health sectors. The author of more than 75 articles on internal auditing and other management topics, Swanson is currently a freelance writer and independent management consultant.
Cass Brewer is the editorial and research director for the IT Compliance Institute (ITCi, www.itcinstitute.com), an independent research and media firm committed to advancing IT’s leadership role in corporate compliance, risk management, and governance. Brewer directs ITCi’s editorial, analytical, and educational initiatives and is the chief contact for the institute’s member community of more than 8,000 business managers, regulators, auditors, consultants, and solution providers from countries and companies around the world. Over the past 13 years, Brewer has issued more than 100 articles, presentations, and white papers on IT and data management topics, and has provided strategic advice and editorial direction for hundreds of additional publications and events.
About the IT Compliance Institute
The IT Compliance Institute (ITCi) strives to be a global authority on the role of technology in business governance and regulatory compliance. Through comprehensive education, research, and analysis related to emerging government statutes and affected business and technology practices, we help organizations overcome the challenges posed by today’s regulatory environment and find new ways to turn compliance efforts into capital opportunities.
|
