|
|
 |
INTERNAL
AUDIT 2007-2008 IS AUDIT PLAN
|
|
IS
AUDIT GOALS:
- Select
audits which integrate with management's plans and priorities
- Time
audits to provide a catalyst for positive change
- Scope
audit work to focus on high risk processes/projects and strategic
issues
APPROACH FOR DEFINING IS AUDIT PLAN
- Identification
of emerging issues and key special projects
- Formal
risk assessment
- Discussions
with institutional officials
RISK
EVALUATION CRITERIA
-
Management concerns
- Financial
impact
- Impact
on mission
- Cash
management impact
- Organizational
change
- Operation
complexity
- Established
integrity controls
- Technology
stability
- Audit
history
SCOPE
OF IS AUDIT WORK
- Scheduled
audits of departments with large central administration systems
- Reviews
of emerging issues - new system development
- Consulting
on emerging issues (e.g., Security intrusion, PKI and credit card
CISP)
- Components
of scheduled audits of departments' systems not supported by OIT
Jump
to: [Audit Plan]
|
|
