Chủ đề tương tự
Chủ đề tương tự
SL.NO | Ref. | ITGC Area | Description |
4 | ITE.04 | IT Environment | Employee (including permanent, contracted, etc) movement listing of: i. New staff ii. Transferred staff iii. Terminated staff within the audit period (01/July/2019 to 30/March/2020) |
6 | ITE.06 | IT Environment | IT Security Policy and Procedures, for the following areas:
|
11 | ITO.05 | IT Operations | List of personnels authorised to access the backup media onsite |
14 | ITO.08 | IT Operations | System-generated list of incidents report within the audit period (1 July 2019 to 31 Mar 2020) |
17 | ITO.11 | IT Operations | Disaster Recovery Plan (DRP), Report of the last DRP test performed |
19 | ITO.13 | IT Operations | Monthly meeting minutes (for the purpose of Incidental Management) |
25 | SEC.04 | Security | Segregation of Duties Matrix / Framework To include the latest SoD Matrix/Framework inclusive of the corresponding reviews (if any) |
36 | CHM.01 | Change Management | System-generated list of changes migrated to production environment within the audit period( 01/07/2019 -30/03/2020) |
cái này là internal audit thôi mà, chủ yếu là nó audit về process, procedures, risk assessment chứ không liên quan đến financialHơn 20 năm nay chưa bị hỏi, nay tự nhiên bị hỏi thế này, thấy đâu có liên can gì đến KIỂM TOÁN đâu mấy anh nhỉ?
SL.NO Ref. ITGC Area Description 4 ITE.04 IT Environment Employee (including permanent, contracted, etc) movement listing of:
i. New staff
ii. Transferred staff
iii. Terminated staff
within the audit period (01/July/2019 to 30/March/2020)6 ITE.06 IT Environment IT Security Policy and Procedures, for the following areas:
- Data Centre Access and Review
- Access rules (Establishment of matrix, role based authorisation, changes to matrix)
- User Administration (access creation/ modification/ deletion)
- Generic ID Management
- Password Controls (minimum requirements/ standards)
- User Access Review Requirements
- Security Audit Log Requirement and Review
- Powerful User Management
- Program and Configuration Change Management
- Test Environment
- Version Control
- Segregation of duties between developer and migrator
- Emergency Change Management
- Computer Operations Management (Job scheduling and monitoring, Backup management (schedule, methodology, retention, restoration test))
- Backup Media Onsite and Offsite Physical Access
- Incident Management
- End User Policy
- Acceptable Use Policy
- Backup Policy
11 ITO.05 IT Operations List of personnels authorised to access the backup media onsite 14 ITO.08 IT Operations System-generated list of incidents report within the audit period (1 July 2019 to 31 Mar 2020) 17 ITO.11 IT Operations Disaster Recovery Plan (DRP), Report of the last DRP test performed 19 ITO.13 IT Operations Monthly meeting minutes (for the purpose of Incidental Management) 25 SEC.04 Security Segregation of Duties Matrix / Framework
To include the latest SoD Matrix/Framework inclusive of the corresponding reviews (if any)36 CHM.01 Change Management System-generated list of changes migrated to production environment within the audit period( 01/07/2019 -30/03/2020)
Tèo hiểu đúng ý mình nècái này là internal audit thôi mà, chủ yếu là nó audit về process, procedures, risk assessment chứ không liên quan đến financial
e làm 29 năm nay, VN, Jav, Panama, Pháp, Đức, Úc chưa thấy vậy bao giờIT đa phần đều trực thuộc kế toán.
audit firm nào audit bên anh?Tèo hiểu đúng ý mình nè
M đang nói kiểm toán kế toán á, không phải đánh giá hoạt động