How to made an IT Audit
04 Nov 2009
Post brought you by: HP presario v6000 Batteries
decision-making”.
Alexander Frolov, the head of projects of company IRP Technology, considers that “procedure IT of audit in the company means gathering, the analysis and granting to company management of the information on current condition IT, about the risks connected with weak spots of information systems, and delivery of recommendations about decrease in these risks and to improvement of quality of functioning of subsystems”.
Periodicity of carrying out IT of audit is influenced by various factors: growth rate of business, change of structure of the organisation, change or occurrence of new business processes, frequency of introduction of new IT Decisions, a way of support and frequency of changes of existing information systems, etc. And it is far not the full list.
“The major factors influencing periodicity and frequency of carrying out, it is necessary to note external requirements (the Central Bank of the Russian Federation, ISO, the law of Sarbejnsa – Oksli, etc.), change of a management of service IT, actualisation of IT Strategy of the company, passage by service IT of internal and external audit, – are added by Guzik. – it is necessary to remember that in the absence of regular audit and carrying out of repeated audit within a year (maximum) after the first almost completely depreciates its results and recommendations and will not allow to provide continuity and sequence in management IT of the enterprise”.
And judges who?
The question is fair: to what criteria there should correspond the IT Infrastructure of the organisation during audit?
“The company management and the personnel”, – are considered by Yurkin. “It is necessary to check IT on conformity to standards COBIT which basic value that they offer the model providing interrelation between the business purposes and IT Processes”, – speaks Frolov.