How to made an IT Audit
04 Nov 2009
Post brought you by: HP presario c500 Batteries
“Criteria are defined in each case taking into account specificity of work of the concrete organisation and the audit purposes, however it is possible to tell that the IT Infrastructure should provide support of activity of the enterprise according to the chosen strategy of its development. The major criteria are information safety of used decisions, reliability of systems and services, efficiency and reliability of the information given to users”, – Plaksin adds.
Being purposeful activity, IT Audit should have a specific goal on which basis criteria of its achievement are developed. “Criteria can be both qualitative, and quantitative. As aim in each case the also the set of criteria differs. There are certain techniques (for example, COBIT) which help to define criteria IT of audit on conformity to the international norms. But it is possible to allocate one of the most universal criteria to whom there should correspond works on IT Audit as basically and any works, is degree of satisfaction of the customer results of works which can reveal both strengths, and areas for improvement”, – Kozin explains.
However Guzik considers that in questions of audit of “judges” is not present, and it is improbable that the next years they will appear: “All over the world and at us practice of expert estimations – expression of the consolidated opinion of the experts defined on the basis of the information collected and prepared by auditors is applied”.
Subject detailed elaboration of audit
Various aspects of the IT Infrastructure of the enterprise become the IT Audit subject. Until recently their spectrum could include if not everything, almost all: audit of the IT Infrastructure, budgeting IT, IT Department work, audit of IT Services (if it is introduced ITSM), etc.
Management of actives ON too can be the IT Audit subject.