Presentation is loading. Please wait.

Presentation is loading. Please wait.

Lecture 14: ICT Audit.

Published byNancy Lucas Modified over 6 years ago

Similar presentations

Presentation on theme: "Lecture 14: ICT Audit."— Presentation transcript:

1 Lecture 14: ICT Audit

2 Context of ICT Audit Question: What role is ICT playing in driving your business. Playing? Could Play? Should Play? ICT Audit

3 ICT Audit ICT Audit is the processes of ensuring
that you are getting the best out of your assets adequate protection of your system adequate protection from your system prepared for impending upgrades of the system Conformance to statutory requirements ICT Audit

4 Potential complications of ICT Systems
The way they are put together (Adhoc) The way they are resourced The hiring of the personnel The positioning of the personnel in the company organization The fact that they are viewed as ICT systems Lack of understanding of ICT Systems by business ICT Audit

5 What to Audit The Network The systems The procedure The backup
The personnel The technology The business continuity ICT Audit

6 What to Audit – on The Network
Technology used Topology of the network Entry points Rules within the network Virtual Local Area Networks Access Lists Perform various kinds of Penetration tests ICT Audit

7 What to audit – on the systems
The systems security Passwords Access levels Audit trails Logs detail Logs safety Usage of the logs – Proactive rather than just Reactive use of logs Get evidence of all these from the system ICT Audit

8 What to audit on -systems
Application Systems External security Access Access Rights Internal security Business fit Decoupling of the processes from the application Stability of the organization selling the application ICT Audit

9 What to audit - Procedures
Procurement Procedures Repair and maintenance procedures Change management Introduction of new systems Altering of existing systems Systems retirement procedures Equipment retirement procedures Who has your old data When social responsibility turns nasty (The Nigerian Recycling nightmare) ICT Audit

10 What to audit – the systems backup
Is the system being backed up? What do you do to your most valuable assets? Quality of backup Testing of backup Testing of recovery procedures Disaster recovery site Hot site Cold site ICT Audit

11 What to audit – Personnel
Organogram test Do you have the correct personnel Do you have adequate personnel How knowledgeable are they How specialized are they Have they been undergoing training Who hires your personnel What do they know and how do they know it ICT Audit

12 What to audit – technology
Does your current technology fit your business How are you preparing for future technology Who is watching the technology for you Who calls the shots in moving over to new technologies Are you reactive or proactive ICT Audit

13 What to audit – Business continuity
Fire drills phenomenon Have to be ready for unforeseen eventualities Succession plan phenomenon Do you have sufficient backup and redundancy within the essential business processes Discussion point What aspects need to be considered to guarantee business continuity? ICT Audit

14 Business Continuity – What to consider
Big data analytics to gain insights Software upgrade Customer or clients database Data Recovery Plan Agility of hard and soft in terms of upwards and backwards compatibility Business Continuity Plan, manual for computerized systems Connectivity to enhance visibility Adoption of new technologies Data security Succession plan in terms of key personnel ICT Audit

Download ppt "Lecture 14: ICT Audit."

Similar presentations

Pros and Cons of Cloud Computing Professor Kam-Fai Wong Faculty of Engineering The Chinese University of Hong Kong.

Pros and Cons of Cloud Computing Professor Kam-Fai Wong Faculty of Engineering The Chinese University of Hong Kong.
Brian Loesgen & Alan Smith. BizTalk Administration Challenges  BizTalk is a complex product  IT-Pros are not usually familiar with BizTalk  BizTalk.

Brian Loesgen & Alan Smith. BizTalk Administration Challenges  BizTalk is a complex product  IT-Pros are not usually familiar with BizTalk  BizTalk.
Infection Control S.G. Harnisch on behalf of NDSA.

Infection Control S.G. Harnisch on behalf of NDSA.
Security Controls – What Works

Security Controls – What Works
Information systems Integrity Protection. Facts on fraud  UK computer fraud 400 Million £  17 000 on 136 000 companies  avg case 46 000 £  France.

Information systems Integrity Protection. Facts on fraud  UK computer fraud 400 Million £  on companies  avg case £  France.
Modern Distributed Systems Design – Security and High Availability 1.Measuring Availability 2.Highly Available Data Management 3.Redundant System Design.

Modern Distributed Systems Design – Security and High Availability 1.Measuring Availability 2.Highly Available Data Management 3.Redundant System Design.
MSIS 110: Introduction to Computers; Instructor: S. Mathiyalakan1 Systems Design, Implementation, Maintenance, and Review Chapter 13.

MSIS 110: Introduction to Computers; Instructor: S. Mathiyalakan1 Systems Design, Implementation, Maintenance, and Review Chapter 13.
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.

ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
Pertemuan 20 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.

Pertemuan 20 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
Factors to be taken into account when designing ICT Security Policies

Factors to be taken into account when designing ICT Security Policies
Roles of IT Personnel Unit 4520. Customer Service This is a facility that helps customers with wide-ranging questions relating to a specific company,

Roles of IT Personnel Unit Customer Service This is a facility that helps customers with wide-ranging questions relating to a specific company,
Software Asset Management

Software Asset Management
Managing a computerised PO Operating environment 1.

Managing a computerised PO Operating environment 1.
ICT School Policies 6 th November 2014. Suggested Policies for Schools Not always a requirement, but useful to cover you, your school and the students.

ICT School Policies 6 th November Suggested Policies for Schools Not always a requirement, but useful to cover you, your school and the students.
© 2013 BOS Solutions Ltd. Revised: Mar 15,2013 Version 2 – BOS HSE MSpg. 1 The BOS HSE Management System Brad Whitaker, MSPH, CSP BOS Solutions HSE Director.

© 2013 BOS Solutions Ltd. Revised: Mar 15,2013 Version 2 – BOS HSE MSpg. 1 The BOS HSE Management System Brad Whitaker, MSPH, CSP BOS Solutions HSE Director.
IT Assurance and Reliability Why Should You Care? Richard Oppenheim, CPA, CITP President, SysTrust Services Corporation Presented to ISACA Regional Meeting.

IT Assurance and Reliability Why Should You Care? Richard Oppenheim, CPA, CITP President, SysTrust Services Corporation Presented to ISACA Regional Meeting.
November 2009 Network Disaster Recovery October 2014.

November 2009 Network Disaster Recovery October 2014.
Today’s Lecture application controls audit methodology.

Today’s Lecture application controls audit methodology.
Consultancy.

Consultancy.
Software Validation in Accredited Laboratories A Practical Guide Greg Gogates Fasor Inc. 26 Sept 2001 A copy of this paper will be maintained.

Software Validation in Accredited Laboratories A Practical Guide Greg Gogates Fasor Inc. 26 Sept 2001 A copy of this paper will be maintained.

Similar presentations

Ads by Google