Documente Academic
Documente Profesional
Documente Cultură
of
DISA 2.0 Course
CERTIFICATE
Project report of DISA 2.0 Course
This is to certify that we have successfully completed the DISA 2.0 course training conducted at:
____________________________________________from______________to_____________
and we have the required attendance. We are submitting the Project titled:________________
____________________________________________________________________________
We hereby confirm that we have adhered to the guidelines issued by CIT, ICAI for the project.
We also certify that this project report is the original work of our group and each one of us have
actively participated and contributed in preparing this project. We have not shared the project
details or taken help in preparing project report from anyone except members of our group.
1. Name……….……………………………….……DISA No………........Signed…………………….…………
2. Name……….……………………………….……DISA No………........Signed…………………….…………
3. Name……….……………………………….……DISA No………........Signed…………………….…………
Place: ____________
Date: _____________
Table of Contents
1. Introduction
A. Please provide your understanding in one or two para information about the auditee covering nature of
business, organisation structure, technology infrastructure, policies and procedures, etc.)
B. Please provide one or two para information about audit firm (fictitious name) including your experience,
team composition, skill-sets and team leader. Please do not include actual names of group members as
members of assignment team in the project report so as to maintain confidentiality of the project.
2. Auditee Environment
Please provide complete details of nature of business, organisation structure, technology deployed. The
Technology deployed must include information of system software, database and application software).
Provide specific details of regulatory requirements and overview of specific internal policies and procedures
such as information security policy. This has to be as detailed as possible. Please make suitable
assumptions and add more details as required.
3. Background
Please provide details highlighting the client need for the assignment. Provide reasons why the enterprise
wants the assignment to be done in 2-3 paras.
4. Situation
Please provide details of existing scenario which has given rise to the need for the assignment. Provide all
the details of the current situation. Include here the identified problem areas and control weaknesses.
8. Documents reviewed
Please provide list of sample documents reviewed during the assignment, such as information security
policy, organisation structure, vendor contracts or SLA, access matrix, audit findings, etc. These documents
will be the basis for review and coupled with the all the prior information can be used for identifying control
weaknesses and providing recommendations.
9. References
Please provide list of specific standards, guidelines and best practices or other references to be used in
performing the assignment. Please include reference of specific section of background material, ICAI and
international standards/guidelines/best practices and websites or publications as used in the assignment.
10. Deliverables
Please provide details of specific deliverables of the assignment. These would include the draft IS Audit
Report, Final IS Audit report, executive summary, detailed findings and recommendations, etc.
12. Summary/Conclusion
Please provide overall summary/conclusion of the assignment. This could be in two to three paras.