Documente Academic
Documente Profesional
Documente Cultură
1
Data conversion / migration strategy
transferring data between computer systems or storage formats.
Page
Flowers Foods Confidential
INTERNAL AUDIT Program Development Framework
[aka System Development Lifecycle (SDLC)]
Tasks Risk SOX
Element
(We seek evidence to support) (What could go wrong if task not performed) Control
Without a robust risk management and mitigation process, there is greater
Project risk assessment (including information & system security) probability that a risk may negatively impact scope, budget, quality, timing or
information security.
2
Training (technical support, security administration, end user, etc.) be difficult to use and support the system after go-live.
Page
Flowers Foods Confidential
INTERNAL AUDIT Program Development Framework
[aka System Development Lifecycle (SDLC)]
In addition to the above Development controls, we assess operational processes designed and communicated for ongoing maintenance and support beginning at Go-
Live, including:
Program change mgmt. Configuration change mgmt. Patch/update mgmt.
User administration & monitoring Privileged access administration & monitoring Emergency access management
Database management SOD monitoring Job scheduling & monitoring
System monitoring & mgmt. Backup & restore / DRP SOX compliance (if applicable)
3
Page
Flowers Foods Confidential