Scribd Logo
Încărcați

Bine ați venit la Scribd!

  • IT 6 Audit Program

    Încărcat de

    Nicole Aragon
    31 vizualizări9 pagini

    Titlu original

    IT 6 audit program

    Drepturi de autor

    © © All Rights Reserved

    Formate disponibile

    DOCX, PDF, TXT sau citiți online pe Scribd

    Vi se pare util acest document?

    Este necorespunzător acest conținut?

    Raportați acest document

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca DOCX, PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    31 vizualizări9 pagini

    IT 6 Audit Program

    Încărcat de

    Nicole Aragon

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca DOCX, PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    din 9

    IT6

    Name/s: ARAGON, Althene Nicole G. Schedule: MW 1:00-2:30 PM


    Section: M31

    EXER. FT 1: IT AUDIT PROGRAM FOR TEST OF GENERAL CONTROLS

    1. Operating System Controls


    AUDIT OBJECTIVES
    1. To verify that access privileges are granted in a manner that is consistent with
    the need to separate incompatible functions and is in accordance with the
    organization’s policy.
    2. To ensure that the organization has an adequate and effective password policy
    for contolling access to the operating system.
    3. To verify that effective management policies and procedures are in place to
    prevent the introduction and spread of destructive programs, including viruses,
    worms, back doors, logic bombs, and Trojan horses.
    4. To ensure that the established system audit trail is adequate for preventing and
    detecting abuses, reconstructing key events that precede system failures, and
    planning resource allocation.

    POSSIBLE ERRORS + IRREGULARITIES


    1. Unauthorized access
    2. Virus infection
    3. Cybercrime attacks

    AUDIT PROCEDURES
    1. Review the organization’s policies for separating incompatible functions and
    ensure that they promote reasonable security.
    2. Review the users’ permitted log-on times.
    3. Verify that all users are required to have passwords.
    4. Verify that the current version of antiviral software is installed on the server and
    that upgrades regularly downloaded to workstations.
    5. Select a sample of security violation cases and evaluate their disposition to
    assess the effectiveness of the security group.

    INTERNAL CONTROL CHECKLIST


    1. How does the company keep unwanted / unauthorized access out of their
    system?
    2. What is the company’s policy with regards to the users’ passwords?
    3. Are the permitted users’ passwords strong enough to avoid unauthorized
    access?
    4. Does the company employ an excellent antivirus software?

    REFERENCES
    1. Hall, J. A. (2011). Accounting Information Systems (7th ed.). Cengage Learning.
    2. Sadasdas
    3. sadasd
    IT6

    Name/s: ARAGON, Althene Nicole G. Schedule: MW 1:00-2:30 PM


    Section: M31

    EXER. FT 1: IT AUDIT PROGRAM FOR TEST OF GENERAL CONTROLS

    2. Data Management Controls


    AUDIT OBJECTIVES
    1. To verify that individuals who are authorized to use the database are limited to
    accessing only the data needed to perform their duties.
    2. To verify that unauthorized individuals are denied access to the database.
    3. To verify that database backup controls are adequate to facilitate the recovery of
    lost, destroyed, or corrupted data.

    POSSIBLE ERRORS + IRREGULARITIES


    4. Unauthorized access
    5. Virus infection
    6. Cybercrime attacks

    AUDIT PROCEDURES
    6. Review the organization’s policies for separating incompatible functions and
    ensure that they promote reasonable security.
    7. Review the users’ permitted log-on times.
    8. Verify that all users are required to have passwords.
    9. Verify that the current version of antiviral software is installed on the server and
    that upgrades regularly downloaded to workstations.
    10. Select a sample of security violation cases and evaluate their disposition to
    assess the effectiveness of the security group.

    INTERNAL CONTROL CHECKLIST


    5. How does the company keep unwanted / unauthorized access out of their
    system?
    6. What is the company’s policy with regards to the users’ passwords?
    7. Are the permitted users’ passwords strong enough to avoid unauthorized
    access?
    8. Does the company employ an excellent antivirus software?

    REFERENCES
    4. SASD
    5. ASDAS
    6. SDASDASD

    IT6

    Name/s: ARAGON, Althene Nicole G. Schedule: MW 1:00-2:30 PM


    Section: M31
    EXER. FT 1: IT AUDIT PROGRAM FOR TEST OF GENERAL CONTROLS

    4. Computer Center Security and Controls


    AUDIT OBJECTIVES
    5. To verify that access privileges are granted in a manner that is consistent with
    the need to separate incompatible functions and is in accordance with the
    organization’s policy.
    6. To ensure that the organization has an adequate and effective password policy
    for contolling access to the operating system.
    7. To verify that effective management policies and procedures are in place to
    prevent the introduction and spread of destructive programs, including viruses,
    worms, back doors, logic bombs, and Trojan horses.
    8. To ensure that the established system audit trail is adequate for preventing and
    detecting abuses, reconstructing key events that precede system failures, and
    planning resource allocation.

    POSSIBLE ERRORS + IRREGULARITIES


    7. Unauthorized access
    8. Virus infection
    9. Cybercrime attacks

    AUDIT PROCEDURES
    11. Review the organization’s policies for separating incompatible functions and
    ensure that they promote reasonable security.
    12. Review the users’ permitted log-on times.
    13. Verify that all users are required to have passwords.
    14. Verify that the current version of antiviral software is installed on the server and
    that upgrades regularly downloaded to workstations.
    15. Select a sample of security violation cases and evaluate their disposition to
    assess the effectiveness of the security group.

    INTERNAL CONTROL CHECKLIST


    9. How does the company keep unwanted / unauthorized access out of their
    system?
    10. What is the company’s policy with regards to the users’ passwords?
    11. Are the permitted users’ passwords strong enough to avoid unauthorized
    access?
    12. Does the company employ an excellent antivirus software?

    REFERENCES
    7. SASD
    8. ASDAS
    9. SDASDASD

    IT6

    Name/s: ARAGON, Althene Nicole G. Schedule: MW 1:00-2:30 PM


    Section: M31
    EXER. FT 1: IT AUDIT PROGRAM FOR TEST OF GENERAL CONTROLS

    9. IT Organizational Structure Controls


    AUDIT OBJECTIVES
    10. To verify that access privileges are granted in a manner that is consistent with
    the need to separate incompatible functions and is in accordance with the
    organization’s policy.
    11. To ensure that the organization has an adequate and effective password policy
    for contolling access to the operating system.
    12. To verify that effective management policies and procedures are in place to
    prevent the introduction and spread of destructive programs, including viruses,
    worms, back doors, logic bombs, and Trojan horses.
    13. To ensure that the established system audit trail is adequate for preventing and
    detecting abuses, reconstructing key events that precede system failures, and
    planning resource allocation.

    POSSIBLE ERRORS + IRREGULARITIES


    10. Unauthorized access
    11. Virus infection
    12. Cybercrime attacks

    AUDIT PROCEDURES
    16. Review the organization’s policies for separating incompatible functions and
    ensure that they promote reasonable security.
    17. Review the users’ permitted log-on times.
    18. Verify that all users are required to have passwords.
    19. Verify that the current version of antiviral software is installed on the server and
    that upgrades regularly downloaded to workstations.
    20. Select a sample of security violation cases and evaluate their disposition to
    assess the effectiveness of the security group.

    INTERNAL CONTROL CHECKLIST


    13. How does the company keep unwanted / unauthorized access out of their
    system?
    14. What is the company’s policy with regards to the users’ passwords?
    15. Are the permitted users’ passwords strong enough to avoid unauthorized
    access?
    16. Does the company employ an excellent antivirus software?

    REFERENCES
    10. SASD
    11. ASDAS
    12. SDASDASD

    IT6

    Name/s: ARAGON, Althene Nicole G. Schedule: MW 1:00-2:30 PM


    Section: M31
    EXER. FT 1: IT AUDIT PROGRAM FOR TEST OF GENERAL CONTROLS

    14. System Development Controls


    AUDIT OBJECTIVES
    15. To verify that access privileges are granted in a manner that is consistent with
    the need to separate incompatible functions and is in accordance with the
    organization’s policy.
    16. To ensure that the organization has an adequate and effective password policy
    for contolling access to the operating system.
    17. To verify that effective management policies and procedures are in place to
    prevent the introduction and spread of destructive programs, including viruses,
    worms, back doors, logic bombs, and Trojan horses.
    18. To ensure that the established system audit trail is adequate for preventing and
    detecting abuses, reconstructing key events that precede system failures, and
    planning resource allocation.

    POSSIBLE ERRORS + IRREGULARITIES


    13. Unauthorized access
    14. Virus infection
    15. Cybercrime attacks

    AUDIT PROCEDURES
    21. Review the organization’s policies for separating incompatible functions and
    ensure that they promote reasonable security.
    22. Review the users’ permitted log-on times.
    23. Verify that all users are required to have passwords.
    24. Verify that the current version of antiviral software is installed on the server and
    that upgrades regularly downloaded to workstations.
    25. Select a sample of security violation cases and evaluate their disposition to
    assess the effectiveness of the security group.

    INTERNAL CONTROL CHECKLIST


    17. How does the company keep unwanted / unauthorized access out of their
    system?
    18. What is the company’s policy with regards to the users’ passwords?
    19. Are the permitted users’ passwords strong enough to avoid unauthorized
    access?
    20. Does the company employ an excellent antivirus software?

    REFERENCES
    13. SASD
    14. ASDAS
    15. SDASDASD

    IT6

    Name/s: ARAGON, Althene Nicole G. Schedule: MW 1:00-2:30 PM


    Section: M31
    EXER. FT 1: IT AUDIT PROGRAM FOR TEST OF GENERAL CONTROLS

    19. System Maintenance Controls


    AUDIT OBJECTIVES
    20. To verify that access privileges are granted in a manner that is consistent with
    the need to separate incompatible functions and is in accordance with the
    organization’s policy.
    21. To ensure that the organization has an adequate and effective password policy
    for contolling access to the operating system.
    22. To verify that effective management policies and procedures are in place to
    prevent the introduction and spread of destructive programs, including viruses,
    worms, back doors, logic bombs, and Trojan horses.
    23. To ensure that the established system audit trail is adequate for preventing and
    detecting abuses, reconstructing key events that precede system failures, and
    planning resource allocation.

    POSSIBLE ERRORS + IRREGULARITIES


    16. Unauthorized access
    17. Virus infection
    18. Cybercrime attacks

    AUDIT PROCEDURES
    26. Review the organization’s policies for separating incompatible functions and
    ensure that they promote reasonable security.
    27. Review the users’ permitted log-on times.
    28. Verify that all users are required to have passwords.
    29. Verify that the current version of antiviral software is installed on the server and
    that upgrades regularly downloaded to workstations.
    30. Select a sample of security violation cases and evaluate their disposition to
    assess the effectiveness of the security group.

    INTERNAL CONTROL CHECKLIST


    21. How does the company keep unwanted / unauthorized access out of their
    system?
    22. What is the company’s policy with regards to the users’ passwords?
    23. Are the permitted users’ passwords strong enough to avoid unauthorized
    access?
    24. Does the company employ an excellent antivirus software?

    REFERENCES
    16. SASD
    17. ASDAS
    18. SDASDASD

    IT6

    Name/s: ARAGON, Althene Nicole G. Schedule: MW 1:00-2:30 PM


    Section: M31
    EXER. FT 1: IT AUDIT PROGRAM FOR TEST OF GENERAL CONTROLS

    24. Internet and Intranet Controls


    AUDIT OBJECTIVES
    25. To verify that access privileges are granted in a manner that is consistent with
    the need to separate incompatible functions and is in accordance with the
    organization’s policy.
    26. To ensure that the organization has an adequate and effective password policy
    for contolling access to the operating system.
    27. To verify that effective management policies and procedures are in place to
    prevent the introduction and spread of destructive programs, including viruses,
    worms, back doors, logic bombs, and Trojan horses.
    28. To ensure that the established system audit trail is adequate for preventing and
    detecting abuses, reconstructing key events that precede system failures, and
    planning resource allocation.

    POSSIBLE ERRORS + IRREGULARITIES


    19. Unauthorized access
    20. Virus infection
    21. Cybercrime attacks

    AUDIT PROCEDURES
    31. Review the organization’s policies for separating incompatible functions and
    ensure that they promote reasonable security.
    32. Review the users’ permitted log-on times.
    33. Verify that all users are required to have passwords.
    34. Verify that the current version of antiviral software is installed on the server and
    that upgrades regularly downloaded to workstations.
    35. Select a sample of security violation cases and evaluate their disposition to
    assess the effectiveness of the security group.

    INTERNAL CONTROL CHECKLIST


    25. How does the company keep unwanted / unauthorized access out of their
    system?
    26. What is the company’s policy with regards to the users’ passwords?
    27. Are the permitted users’ passwords strong enough to avoid unauthorized
    access?
    28. Does the company employ an excellent antivirus software?

    REFERENCES
    19. SASD
    20. ASDAS
    21. SDASDASD

    IT6

    Name/s: ARAGON, Althene Nicole G. Schedule: MW 1:00-2:30 PM


    Section: M31
    EXER. FT 1: IT AUDIT PROGRAM FOR TEST OF GENERAL CONTROLS

    29. Electronic Data Interchange Controls


    AUDIT OBJECTIVES
    30. To verify that access privileges are granted in a manner that is consistent with
    the need to separate incompatible functions and is in accordance with the
    organization’s policy.
    31. To ensure that the organization has an adequate and effective password policy
    for contolling access to the operating system.
    32. To verify that effective management policies and procedures are in place to
    prevent the introduction and spread of destructive programs, including viruses,
    worms, back doors, logic bombs, and Trojan horses.
    33. To ensure that the established system audit trail is adequate for preventing and
    detecting abuses, reconstructing key events that precede system failures, and
    planning resource allocation.

    POSSIBLE ERRORS + IRREGULARITIES


    22. Unauthorized access
    23. Virus infection
    24. Cybercrime attacks

    AUDIT PROCEDURES
    36. Review the organization’s policies for separating incompatible functions and
    ensure that they promote reasonable security.
    37. Review the users’ permitted log-on times.
    38. Verify that all users are required to have passwords.
    39. Verify that the current version of antiviral software is installed on the server and
    that upgrades regularly downloaded to workstations.
    40. Select a sample of security violation cases and evaluate their disposition to
    assess the effectiveness of the security group.

    INTERNAL CONTROL CHECKLIST


    29. How does the company keep unwanted / unauthorized access out of their
    system?
    30. What is the company’s policy with regards to the users’ passwords?
    31. Are the permitted users’ passwords strong enough to avoid unauthorized
    access?
    32. Does the company employ an excellent antivirus software?

    REFERENCES
    22. SASD
    23. ASDAS
    24. SDASDASD

    IT6

    Name/s: ARAGON, Althene Nicole G. Schedule: MW 1:00-2:30 PM


    Section: M31
    EXER. FT 1: IT AUDIT PROGRAM FOR TEST OF GENERAL CONTROLS

    34. Computer Controls (Stand-Alone Environment)


    AUDIT OBJECTIVES
    35. To verify that access privileges are granted in a manner that is consistent with
    the need to separate incompatible functions and is in accordance with the
    organization’s policy.
    36. To ensure that the organization has an adequate and effective password policy
    for contolling access to the operating system.
    37. To verify that effective management policies and procedures are in place to
    prevent the introduction and spread of destructive programs, including viruses,
    worms, back doors, logic bombs, and Trojan horses.
    38. To ensure that the established system audit trail is adequate for preventing and
    detecting abuses, reconstructing key events that precede system failures, and
    planning resource allocation.

    POSSIBLE ERRORS + IRREGULARITIES


    25. Unauthorized access
    26. Virus infection
    27. Cybercrime attacks

    AUDIT PROCEDURES
    41. Review the organization’s policies for separating incompatible functions and
    ensure that they promote reasonable security.
    42. Review the users’ permitted log-on times.
    43. Verify that all users are required to have passwords.
    44. Verify that the current version of antiviral software is installed on the server and
    that upgrades regularly downloaded to workstations.
    45. Select a sample of security violation cases and evaluate their disposition to
    assess the effectiveness of the security group.

    INTERNAL CONTROL CHECKLIST


    33. How does the company keep unwanted / unauthorized access out of their
    system?
    34. What is the company’s policy with regards to the users’ passwords?
    35. Are the permitted users’ passwords strong enough to avoid unauthorized
    access?
    36. Does the company employ an excellent antivirus software?

    REFERENCES
    25. SASD
    26. ASDAS
    27. SDASDASD

    S-ar putea să vă placă și