CH 17.03 PBC Final

Client
Prepared By
CSU
W/P Ref:
Amy Vuong
Date
CFS IT General Controls PBC

3/22/2012
NOTES:
1. Please provide system-generated lists after April 1, 2012. We would like to have updated lists within the year-end time period. However, for controls that we will be selecting samples from, if there are no samples within th
list again at a later date to obtain a sample from the 4th quarter.
2. For all controls with the comment "Campus Selection Required", the following campuses have been selected:
1.) Chancellors Office
2.) Channel Islands
3.) Fullerton
4.) Long Beach
5.) Northridge
6.) Pomona
7.) Sacramento
8.) San Francisco
9.) San Jose
10.) San Luis Obispo
- For all campus access lists, the CO can evaluate the appropriateness of the users with the campus. If KPMG has any additional questions related to the users with access, we may contact the Campus afterwards.
3. To ensure the completeness of the system-generated listings, KPMG will observe (via Net Meeting, WebEx, in person, or screenshots) the parameters/criteria used during the generation process. For all controls with the co
for KPMG to observe the generation real-time or take screenshots of the process (e.g. parameters selected, etc.) while you generate the lists.
Please send requested PBC Items to one of the following individuals below. If there are any questions with regards to the below listing or the audit, please feel free to contact any of the listed individuals.
#
Name
email address
Office #
Primary
Perry Poon
ppoon@kpmg.com
213.955.8530
Darren Hu
darrenhu@kpmg.com
213.955.8825
Amy Vuong
avuong@kpmg.com
213.630.8096
Mobile #
626.689.9626
818.334.9366
626.625.3201
Fax #
213.652.1018
213.947.1672
213.652.1847
General Requests
PBC Item #
Item Name
Application
CFS-101
Job Titles
N/A
CFS-102
CMS IT Org Chart
N/A
Item Description
Please provide a system generated listing of all Active Employees with the following fields related to CFS:
1. Employee Name
2. Employee #
3. Job Title
Please provide a CMS Technical Organization Chart.
Contact
Requested Date
Date Due
to KPMG
Mick
3/22/2012
4/9/2012
Mick
3/22/2012
4/9/2012
1 of 67
Client
Prepared By
CSU
W/P Ref:
Amy Vuong
Date

3/22/2012
NOTES:
2.) Channel Islands
3.) Fullerton
4.) Long Beach
5.) Northridge
6.) Pomona
7.) Sacramento
8.) San Francisco
9.) San Jose
#
Name
email address
Office #
Primary
Perry Poon
ppoon@kpmg.com
213.955.8530
Darren Hu
darrenhu@kpmg.com
213.955.8825
Amy Vuong
avuong@kpmg.com
213.630.8096
Mobile #
626.689.9626
818.334.9366
626.625.3201
Fax #
213.652.1018
213.947.1672
213.652.1847
General Requests
PBC Item #
CFS-103
Item Name
Application
Application
N/A
Item Description
Please provide the following information about CFS (Common Financial System) and the supporting network and
infrastructure:
1. Location where Application is Hosted
2. Operating System
3. Backend Database
Contact
Requested Date
Date Due
to KPMG
George
3/22/2012
4/9/2012
2 of 67
Client
Prepared By
CSU
W/P Ref:
Amy Vuong
Date

3/22/2012
NOTES:
2.) Channel Islands
3.) Fullerton
4.) Long Beach
5.) Northridge
6.) Pomona
7.) Sacramento
8.) San Francisco
9.) San Jose
#
Name
email address
Office #
Primary
Perry Poon
ppoon@kpmg.com
213.955.8530
Darren Hu
darrenhu@kpmg.com
213.955.8825
Amy Vuong
avuong@kpmg.com
213.630.8096
Mobile #
626.689.9626
818.334.9366
626.625.3201
Fax #
213.652.1018
213.947.1672
213.652.1847
General Requests
PBC Item #
Item Name
Application
CFS-104
IT Strategy
N/A
Item Description
Please provide documentation relating to IT plans, budgets, future implementations and any other relevant
information that would illustrate local campus and overall IT goals and initiatives for the current year.
Contact
Requested Date
Date Due
to KPMG
Mick
3/22/2012
4/9/2012
Contact
Requested Date
Date Due
to KPMG
Note: Roadmap represents campus and CMS strategy/objectives.
Access to Programs and Data

PBC Item #
Item Name
Application
Item Description
3 of 67
Client
Prepared By
CSU
W/P Ref:
Amy Vuong
Date

3/22/2012
NOTES:
2.) Channel Islands
3.) Fullerton
4.) Long Beach
5.) Northridge
6.) Pomona
7.) Sacramento
8.) San Francisco
9.) San Jose
#
Name
email address
Office #
Primary
Perry Poon
ppoon@kpmg.com
213.955.8530
Darren Hu
darrenhu@kpmg.com
213.955.8825
Amy Vuong
avuong@kpmg.com
213.630.8096
Mobile #
626.689.9626
818.334.9366
626.625.3201
Fax #
213.652.1018
213.947.1672
213.652.1847
General Requests
PBC Item #
CFS-201
Item Name
IT Policies
Application
N/A
Item Description
Please provide IT Policies and Procedures that govern IT Security and Operations, such as policies over the
following areas:
- New User Access / Terminations
- Password Policy (Access Control standards document)
- Privileged Access
- Physical Access
- User Access Review
Contact
Requested Date
Date Due
to KPMG
Mick/William
3/22/2012
4/9/2012
4 of 67
Client
Prepared By
CSU
W/P Ref:
Amy Vuong
Date

3/22/2012
NOTES:
2.) Channel Islands
3.) Fullerton
4.) Long Beach
5.) Northridge
6.) Pomona
7.) Sacramento
8.) San Francisco
9.) San Jose
#
Name
email address
Office #
Primary
Perry Poon
ppoon@kpmg.com
213.955.8530
Darren Hu
darrenhu@kpmg.com
213.955.8825
Amy Vuong
avuong@kpmg.com
213.630.8096
Mobile #
626.689.9626
818.334.9366
626.625.3201
Fax #
213.652.1018
213.947.1672
213.652.1847
General Requests
PBC Item #
Item Name
Application
Item Description
CFS-202
IT Policies Screenshot
N/A
Please provide a screenshot of IT Policies and Procedures on the CSU intranet as evidence showing Policies and
Procedures are available to CSU Campuses for review.
CFS-203
IT Policies
N/A
1. Please provide access or a copy of the most recent system wide information security standards.
2. Please provide information on how often the information security policy and information security standards will be
reviewed.
Contact
Requested Date
Date Due
to KPMG
Mick/William
3/22/2012
4/9/2012
Alex
3/22/2012
4/9/2012
5 of 67
Client
Prepared By
CSU
W/P Ref:
Amy Vuong
Date

3/22/2012
NOTES:
2.) Channel Islands
3.) Fullerton
4.) Long Beach
5.) Northridge
6.) Pomona
7.) Sacramento
8.) San Francisco
9.) San Jose
#
Name
email address
Office #
Primary
Perry Poon
ppoon@kpmg.com
213.955.8530
Darren Hu
darrenhu@kpmg.com
213.955.8825
Amy Vuong
avuong@kpmg.com
213.630.8096
Mobile #
626.689.9626
818.334.9366
626.625.3201
Fax #
213.652.1018
213.947.1672
213.652.1847
General Requests
PBC Item #
Item Name
Application
CFS-204
Password
CFS
Item Description
1. Please provide screenshots of Single Sign-On (SSO) configuration between CFS and the CSU Portal.
2. Please provide screenshot of CSU Portal password configurations for each campus.
3. Deficiency noted PY11: The Access Control standards document is still in draft form and has not yet been
approved and distributed to the campuses. Requested in CFS-201. Please provide update on this.
Contact
Requested Date
Date Due
to KPMG
Wiliam/Alex
Mick/George
3/22/2012
4/9/2012
6 of 67
Client
Prepared By
CSU
W/P Ref:
Amy Vuong
Date

3/22/2012
NOTES:
2.) Channel Islands
3.) Fullerton
4.) Long Beach
5.) Northridge
6.) Pomona
7.) Sacramento
8.) San Francisco
9.) San Jose
#
Name
email address
Office #
Primary
Perry Poon
ppoon@kpmg.com
213.955.8530
Darren Hu
darrenhu@kpmg.com
213.955.8825
Amy Vuong
avuong@kpmg.com
213.630.8096
Mobile #
626.689.9626
818.334.9366
626.625.3201
Fax #
213.652.1018
213.947.1672
213.652.1847
General Requests
PBC Item #
CFS-205
Item Name
CFS Access Tables
Application
CFS
Item Description
Please provide a system generated data extract of the following PeopleSoft Tables from the CFS PS Financials
database. If possible, we would like the tables in an excel spreadsheet or access database. Tables that have more
than the 65,000 row limit enforced by Excel can be split into multiple worksheets. The spreadsheets need to come
directly from the production database server and not from PS Query (PS Query formats the data incorrectly and
changes column names). The first row must be the column header, the rest just data.
PSAUTHITEM
PSOPRCLS
PSROLEDEFN
PSCLASSDEFN
PSMENUDEFN
PSMENUITEM
Contact
Requested Date
Date Due
to KPMG
George
3/22/2012
4/9/2012
7 of 67
Client
Prepared By
CSU
W/P Ref:
Amy Vuong
Date

3/22/2012
NOTES:
2.) Channel Islands
3.) Fullerton
4.) Long Beach
5.) Northridge
6.) Pomona
7.) Sacramento
8.) San Francisco
9.) San Jose
#
Name
email address
Office #
Primary
Perry Poon
ppoon@kpmg.com
213.955.8530
Darren Hu
darrenhu@kpmg.com
213.955.8825
Amy Vuong
avuong@kpmg.com
213.630.8096
Mobile #
626.689.9626
818.334.9366
626.625.3201
Fax #
213.652.1018
213.947.1672
213.652.1847
General Requests
PBC Item #
CFS-206
Item Name
CFS Privileged Access
Application
CFS
Item Description
Please provide results for the following query scripts (related to request CFS-205):
1. Maintain_Security
2. Administer_Security
3. PSADMIN
4. Application_Designer
5. Data_Mover
6. DBA
Contact
Requested Date
Date Due
to KPMG
George
3/22/2012
4/9/2012
8 of 67
Client
Prepared By
CSU
W/P Ref:
Amy Vuong
Date

3/22/2012
NOTES:
2.) Channel Islands
3.) Fullerton
4.) Long Beach
5.) Northridge
6.) Pomona
7.) Sacramento
8.) San Francisco
9.) San Jose
#
Name
email address
Office #
Primary
Perry Poon
ppoon@kpmg.com
213.955.8530
Darren Hu
darrenhu@kpmg.com
213.955.8825
Amy Vuong
avuong@kpmg.com
213.630.8096
Mobile #
626.689.9626
818.334.9366
626.625.3201
Fax #
213.652.1018
213.947.1672
213.652.1847
General Requests
PBC Item #
Item Name
Application
Item Description
CFS-207
Privileged Access
Confirmation
CFS
Upon receipt of user access listings, will need CSU to confirm appropriateness of users with privileged access to
CFS.
CFS-208
CFS Privileged Access
CFS
Maintain_Security and Administer_Security Security Report reviews

- Selection of 3 months (September, January, April)
Contact
Requested Date
Date Due
to KPMG
Alex
3/22/2012
4/9/2012
William
3/22/2012
4/9/2012
9 of 67
Client
Prepared By
CSU
W/P Ref:
Amy Vuong
Date

3/22/2012
NOTES:
2.) Channel Islands
3.) Fullerton
4.) Long Beach
5.) Northridge
6.) Pomona
7.) Sacramento
8.) San Francisco
9.) San Jose
#
Name
email address
Office #
Primary
Perry Poon
ppoon@kpmg.com
213.955.8530
Darren Hu
darrenhu@kpmg.com
213.955.8825
Amy Vuong
avuong@kpmg.com
213.630.8096
Mobile #
626.689.9626
818.334.9366
626.625.3201
Fax #
213.652.1018
213.947.1672
213.652.1847
General Requests
PBC Item #
CFS-209
Item Name
CFS DBA Access
Application
Item Description
Contact
Requested Date
Date Due
to KPMG
CFS
Please provide a system generated listing of users with access to the backend Oracle database for CFS (DBA role).
Please include the following information:
1. Name
2. User Name
3. Role
4. Disabled Account Flag
5. Last Login Date
George
3/22/2012
4/9/2012
10 of 67
Client
Prepared By
CSU
W/P Ref:
Amy Vuong
Date

3/22/2012
NOTES:
2.) Channel Islands
3.) Fullerton
4.) Long Beach
5.) Northridge
6.) Pomona
7.) Sacramento
8.) San Francisco
9.) San Jose
#
Name
email address
Office #
Primary
Perry Poon
ppoon@kpmg.com
213.955.8530
Darren Hu
darrenhu@kpmg.com
213.955.8825
Amy Vuong
avuong@kpmg.com
213.630.8096
Mobile #
626.689.9626
818.334.9366
626.625.3201
Fax #
213.652.1018
213.947.1672
213.652.1847
General Requests
PBC Item #
CFS-210
Item Name
New Hire Listing
Application
N/A
Item Description
Please provide a system generated listing of new Hire Personnel (Faculty & Staff) for the review period (07/01/11 Current). Please ensure the following fields are included:
1. Full Name
2. Job Title
3. Department
4. Hire Date
5. Employee ID #
Contact
Requested Date
Date Due
to KPMG
Mick
3/22/2012
4/9/2012
11 of 67
Client
Prepared By
CSU
W/P Ref:
Amy Vuong
Date

3/22/2012
NOTES:
2.) Channel Islands
3.) Fullerton
4.) Long Beach
5.) Northridge
6.) Pomona
7.) Sacramento
8.) San Francisco
9.) San Jose
#
Name
email address
Office #
Primary
Perry Poon
ppoon@kpmg.com
213.955.8530
Darren Hu
darrenhu@kpmg.com
213.955.8825
Amy Vuong
avuong@kpmg.com
213.630.8096
Mobile #
626.689.9626
818.334.9366
626.625.3201
Fax #
213.652.1018
213.947.1672
213.652.1847
General Requests
PBC Item #
Item Name
Application
CFS-211
New Hire Form Sample
CFS
CFS-212
New Hire Access
CFS
Item Description
Please provide a sample user access form requesting for New CFS access.
Contact
Requested Date
Date Due
to KPMG
Mick
3/22/2012
4/9/2012
Mick
3/22/2012
4/9/2012
[Sample Selection to be provided at a later date to the Campus]

Please provide the New Hire Access Request approval forms for the requested New Hire selection for CFS Access.
12 of 67
Client
Prepared By
CSU
W/P Ref:
Amy Vuong
Date

3/22/2012
NOTES:
2.) Channel Islands
3.) Fullerton
4.) Long Beach
5.) Northridge
6.) Pomona
7.) Sacramento
8.) San Francisco
9.) San Jose
#
Name
email address
Office #
Primary
Perry Poon
ppoon@kpmg.com
213.955.8530
Darren Hu
darrenhu@kpmg.com
213.955.8825
Amy Vuong
avuong@kpmg.com
213.630.8096
Mobile #
626.689.9626
818.334.9366
626.625.3201
Fax #
213.652.1018
213.947.1672
213.652.1847
General Requests
PBC Item #
CFS-213
Item Name
Transfer Listing
Application
Item Description
Contact
Requested Date
Date Due
to KPMG
N/A
Please provide a system generated listing of Transferred Personnel (Faculty & Staff) for the review period (07/01/11
- Current). Please ensure the following fields are included:
1. Full Name
2. Old Job Title
3. New Job Title
4. Old Department
5. New Department
6. Transfer Date
7. Employee ID #
8. Reason for Transfer (Promotion, Department Change, etc)
Mick
3/22/2012
4/9/2012
13 of 67
Client
Prepared By
CSU
W/P Ref:
Amy Vuong
Date

3/22/2012
NOTES:
2.) Channel Islands
3.) Fullerton
4.) Long Beach
5.) Northridge
6.) Pomona
7.) Sacramento
8.) San Francisco
9.) San Jose
#
Name
email address
Office #
Primary
Perry Poon
ppoon@kpmg.com
213.955.8530
Darren Hu
darrenhu@kpmg.com
213.955.8825
Amy Vuong
avuong@kpmg.com
213.630.8096
Mobile #
626.689.9626
818.334.9366
626.625.3201
Fax #
213.652.1018
213.947.1672
213.652.1847
General Requests
PBC Item #
Item Name
Application
CFS-214
Transfer Form Sample
CFS
CFS-215
Transfer Access
CFS
Item Description
Please provide a sample user access form requesting modification of access (Campus and Oracle Req Form).
Contact
Requested Date
Date Due
to KPMG
Mick
3/22/2012
4/9/2012
Mick
3/22/2012
4/9/2012

Please provide the Transfer Access Request approval forms for the requested Transfer selection for CFS Access.
14 of 67
Client
Prepared By
CSU
W/P Ref:
Amy Vuong
Date

3/22/2012
NOTES:
2.) Channel Islands
3.) Fullerton
4.) Long Beach
5.) Northridge
6.) Pomona
7.) Sacramento
8.) San Francisco
9.) San Jose
#
Name
email address
Office #
Primary
Perry Poon
ppoon@kpmg.com
213.955.8530
Darren Hu
darrenhu@kpmg.com
213.955.8825
Amy Vuong
avuong@kpmg.com
213.630.8096
Mobile #
626.689.9626
818.334.9366
626.625.3201
Fax #
213.652.1018
213.947.1672
213.652.1847
General Requests
PBC Item #
CFS-216
Item Name
Terminations Listing
Application
Item Description
Contact
Requested Date
Date Due
to KPMG
N/A
Please provide a system generated listing of Terminated Personnel (Faculty & Staff) for the review period (07/01/11
- Current). Please ensure the following fields are included:
1. Full Name
2. Job Title
3. Department
4. Terminated Date
5. Employee ID #
Mick
3/22/2012
4/9/2012
15 of 67
Client
Prepared By
CSU
W/P Ref:
Amy Vuong
Date

3/22/2012
NOTES:
2.) Channel Islands
3.) Fullerton
4.) Long Beach
5.) Northridge
6.) Pomona
7.) Sacramento
8.) San Francisco
9.) San Jose
#
Name
email address
Office #
Primary
Perry Poon
ppoon@kpmg.com
213.955.8530
Darren Hu
darrenhu@kpmg.com
213.955.8825
Amy Vuong
avuong@kpmg.com
213.630.8096
Mobile #
626.689.9626
818.334.9366
626.625.3201
Fax #
213.652.1018
213.947.1672
213.652.1847
General Requests
PBC Item #
Item Name
Application
CFS-217
Access Terminations
CFS
Item Description
Contact
Requested Date
Date Due
to KPMG
Mick
3/22/2012
4/9/2012
Mick/William
3/22/2012
4/9/2012

Please provide the evidence of timely removal of access for the requested termination selections for CFS access.
CFS-218
User Access Reviews
CFS
Please provide evidence of annual management review over user access reviews for the CFS application. Please
include evidence of supporting documentation and criteria used for evaluating appropriateness of access. (Note electronic signature as an approval, such as an email, is sufficient).
16 of 67
Client
Prepared By
CSU
W/P Ref:
Amy Vuong
Date

3/22/2012
NOTES:
2.) Channel Islands
3.) Fullerton
4.) Long Beach
5.) Northridge
6.) Pomona
7.) Sacramento
8.) San Francisco
9.) San Jose
#
Name
email address
Office #
Primary
Perry Poon
ppoon@kpmg.com
213.955.8530
Darren Hu
darrenhu@kpmg.com
213.955.8825
Amy Vuong
avuong@kpmg.com
213.630.8096
Mobile #
626.689.9626
818.334.9366
626.625.3201
Fax #
213.652.1018
213.947.1672
213.652.1847
General Requests
PBC Item #
Item Name
Application
Item Description
CFS-219
SOD Reviews
CFS
Please provide evidence of the annual Segregation of Duties review over user access within the CFS application.
Please include evidence of supporting documentation and criteria used for evaluating appropriateness of access.
(Note - electronic signature as an approval, such as an email, is sufficient).
CFS-220
SOD Exception Form
CFS
Please provide the Published documentation regarding CMSETS account.
Contact
Requested Date
Date Due
to KPMG
William
3/22/2012
4/9/2012
Alex
3/22/2012
4/9/2012
17 of 67
Client
Prepared By
CSU
W/P Ref:
Amy Vuong
Date

3/22/2012
NOTES:
2.) Channel Islands
3.) Fullerton
4.) Long Beach
5.) Northridge
6.) Pomona
7.) Sacramento
8.) San Francisco
9.) San Jose
#
Name
email address
Office #
Primary
Perry Poon
ppoon@kpmg.com
213.955.8530
Darren Hu
darrenhu@kpmg.com
213.955.8825
Amy Vuong
avuong@kpmg.com
213.630.8096
Mobile #
626.689.9626
818.334.9366
626.625.3201
Fax #
213.652.1018
213.947.1672
213.652.1847
General Requests
PBC Item #
Item Name
Application
CFS-221
Privileged Access
Monitoring
CFS
Item Name
Application
Item Description
Contact
Requested Date
Date Due
to KPMG
Alex
3/22/2012
4/9/2012
Contact
Requested Date
Date Due
to KPMG
Please provide policies and procedures over the monitoring of Privilege Access users - where Segregation of Duties
Conflict exist, if applicable.
Please provide screenshot of sharepoint folder where security audit reports showing permission and role changes
are stored.
Program Changes
PBC Item #
Item Description
18 of 67
Client
Prepared By
CSU
W/P Ref:
Amy Vuong
Date

3/22/2012
NOTES:
2.) Channel Islands
3.) Fullerton
4.) Long Beach
5.) Northridge
6.) Pomona
7.) Sacramento
8.) San Francisco
9.) San Jose
#
Name
email address
Office #
Primary
Perry Poon
ppoon@kpmg.com
213.955.8530
Darren Hu
darrenhu@kpmg.com
213.955.8825
Amy Vuong
avuong@kpmg.com
213.630.8096
Mobile #
626.689.9626
818.334.9366
626.625.3201
Fax #
213.652.1018
213.947.1672
213.652.1847
General Requests
PBC Item #
Item Name
Application
CFS-301
Program Change Policy
CFS
Item Description
1. Please provide policies and procedures on how changes to the CFS Application are controlled, requested,
reviewed, approved, and implemented. For example: Control Procedures over program changes made by the
campus to the PeopleSoft application.
2. Please also provide change management policies over CFS enhancements and scripts.
Contact
Requested Date
Date Due
to KPMG
Mick
3/22/2012
4/9/2012
19 of 67
Client
Prepared By
CSU
W/P Ref:
Amy Vuong
Date

3/22/2012
NOTES:
2.) Channel Islands
3.) Fullerton
4.) Long Beach
5.) Northridge
6.) Pomona
7.) Sacramento
8.) San Francisco
9.) San Jose
#
Name
email address
Office #
Primary
Perry Poon
ppoon@kpmg.com
213.955.8530
Darren Hu
darrenhu@kpmg.com
213.955.8825
Amy Vuong
avuong@kpmg.com
213.630.8096
Mobile #
626.689.9626
818.334.9366
626.625.3201
Fax #
213.652.1018
213.947.1672
213.652.1847
General Requests
PBC Item #
Item Name
Application
CFS-302
Configuration Change
Policy
CFS
Item Description
Please provide policies and procedures on how changes to System Configuration Settings within the CFS
application are controlled, requested, reviewed, approved, and implemented.
Contact
Requested Date
Date Due
to KPMG
Mick
3/22/2012
4/9/2012
For example: Control procedures over changes made to tolerance levels, 3-Way Match configuration settings, etc.
20 of 67
Client
Prepared By
CSU
W/P Ref:
Amy Vuong
Date

3/22/2012
NOTES:
2.) Channel Islands
3.) Fullerton
4.) Long Beach
5.) Northridge
6.) Pomona
7.) Sacramento
8.) San Francisco
9.) San Jose
#
Name
email address
Office #
Primary
Perry Poon
ppoon@kpmg.com
213.955.8530
Darren Hu
darrenhu@kpmg.com
213.955.8825
Amy Vuong
avuong@kpmg.com
213.630.8096
Mobile #
626.689.9626
818.334.9366
626.625.3201
Fax #
213.652.1018
213.947.1672
213.652.1847
General Requests
PBC Item #
Item Name
Application
CFS-303
Program Change
CFS
Item Description
Please provide a system generated listing of Program Changes to the CFS system for all Campuses, including
emergency and configuration changes from 07/01/11 - Current.
Contact
Requested Date
Date Due
to KPMG
George
3/22/2012
4/9/2012
George
3/22/2012
4/9/2012
From this listing we will make further selections and request additional documentation.
CFS-304
Program Change Form
CFS
Please provide a blank CFS Interface Approval and Design Request form.
21 of 67
Client
Prepared By
CSU
W/P Ref:
Amy Vuong
Date

3/22/2012
NOTES:
2.) Channel Islands
3.) Fullerton
4.) Long Beach
5.) Northridge
6.) Pomona
7.) Sacramento
8.) San Francisco
9.) San Jose
#
Name
email address
Office #
Primary
Perry Poon
ppoon@kpmg.com
213.955.8530
Darren Hu
darrenhu@kpmg.com
213.955.8825
Amy Vuong
avuong@kpmg.com
213.630.8096
Mobile #
626.689.9626
818.334.9366
626.625.3201
Fax #
213.652.1018
213.947.1672
213.652.1847
General Requests
PBC Item #
Item Name
Application
CFS-305
Program Change Form
CFS
Item Description
Contact
Requested Date
Date Due
to KPMG
George
3/22/2012
4/9/2012
Mick
3/22/2012
4/9/2012
[Sample Selection to be provided at a later date]

Please provide the Program Change Request form for the sample selection provided.
CFS-306
Program Migration
Access Policy
CFS
Please provide policies and procedures over the Access for the ability to perform Program Changes to the
PeopleSoft application - Application Designer and Data Mover Access (related to request CFS-206).
22 of 67
Client
Prepared By
CSU
W/P Ref:
Amy Vuong
Date

3/22/2012
NOTES:
2.) Channel Islands
3.) Fullerton
4.) Long Beach
5.) Northridge
6.) Pomona
7.) Sacramento
8.) San Francisco
9.) San Jose
#
Name
email address
Office #
Primary
Perry Poon
ppoon@kpmg.com
213.955.8530
Darren Hu
darrenhu@kpmg.com
213.955.8825
Amy Vuong
avuong@kpmg.com
213.630.8096
Mobile #
626.689.9626
818.334.9366
626.625.3201
Fax #
213.652.1018
213.947.1672
213.652.1847
General Requests
Contact
Requested Date
Date Due
to KPMG
Mick
3/22/2012
4/9/2012
Please provide the CFS Modification Governance document (please include a blank modification request form if not
attached in the governance document).
George
3/22/2012
4/9/2012
CFS
Please provide documentation over the process of verifying that CMSETS account only performs change
migrations.
George
3/22/2012
4/9/2012
CFS
Please provide the CFS Modification Log (Refer to CFS-308).
George
3/22/2012
4/9/2012
PBC Item #
Item Name
Application
Item Description
CFS-307
Configuration Changes
Population
CFS
Please provide a system generated listing of Configuration Changes to the CFS system under CTI: CMS->CFS>Configuration.
CFS-308
CFS Modification
Governance
CFS
CFS-309
CMSETS Migration
CFS-310
CFS modification log
23 of 67
Client
Prepared By
CSU
W/P Ref:
Amy Vuong
Date

3/22/2012
NOTES:
2.) Channel Islands
3.) Fullerton
4.) Long Beach
5.) Northridge
6.) Pomona
7.) Sacramento
8.) San Francisco
9.) San Jose
#
Name
email address
Office #
Primary
Perry Poon
ppoon@kpmg.com
213.955.8530
Darren Hu
darrenhu@kpmg.com
213.955.8825
Amy Vuong
avuong@kpmg.com
213.630.8096
Mobile #
626.689.9626
818.334.9366
626.625.3201
Fax #
213.652.1018
213.947.1672
213.652.1847
General Requests
PBC Item #
Item Name
Application
CFS-311
CFS change review
CFS
Item Name
Application
Item Description
Please provide a sample change log reviewed by Chad Woods.
Contact
Requested Date
Date Due
to KPMG
George
3/22/2012
4/9/2012
Contact
Requested Date
Date Due
to KPMG
Program Development
PBC Item #
Item Description
24 of 67
Client
Prepared By
CSU
W/P Ref:
Amy Vuong
Date

3/22/2012
NOTES:
2.) Channel Islands
3.) Fullerton
4.) Long Beach
5.) Northridge
6.) Pomona
7.) Sacramento
8.) San Francisco
9.) San Jose
#
Name
email address
Office #
Primary
Perry Poon
ppoon@kpmg.com
213.955.8530
Darren Hu
darrenhu@kpmg.com
213.955.8825
Amy Vuong
avuong@kpmg.com
213.630.8096
Mobile #
626.689.9626
818.334.9366
626.625.3201
Fax #
213.652.1018
213.947.1672
213.652.1847
General Requests
PBC Item #
Item Name
Application
CFS-401
Development
CFS
Item Name
Application
Item Description
Please provide an overview of the Asset Management implementation. Details should include the following:
1. Which 6 campuses are implementing this year?
2. What is the go-live date?
3. Further details on the Asset Management module.
Contact
Requested Date
Date Due
to KPMG
Lily
3/22/2012
4/9/2012
Contact
Requested Date
Date Due
to KPMG
Computer Operations
PBC Item #
Item Description
25 of 67
Client
Prepared By
CSU
W/P Ref:
Amy Vuong
Date

3/22/2012
NOTES:
2.) Channel Islands
3.) Fullerton
4.) Long Beach
5.) Northridge
6.) Pomona
7.) Sacramento
8.) San Francisco
9.) San Jose
#
Name
email address
Office #
Primary
Perry Poon
ppoon@kpmg.com
213.955.8530
Darren Hu
darrenhu@kpmg.com
213.955.8825
Amy Vuong
avuong@kpmg.com
213.630.8096
Mobile #
626.689.9626
818.334.9366
626.625.3201
Fax #
213.652.1018
213.947.1672
213.652.1847
General Requests
PBC Item #
Item Name
Application
Item Description
CFS-501
Unisys SSAE16
N/A
Please provide the most recent Unisys SSAE16 report.
CFS-502
Unisys SSAE16
N/A
Unisys management confirmation that no changes have been made that would affect the SSAE16 (quarterly).
CFS-503
Batch Jobs
CFS
Please provide a system generated list of CFS batch jobs and their schedules (CFS Job Scheduling Guide
document).
Contact
Requested Date
Date Due
to KPMG
Alex
3/22/2012
4/9/2012
Alex/William
3/22/2012
4/9/2012
George
3/22/2012
4/9/2012
26 of 67
Client
Prepared By
CSU
W/P Ref:
Amy Vuong
Date

3/22/2012
NOTES:
2.) Channel Islands
3.) Fullerton
4.) Long Beach
5.) Northridge
6.) Pomona
7.) Sacramento
8.) San Francisco
9.) San Jose
#
Name
email address
Office #
Primary
Perry Poon
ppoon@kpmg.com
213.955.8530
Darren Hu
darrenhu@kpmg.com
213.955.8825
Amy Vuong
avuong@kpmg.com
213.630.8096
Mobile #
626.689.9626
818.334.9366
626.625.3201
Fax #
213.652.1018
213.947.1672
213.652.1847
General Requests
Contact
Requested Date
Date Due
to KPMG
Please provide a screenshot of monitoring system and automatic generation of remedy tickets.
George
3/22/2012
4/9/2012
CFS
Please provide a system generated report of the CFS related batch job failure help desk tickets between 7/1/11 Current Date.
George
3/22/2012
4/9/2012
Backup Schedule
CFS
Please provide a system generated report/screenshots of the backup schedule configured for CFS.
George
3/22/2012
4/9/2012
Backups Schedule
CFS
Please provide the Joint backup and recovery document.
George
3/22/2012
4/9/2012
PBC Item #
Item Name
Application
CFS-504
Batch Job Monitoring
CFS
CFS-505
CFS-506
CFS-507
Item Description
27 of 67
Client
Prepared By
CSU
W/P Ref:
Amy Vuong
Date

3/22/2012
NOTES:
2.) Channel Islands
3.) Fullerton
4.) Long Beach
5.) Northridge
6.) Pomona
7.) Sacramento
8.) San Francisco
9.) San Jose
#
Name
email address
Office #
Primary
Perry Poon
ppoon@kpmg.com
213.955.8530
Darren Hu
darrenhu@kpmg.com
213.955.8825
Amy Vuong
avuong@kpmg.com
213.630.8096
Mobile #
626.689.9626
818.334.9366
626.625.3201
Fax #
213.652.1018
213.947.1672
213.652.1847
General Requests
Contact
Requested Date
Date Due
to KPMG
Please provide a system generated report of the CFS backup failure help desk tickets between 7/1/11 - Current
Date.
George
3/22/2012
4/9/2012
CFS
Please provide reviewed SLA reports between 7/1/11 - Current Date.
George
3/22/2012
4/9/2012
CFS
Please provide a system generated list of users with access to CSU CFS backup tapes located at Unisys.
George
3/22/2012
4/9/2012
PBC Item #
Item Name
Application
CFS-508
Backup Monitoring
CFS
CFS-509
Backup Restoration
CFS-510
Backup Media Access
Item Description
28 of 67
Client
Prepared By
CSU
W/P Ref:
Amy Vuong
Date

3/22/2012
NOTES:
2.) Channel Islands
3.) Fullerton
4.) Long Beach
5.) Northridge
6.) Pomona
7.) Sacramento
8.) San Francisco
9.) San Jose
#
Name
email address
Office #
Primary
Perry Poon
ppoon@kpmg.com
213.955.8530
Darren Hu
darrenhu@kpmg.com
213.955.8825
Amy Vuong
avuong@kpmg.com
213.630.8096
Mobile #
626.689.9626
818.334.9366
626.625.3201
Fax #
213.652.1018
213.947.1672
213.652.1847
General Requests
PBC Item #
Item Name
Application
Item Description
CFS-511
Recall Backup Media

Access
CFS
Please provide a system generated list of users with access to recall backup tapes from Unisys.
CFS-512
Incident Management
Procedures
CFS
Please provide the ITSC Incident Management Procedures.
Contact
Requested Date
Date Due
to KPMG
George
3/22/2012
4/9/2012
Mick
3/22/2012
4/9/2012
29 of 67
Client
Prepared By
CSU
W/P Ref:
Amy Vuong
Date

3/22/2012
NOTES:
2.) Channel Islands
3.) Fullerton
4.) Long Beach
5.) Northridge
6.) Pomona
7.) Sacramento
8.) San Francisco
9.) San Jose
#
Name
email address
Office #
Primary
Perry Poon
ppoon@kpmg.com
213.955.8530
Darren Hu
darrenhu@kpmg.com
213.955.8825
Amy Vuong
avuong@kpmg.com
213.630.8096
Mobile #
626.689.9626
818.334.9366
626.625.3201
Fax #
213.652.1018
213.947.1672
213.652.1847
General Requests
PBC Item #
CFS-513
Item Name
Incident Management
Procedures
Application
CFS
Item Description
System generated list of CFS remedy tickets that were created between 07/1/11 - Current Date with the following
fields:
1. Ticket #
2. Problem Description
3. Request Date
4. Completion Date
5. Security Level
Contact
Requested Date
Date Due
to KPMG
Mick
3/22/2012
4/9/2012
30 of 67
s PBC
s within the 4th quarter to select, we will have to pull the
with the comment "Observation Required", you can wait
Status
Comments
Campus Selection Required
31 of 67
s PBC
Status
Comments
Document "CFS-103 Application Information.docx"

posted to SharePont
32 of 67
s PBC
Status
Comments
Status
Comments
33 of 67
s PBC
Status
partial done
Comments
Campus Selection Required for New
User/Terminations other items are covered I
believe by CFS-202 with the exception of the
Password Policy (Access Control standards
document). Copies of the policies that address
Physical Access, Priveldged Access and User
Reviews are uploaded. Procedures for the logical
access are included the SOD areas and Physical
Access is covered by the SSAE-16. William will
need to review the current status of the CSU
password standard with KPMG.
34 of 67
s PBC
Status
Comments
completed
completed
completed
We have a data classification standard that has

been uploaded. I also uploaded the policy that
directs how often these policies and standards are
reviewed and how they are managed.
35 of 67
s PBC
Status
partial done
Comments
Campus Selection Required - the FCFSPRD and

CSU Portal Screen Shots have been uploaded
36 of 67
s PBC
Status
Comments
Observation/Screenshots Required
37 of 67
s PBC
Status
Comments
38 of 67
s PBC
Status
Comments
partial done
Reports from 3/24 have been reviewed, initialed

by Alex Harwood (AEH) and uploaded as PDF.
Amy agreed that if these reports matched the
observed reports that George runs from CFS-206
this would suffice.
partial done
Sept, and Jan have been uploaded. April hasn't

happened yet.
39 of 67
s PBC
Status
Comments
40 of 67
s PBC
Status
Comments

41 of 67
s PBC
Status
Comments
42 of 67
s PBC
Status
Comments

43 of 67
s PBC
Status
Comments
Campus Selection Required and CMS/CFS
Oracle Request form
44 of 67
s PBC
Status
Comments

45 of 67
s PBC
Status
Comments
partial done
Campus Selection Required. CO and CFS has

been uploaded.
46 of 67
s PBC
Status
Comments
completed
completed
completed
completed
47 of 67
s PBC
Status
completed
Status
Comments
screen shots provided. The policy and

procedures I think are covered by items in 218
and 202
Comments
48 of 67
s PBC
Status
Comments
49 of 67
s PBC
Status
Comments
50 of 67
s PBC
Status
Comments

51 of 67
s PBC
Status
Comments
52 of 67
s PBC
Status
Comments
53 of 67
s PBC
Status
Comments
Status
Comments
54 of 67
s PBC
Status
Comments
completed
Status
Comments
55 of 67
s PBC
Status
Comments
partial
completed
William will have the SSAE-16 and can provide to

KPMG while they are on site for a limited time.
partial
completed
The quarterly memo for 10/2011 - 1/2012 has

been uploaded and the 1/2012 - 4/2012 memo will
be provided to William shortly after 4/1.
56 of 67
s PBC
Status
Comments
Document CFS-504.docx Uploaded
Document CFS-507-CSUSLC5001B CSU-Unisys

Joint Backup and Restore Procedures .pdf posted
57 of 67
s PBC
Status
Comments
58 of 67
s PBC
Status
Comments
Section 4 of CFS-511-CSUSLC5017B CSUUnisys Joint Security Procedures.pdf. Document
Posted
59 of 67
s PBC
Status
Comments
60 of 67
Client
Prepared By
CSU
W/P Ref:
Amy Vuong
Date
DW IT General Controls PBC

3/22/2012
NOTES:
1. Please provide system-generated lists after April 1, 2012. We would like to have updated lists within the year-end time period. However, for controls that we will be selecting samples from, if there are no samples within the 4th quarter to s
again at a later date to obtain a sample from the 4th quarter.
2. To ensure the completeness of the system-generated listings, KPMG will observe (via Net Meeting, WebEx, in person, or screenshots) the parameters/criteria used during the generation process. For all controls with the comment "Observ
can wait for KPMG to observe the generation real-time or take screenshots of the process (e.g. parameters selected, etc.) while you generate the lists.
#
Name
email address
Office #
Primary
Perry Poon
ppoon@kpmg.com
213.955.8530
Darren Hu
darrenhu@kpmg.com
213.955.8825
Amy Vuong
avuong@kpmg.com
213.630.8096
Mobile #
626.689.9626
818.334.9366
626.625.3201
Fax #
213.652.1018
213.947.1672
213.652.1847
General Requests
PBC Item #
Item Name
Application
Item Description
Contact
Requested Date
Date Due
to KPMG
FDW-101
Application
Data Warehouse
Please provide the following information about the Finance Data Warehouse and the supporting network and infrastructure:
1. Location where the Data Warehouse is Hosted
2. Operating System
3. Backend Database
Carlos/Cheryl K.
3/22/2012
4/9/2012
Application
Item Description
Contact
Requested Date
Date Due
to KPMG
Carlos/Cheryl K.
3/22/2012
4/9/2012
Access to Programs and Data

PBC Item #
Item Name
FDW-201
Access List
Data Warehouse
Please provide a system generated list of all users with access to the Finance Data Warehouse. Please include the
following fields, if possible:
- User Name
- Name
- Title
- Level of access
FDW-202
Policy and Procedures
Data Warehouse
Please provide the Finance Data Warehouse Implementation Guide.
Carlos/Cheryl K.
3/22/2012
4/9/2012
Carlos/Cheryl K.
3/22/2012
4/9/2012
Carlos/Cheryl K.
3/22/2012
4/9/2012
FDW-203
DBA Access
Data Warehouse
Please provide a system generated listing of users with access to the backend Oracle database for the DW (DBA role).
Please include the following information:
1. Name
2. User Name
3. Role
4. Disabled Account Flag
5. Last Login Date
FDW-204
Privileged Access
Data Warehouse
Please provide a system generated report or screenshot of users with administrator access (Administrators group/ability to
add/modify/delete user access) to Data Warehouse Front End (OBIEE).
Contact
Requested Date
Date Due
to KPMG
1. Please provide a system generated report or screenshot of users with administrator access (ability to add/modify/delete
user access) to Data Warehouse Back End (ETL).
2. In the PY, the provided screenshot shows that the isadmin and wasadmin accounts are the only accounts with
Administrator role. Please provide me with the name(s) of users with access to these two accounts.
Carlos/Cheryl K.
3/22/2012
4/9/2012
Data Warehouse
Please provide evidence of annual management review over user access reviews for the Data Warehouse. Please
included evidence of supporting documentation and criteria used for evaluating appropriateness of access. (Note electronic signature as an approval, such as an email, is sufficient).
Carlos/Cheryl K.
3/22/2012
4/9/2012
Password
Data Warehouse
Please provide password policy configuration for the Data Warehouse Development and Backend (ETL) enviornments.
Carlos/Cheryl K.
3/22/2012
4/9/2012
Physical Access
Data Warehouse
Please provide a system generated report or screenshot of personnel with access to the Fullerton Data Center.
Carlos/Cheryl K.
3/22/2012
4/9/2012
PBC Item #
Item Name
Application
Contact
Requested Date
Date Due
to KPMG
FDW-301
Program Change Policy
Data Warehouse
Carlos/Cheryl K.
3/22/2012
4/9/2012
FDW-302
Configuration Change
Policy
Data Warehouse
Carlos/Cheryl K.
3/22/2012
4/9/2012
Carlos/Cheryl K.
3/22/2012
4/9/2012
PBC Item #
Item Name
Application
FDW-205
DBA Access
Data Warehouse
FDW-206
User Access Reviews
FDW-207
FDW-208
Item Description
Program Changes
Item Description
Please provide policies and procedures on how changes to the Data Warehouse are controlled, requested, reviewed,
approved, and implemented (i.e. Finance Data Version Control Process).
Please provide policies and procedures on how changes to configuration changes to the Data Warehouse are controlled,
requested, reviewed, approved, and implemented.
For example: Control procedures over changes made to data warehouse tree(s) definition.
FDW-303
Program Change
Data Warehouse
Please provide a system generated listing of Program Changes to the Data Warehouse, including emergency and
configuration changes for the period 7/1/11 - Current (i.e. List of Changes to OBIEE document and ETL Bug Fixes
spreadsheet).
From this listing we will make further selections and request additional documentation.
FDW-304
Program Migration
Access Policy
Data Warehouse
Please provide any policies and procedures over the access for the ability to perform changes to the Data Warehouse.
Carlos/Cheryl K.
3/22/2012
4/9/2012
FDW-305
Program Migration
Access
Data Warehouse
Please provide system generated list of users with access to migrate changes to production (Please confirm that this is
same request as FDW-204, 205).
Carlos/Cheryl K.
3/22/2012
4/9/2012
FDW-306
Program Development
Access
Data Warehouse
Please provide system generated list of users with access to develop changes.
Carlos/Cheryl K.
3/22/2012
4/9/2012
FDW-307
Segregation of Duties
Data Warehouse
Please provide system generated report or screenshots of how access to develop changes is segregated from access to
migrate changes from test to prod.
Carlos/Cheryl K.
3/22/2012
4/9/2012
PBC Item #
Item Name
Application
Contact
Requested Date
Date Due
to KPMG
FDW-401
Development
Data Warehouse
Carlos/Cheryl K.
3/22/2012
4/9/2012
PBC Item #
Item Name
Application
Contact
Requested Date
Date Due
to KPMG
FDW-501
Batch Jobs
Data Warehouse
Cheryl K.
3/22/2012
4/9/2012
Program Development
Item Description
Has there been any DW program developments/enhancements/major changes?
Computer Operations
Item Description
1. Please provide a system generated list of Data Warehouse batch jobs and their schedules.
2. Please provide a screenshot of the properties/setup screen of the batch job where it shows that it is scheduled to be run
daily?
Contact
Requested Date
Date Due
to KPMG
Please provide a system generated report of the Data Warehouse related batch jobs completion status between 07/1/11 Current Date.
Cheryl K.
3/22/2012
4/9/2012
Data Warehouse
Please provide the Data Warehouse Backup Policy document.
Cheryl K.
3/22/2012
4/9/2012
Backup Schedule
Data Warehouse
1. Please provide a system generated report/screenshots of the backup schedule configured for the Data Warehouse.
2. Please provide a screenshot similar to the batch job request showing the backup schedule.
Cheryl K.
3/22/2012
4/9/2012
FDW-505
Backup Monitoring
Data Warehouse
Please provide a system generated report of the Data Warehouse backups completion status between 7/1/11 - Current Date.
Cheryl K.
3/22/2012
4/9/2012
FDW-506
Backup Media Access
Data Warehouse
Please provide a system generated list of users with access to the Data Warehouse backup tapes (Iron Mountain (IM)
Customer Authorization list ).
Cheryl K.
3/22/2012
4/9/2012
FDW-507
Job Failure Logs
Data Warehouse
1. Please provide a system generated list of Remedy tickets related to backup failures from 07/01/11 Current.
- Please provide the ticket ID, creation date, description, and closed date (resolution of batch job and backup failures)?
Cheryl K.
3/22/2012
4/9/2012
FDW-508
Incident Management
Data Warehouse
Please provide a system generated report of incidents related to the Data Warehouse. Please include Date Opened, Date
Cloesd, Priority, Remedy Ticket Number, and Description of Incident (Refer to FDW-503).
Cheryl K.
3/22/2012
4/9/2012
PBC Item #
Item Name
Application
FDW-502
Data Warehouse
FDW-503
Backups
FDW-504
Item Description
Controls PBC
no samples within the 4th quarter to select, we will have to pull the list
all controls with the comment "Observation/Screenshots Required", you
Status
Comments
Status
Comments
Status
Comments
Status
Comments
Status
Comments
Status
Comments
Status
Comments
Client
Prepared By
CSU
W/P Ref:
Amy Vuong
Date
IT Application Controls PBC

3/22/2012
NOTES:
1. Please provide system-generated lists after April 1, 2012. We would like to have updated lists within the year-end time period. However, for controls that we will be selecting samples from, if there are no samples within the 4th quarter to select, we will have to pull the list
again at a later date to obtain a sample from the 4th quarter.
2. To ensure the completeness of the system-generated listings, KPMG will observe (via Net Meeting, WebEx, in person, or screenshots) the parameters/criteria used during the generation process. For all controls with the comment "Observation/Screenshots Required",
you can wait for KPMG to observe the generation real-time or take screenshots of the process (e.g. parameters selected, etc.) while you generate the lists.
#
Name
email address
Office #
Primary
Perry Poon
ppoon@kpmg.com
213.955.8530
Darren Hu
darrenhu@kpmg.com
213.955.8825
Amy Vuong
avuong@kpmg.com
213.630.8096
Mobile #
626.689.9626
818.334.9366
626.625.3201
Fax #
213.652.1018
213.947.1672
213.652.1847
IT Application Controls
PBC Item #
Item Name
Application
Item Description
Contact
Requested Date
Date Due
to KPMG
Status
Comments
APP-101
Journal Entries
CFS
System report of ALL journal entries recorded in FY 2011-12 (testing completeness):

1. All manual entries in XXCMP business unit
2. All manual entries in XXCSU business unit
3. All entries (system and manual) in XXGAP business unit
Lily
Amy Ahearn
3/22/2012
4/9/2012
9/1/2012
(Note: for PeopleSoft campuses, the report query name is "CSU_GL_JRNL_ENTRY_AUDIT_REPORT" to run the manual
entries for XXCMP and XXCSU and "CSU_GL_JRNL_ENTRY_AUDIT_xxGAP" to run system and manual entries for
XXGAP.) Query includes Date and Time stamp.
APP-101.a
Journal Entries
CFS
APP-102
Natural Classification of
Expenses
CFS
APP-103
Natural Classification of
Expenses
CFS
Please provide screenshots in September of the folder properties so we can validate the size of files we will be receiving as
well as screenshots of the line count from the database for each business unit which we will then run a comparison to the
extracted data.
4/3 UPDATE:
Completed initial review. We will finish the completeness
assessment in September, in conjunction with the
Financial Audit team.
Amy Ahearn
4/3/2012
9/1/2012
Sherry
3/22/2012
4/9/2012
We will be testing the Account Mapping of the natural

classification of expenses. We will review the process first via
interviews and documentation review, and will request
additional information for testing.
Sherry/George
3/22/2012
4/9/2012

Please provide documentation explaining the system functionality related to the natural classification of expenses.
GAAP Derivation (GAAP Manual Chapter 3 Account Mapping: GAP BU)
Please provide a system generated list of users with access to the GAAP Override feature in PeopleSoft (Campuses can
change the default net assets classification of a CSU fund to a more appropriate category, if necessary). Please include the
following information:
1. Name
2. User Name
3. Role
4. Is access appropriate?
Note: KPMG Financial Audit team will be including this same

item in the FSA PBC list as well (testing accuracy). Please
reference the FSA PBC #21.

CH 17.03 PBC Final

Hochgeladen von

Dokumentinformationen

Originalbeschreibung:

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

CH 17.03 PBC Final

Hochgeladen von

Copyright:

Verfügbare Formate

Client

CFS IT General Controls PBC

CMS IT Org Chart

Please provide a CMS Technical Organization Chart.

CFS IT General Controls PBC

CFS IT General Controls PBC

Note: Roadmap represents campus and CMS strategy/objectives.

Access to Programs and Data

CFS IT General Controls PBC

CFS IT General Controls PBC

CFS IT General Controls PBC

CFS IT General Controls PBC

CFS Access Tables

CFS IT General Controls PBC

CFS Privileged Access

CFS IT General Controls PBC

CFS Privileged Access

Maintain_Security and Administer_Security Security Report reviews

CFS IT General Controls PBC

CFS DBA Access

CFS IT General Controls PBC

New Hire Listing

CFS IT General Controls PBC

New Hire Form Sample

New Hire Access

[Sample Selection to be provided at a later date to the Campus]

CFS IT General Controls PBC

CFS IT General Controls PBC

Transfer Form Sample

[Sample Selection to be provided at a later date to the Campus]

CFS IT General Controls PBC

CFS IT General Controls PBC

[Sample Selection to be provided at a later date to the Campus]

User Access Reviews

CFS IT General Controls PBC

SOD Exception Form

Please provide the Published documentation regarding CMSETS account.

CFS IT General Controls PBC

CFS IT General Controls PBC

Program Change Policy

CFS IT General Controls PBC

CFS IT General Controls PBC

Program Change Form

CFS IT General Controls PBC

Program Change Form

[Sample Selection to be provided at a later date]

CFS IT General Controls PBC

Please provide the CFS Modification Log (Refer to CFS-308).

CFS modification log

CFS IT General Controls PBC

CFS change review

CFS IT General Controls PBC

CFS IT General Controls PBC

Please provide the most recent Unisys SSAE16 report.

CFS IT General Controls PBC

Please provide the Joint backup and recovery document.

Batch Job Monitoring

Batch Job Monitoring

CFS IT General Controls PBC

Please provide reviewed SLA reports between 7/1/11 - Current Date.

Backup Media Access

CFS IT General Controls PBC