Sie sind auf Seite 1von 9

Company Name

Comprehensive IT audit plan for th


Sections
Audit Plan
IT General Controls

Sub - Sections
Annual Plan
Access to Programs and Data

End-User Computing

Access to Programs and Data


IT Governance

IT Control environment

IT General Controls

Computer Operations

Access to Programs and Data


Program Changes

Access to Programs and Data

Applications Control (Entity Level


Control Environment)

Information systems relevant to financial


reporting and communication

Information systems relevant to payment


system

IT General Controls

Access to Programs and Data

Company Name
ensive IT audit plan for the year XXXX
Activities
Internal Audit Plan Year XXXX
Monthly Review of physical access to information systems
and Data Centre December XXXX
Quarterly Review of Access administration
Review of end-user policies and procedures
Review of end-user computing + Backup of end-user
reports/data
Monthly Review of physical access to information systems
and Data Centre
Review of IT steering committee
Review of IT strategy
Review of IT policies and procedures
Review of Backup and Recovery Procedures - Back up and
DRP
Review of Anti-virus procedures
Review of incident and problem management -Helpdesk and
SLA
Monthly Review of physical access to information systems
and Data Centre
Review of Authorization, development, testing and approval
Review of Migration to the production environment
Review of Super-user activities
Monthly Review of physical access to information systems
and Data Centre
Quarterly Review of Access administration
Review of Identification and authentication
Review of controls over information

Review of recording of financial transactions


Review of controls over information
Review of recording of financial transactions
Review of responsiveness of IT systems to achieving
objectives
Monthly Review of physical access to information systems
and Data Centre
Review of information security policy/user awareness
Review of configuration of access rules

Review of Monitoring activities

Timeline
13 January - 17 January
13 January - 17 January
20 January - 24 January
27 January - 31 January
3 Febraury - 7 February
3 February - 7 February
10 February - 14 February
17 February - 21 February
24 February - 28 February
3 March - 7 March
3 March - 7 March
10 March - 14 March
17 March - 21 March
24 March - 28 March
31 March - 4 April
7 April - 11 April
14 April - 18 April

21 April - 25 April
28 April - 2 May
5 May - 9 May
12 May - 16 May
5 May - 9 May
12 May - 16 May
19 May - 23 May
26 May - 30 May

Teasy Mobile M
Comprehensive IT audit plan
Sections
Entity Level Control Environment

Sub - Sections
IT Control environment

Information systems relevant to


financial reporting and
communication

Teasy Mobile Money


ehensive IT audit plan for the year 2014
Activities
Review of IT steering committee

Responsible department

Review of IT strategy

IT

Review of IT policies and procedures

IT

IT

Review of responsiveness of IT systems Finance/IT


to achieving objectives
Review of controls over information

IT

Review of recording of financial


transactions

Finance/IT

Timeline
13th to 20th January 2014