Beruflich Dokumente
Kultur Dokumente
IS auditor may use checklist to ensure that review is complete. In order to formalize the auditors’
role and practices, a master checklist may be prepared. It is suggested that a master checklist
for every audit must be prepared by considering the nature of engagement, type and culture of
organisation, objectives of audit and expectation from auditor. Using one checklist for all audits
have a risk that auditor may end up in concluding on inappropriate findings and auditor’s report
may not add value to the organisations.
This is a general checklist. For additional information readers may visit websites of Institute of
Internal Auditors (www.theiia.org), ISACA (www.isaca.org) and similar organisations which have
done exhaustive research in developing suitable audit programs for various technologies and
SDLC projects. The IS Auditor may add more columns (control description, documents
inspected, evidence collected, tests performed, result of analysis, conclusion on design,
conclusion effectiveness of controls and overall finding) to this checklist to convert it into an audit
work paper document..
1
Section 3
18. Whether a process exists for measuring Phase 6 C and Phase 9 Support
vendors' performance against the agreed and maintenance
service levels?
19. Whether post implementation review results Phase 8 Implementation
are documented?