Audit of information security
Suzhou Metalogic Information Technology Co.,Ltd 2018-09-26 11:27:02 Author:SystemMaster
Through professional information security audit training services, enterprises and institutions can train their own information security audit experts to meet the long-term information security audit capability requirements of the organization and find out the various information security problems encountered; It will help you improve your competitiveness in the field of information security.
IT audit methodology requires us to understand, document and test selected controls within the computer processing environment in relation to the significant applications.
We will conduct the following:
1)Obtain an understanding of the general computer controls environment for each location. This will include the 6 areas noted below at 3) and the following 4 areas:
Information Strategy and Planning
Relationship with Outsourced Vendors
Business Continuity Planning
2)Obtain an understanding of the Application-specific Controls environment for each location. This will include the 6 areas noted below at 3) and the following 4 areas:
Other significant applications
3)Conduct Design & Implementation* and Operating Effectiveness** testing for the following six areas of general computer controls and Application-specific Controls as specified by the International Audit Approach (IAA) guidelines:
Application Systems Implementation and Maintenance
Information Systems Operations
Database Implementation and Support
System Software Support