Information for the audit program was also obtained as necessary from the Institute of Internal Auditor’s GTAG (Global Technology Audit Guide) #12 ( Auditing IT. (From IIA Global Technology Audit Guide Auditing IT Projects). GTAG 28, 2, Project Plan and Approach, , Objective and scope, The scope of the project. Start studying GTAG Auditing IT Projects: Appendix A – Project Management. Learn vocabulary, terms, and more with flashcards, games, and other study.
|Published (Last):||4 September 2012|
|PDF File Size:||14.59 Mb|
|ePub File Size:||11.73 Mb|
|Price:||Free* [*Free Regsitration Required]|
Search | Resources | IIA
Back Establish and maintain project management standards. This Control directly supports the implied Control s: Establish and maintain a system design project management framework.
This Control has the following implementation support Control s: Include participation by each affected user department in the implementation phase of the project plan. AIs should establish a general framework for management of major gtqg projects. This framework should, among other things, specify the project management methodology to be adopted and applied to these projects.
The methodology should cover, at a minimum, allocation of responsibilities,… 4. The organization shall manage the system development process by establishing efficient development methods, designating personnel to be responsible for the project, and implementing project management.
The organization shall tgag and maintain an operation and management organization… O Management of security risk in information and information technology The organization should use Project Management techniques to verify that information technology security requirements are adequately addressed. Management of security risk in information and information technology Establish and maintain a project management framework that defines the scope and boundaries of managing projects, as well as the method auditibg be adopted and applied to each project undertaken.
The framework and supporting method should be integrated with the programme management processes. Ensure that the projects support the programme’s objectives. Co-ordinate the activities and … PO Information Technology Controls The business case includes the following key components: The organization shall determine the required verification, validation, inspection, monitoring, and test activities for the product and the product acceptance quditing during the product realization planning.
App A Objective 3: App A Objective The auditors should not have direct involvement in the decision process in order to maintain their independence. Pg 8, Pg 20, Exam Obj 5. There should be a specific schedule to assess and audihing mission risks, but it should be flexible enough to be changed when necessary.