Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Save to My Library
Look up keyword
Like this
21Activity
0 of .
Results for:
No results containing your search query
P. 1
Chapter 3 (Auditing Infrastructure and Operations)

Chapter 3 (Auditing Infrastructure and Operations)

Ratings: (0)|Views: 1,108 |Likes:
Published by Danish Iqbal
Useful summary of CISA for ICMAP Stage-6 students
Useful summary of CISA for ICMAP Stage-6 students

More info:

Published by: Danish Iqbal on Aug 31, 2010
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as DOC, PDF, TXT or read online from Scribd
See more
See less

08/09/2013

pdf

text

original

 
Information Management and AuditingInfrastructure and operations
IS OPERATIONS:
IS operations include daily usage of software and hardware resources. IS operations are criticalfor large business organizations. These functions include the following areas:a)Management of IS operations.b)Computer operations.
c)
Technical support/help desk.d)Scheduling.e)Quality assurance.f)Program change control.g)Problem management procedures.
MANAGEMENT OF IS OPERATIONS:
IS management has an overall responsibility of all operations within IS department. Operationsmanagement functions include the following:
Resource allocation
– necessary resources are available to perform planned activities.
Standards and procedures
– these are to be established for all operations as per corporateobjectives.
CONTROL FUNCTIONS:
Management control functions include the following:
Detailed scheduling for each operating shift.
Ensuring efficient and effective operations.
Authorizing changes to operating schedules.
Monitoring standard compliances.
Reviewing console log activities.
Reviewing operator log to identify variance in planned and actual activities.
Ensuring timely processing.
Monitoring system performance.
Anticipating equipment replacement for future acquisitions.
Monitoring working environment.
Ensuring changes in hardware and software don’t disrupt normal operations.
Limiting physical access to authorized users only.
COMPUTER OPERATIONS:
Computer operators perform the following tasks:
Executing programs.
Restarting application once abnormally aborted.
Taking timely backup.
Observing processing for authorized entry.
Monitoring adherence to job scheduled.
Participating in disaster recovery plans.
Documentations
would include:Operating procedures, failure recovering procedures, output distribution instructions,procedures related to failure reporting, obtaining and returning file from library.
LIGHTS-OUT OPERATIONS – automated unattended operation:
1
Prepared by: Muhammad Umar Munir 
 
Information Management and AuditingInfrastructure and operations
These are the automated operations which are performed without human intervention. Theyinclude:
Job scheduling.
Console operations.
Return/restart activities.
Tape mounting and management.
Storage device management.
Physical and data security.
Benefits
of lights-out are: cost reduction, uninterrupted operations, and reduced errors.
I/O CONTROL FUNCTION
I/O control personnel are responsible for ensuing accurate processing of a batch. Typical tasksperformed by I/O control personnel include:
Timely and accurate processing.
Generating and distributing proper output to right persons.
Making output as input of other system in proper manner.
Processing of correct files.
DATA ENTRY
Data entry controls would include:
Key verification.
Segregation data entry from verification.
Log preparation – time, date, initials, and other tasks.
TECHNICAL SUPPORT/HELP DESK:
SUPPORT
It provides specialist knowledge to identify change/development and problem resolution. Thesupport function includes the following:
Determining source of computer problems and taking appropriate corrective actions.
Initiating problems reports timely.
Obtaining detailed knowledge of operating system.
Answering queries.
Controlling vendor software.
Providing technical support for computerized telecommunications processing.
Preparing documentation of vendor acquired and in-house developed software.
HELPDESK 
Helpdesk serves the user by ensuring all problems are documented as per priorities. The basicfunctions of helpdesk include:
Documenting problem and initiating resolution.
Prioritizing the issues.
Following up on unresolved problems.
Closing out resolved problems.
SCHEDULING:
Scheduling is vital to ensure optimal use of IS resources as per processing requirements.Scheduling includes the jobs to be executed and their sequence. Scheduling could beperformed using software which reduces possibility of errors. High priority jobs should beoptimally resourced. Scheduling provides are means of keeping customer demand at amanageable level and permit unexpected or on request jobs to be processed withoutunnecessary delay.
2
Prepared by: Muhammad Umar Munir 
 
Information Management and AuditingInfrastructure and operations
QUALITY ASSURANCE:
Quality assurance personnel verify that system changes are authorized, tested, andimplemented before operation.
PROGRAM CHANGE CONTROL:
PCC are established by IS department to control the movement of application as under:Test environment
Staging Environment
Production departmentIt is called formal job turnover procedures. The procedures associated with this turnoverensure the following:
Documentation (system, operations, and program) are complete, updated, and as perestablished standards.
Job preparation, scheduling, and operating instructions have been established.
Test results are reviewed by user and project manager.
PROBLEM MANAGEMENT PROCEDURES:
“Detection, documentation, control, resolution, and reporting of abnormal conditions”
Since computer resources are quite complex, there is a need to establish mechanism toperform the above mentioned activities related to abnormal conditions so that errors could beidentified.
ERRORS
in log include
Program
error,
system
error,
operator 
error,
network
error,
telecommunication
error, and
hardware
error.
ITEMS IN ERROR LOG
Error log include date, resolution description, code, source, initials of maintainer closer of log,narration of error resolution etc.
KEY POINTS:
Updation, not addition, to error log should be restricted to authorized individuals.
Opening and closing error log responsibilities should be segregated.
Sometimes vendor has the ability to correct the problem through dial-up without informingIS management; management should be aware of that.
INFRASTRUCTURE
Introduction:
Computer hardware include physical component of computer system. Technically, anymachinery that assists in the input, processing, storage, and output activities of an informationsystem is called hardware.
HARDWARE ACQUISITION:Invitation to tender (ITT)
Organizational description indicating whether the computer facilities are centralized ordecentralized
3
Prepared by: Muhammad Umar Munir 

Activity (21)

You've already reviewed this. Edit your review.
1 thousand reads
1 hundred reads
Najam Huda liked this
gopi_hc liked this
Antoni 伟亮 liked this
Monica Precilla liked this
Cinthya Bella liked this
Manahil Ahmad liked this

You're Reading a Free Preview

Download
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->