Scribd Logo
Upload

Welcome to Scribd!

  • Network Controls: Compliance Tests: Icq Ref CT Ref Compliance Test Working Papers

    Uploaded by

    h
    14 views1 page
    This document contains compliance tests for network controls. It lists tests to determine if the network strategy supports business plans, if network administration staff are properly trained, and if network device documentation is kept up to date. It also includes tests to check if users receive proper instruction on network usage and security and if network monitoring provides adequate reporting on network traffic and performance. The goal is to assess whether network controls meet organizational needs and industry best practices.

    Original Description:

    Original Title

    Untitled8

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document contains compliance tests for network controls. It lists tests to determine if the network strategy supports business plans, if network administration staff are properly trained, and if network device documentation is kept up to date. It also includes tests to check if users receive proper instruction on network usage and security and if network monitoring provides adequate reporting on network traffic and performance. The goal is to assess whether network controls meet organizational needs and industry best practices.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    14 views1 page

    Network Controls: Compliance Tests: Icq Ref CT Ref Compliance Test Working Papers

    Uploaded by

    h
    This document contains compliance tests for network controls. It lists tests to determine if the network strategy supports business plans, if network administration staff are properly trained, and if network device documentation is kept up to date. It also includes tests to check if users receive proper instruction on network usage and security and if network monitoring provides adequate reporting on network traffic and performance. The goal is to assess whether network controls meet organizational needs and industry best practices.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 1

    cipfa-audit-IT-03.

    qxd
    Page 402

    COMPUTER AUDIT GUIDELINES . SIXTH EDITION


    Network Controls: Compliance Tests
    ICQ REF CT REF COMPLIANCE TEST WORKING PAPERS
    1.1 1.1.1 Obtain a copy of the organisation’s IS/IT strategy and corporate business plans and assess
    whether the IS/IT strategy will support them.
    1.1.2 Determine whether the network strategy can meet the stated aims of the organisation, whether it
    has the backing of senior management and whether its implementation is included in an approved

    10/10/2002
    development programme.
    1.2 1.2.1 Determine who has responsibilities for the network and whether they have received adequate and
    appropriate training.
    1.3 1.3.1 Determine what instruction users have received on general usage of the network – are instructions
    reflected in guidance on the use of specific applications?

    16:58
    1.3.2 Ask whether there is a defined training programme explaining users’ responsibilities when using
    the network.

    Page 402
    1.3.3 Examine whether there are instructions documented in an up-to-date user guide and whether such
    guidance includes security issues.
    1.4 1.4.1 Find out if the network administration staff are experienced in the area of network management
    and control.
    1.4.2 Identify and assess the level of training provided and that planned.

    1.5 1.5.1 Identify what network device configuration documentation is available and what procedures are in
    place to ensure that the documentation is kept up to date and accurate.
    1.5.2 Check a sample of the configuration information available to ensure that it is actually up to date.

    1.5.3 Ensure that the internet connection is properly documented and that the document is up to date
    and includes all of the internet services in use, as specified in the internet policy.
    1.6 1.6.1 Ascertain what network usage information is available, the use to which it is put, what reporting
    and forecasting takes place, and what remedial action is taken if performance of the network and
    integrity of data is threatened.
    1.6 1.6.2 Review network traffic reports to assess whether monitoring is adequate, eg do reports include:
    l snapshots of activity at regular intervals throughout the day
    l average utilisation in the period
    l peak utilisation in the period.

    You might also like