Scribd Logo
Upload

Welcome to Scribd!

  • Internal Control Questionnaire: Prepared By: - Date: - Reviewed By: - Date

    Uploaded by

    Chooji Hachii
    7 views5 pages
    Email_System_ICQ

    Original Title

    Email_System_ICQ

    Copyright

    © © All Rights Reserved

    Available Formats

    DOC, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Email_System_ICQ

    Copyright:

    © All Rights Reserved
    Download as DOC, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    7 views5 pages

    Internal Control Questionnaire: Prepared By: - Date: - Reviewed By: - Date

    Uploaded by

    Chooji Hachii
    Email_System_ICQ

    Copyright:

    © All Rights Reserved
    Download as DOC, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 5

    Prepared by: _____

    Date: ___________
    Reviewed by: ____
    Date: _________

    INTERNAL CONTROL QUESTIONNAIRE


    Department: Auditable Function: E-mail System

    Discussed with: Date:

    Question Yes No N/A Comments


    General        

    1. What type of licensing does the


    company have with the vendor of
    the email system?

    2. How are licenses maintained and


    how are licenses monitored to
    ensure there are enough licenses
    for current users and future planned
    users?

    3. Describe any major changes


    planned to be made to the email
    system over the next 12 months.

    4. List any systems that interface with


    the email system.

    5. What is the email system problem


    resolution process? How are
    problems with the email system
    tracked, monitored, documented
    and resolved?

    6. Who should be our contact for


    information regarding email system
    installation and configuration
    settings?

    7. How is Spam traffic monitored and


    controlled?

    8. Are there any email policies that


    have been developed and
    communicated to the end-users
    regarding email content, types and
    size of attachments, etc.? If yes,

    Internal Control Questionnaire-AuditNet LLC


    Prepared by: _____
    Date: ___________
    Reviewed by: ____
    Date: _________

    Question Yes No N/A Comments


    please provide a copy of each
    policy.

    Names and phone numbers of contact


    persons for this
    section:_________________________
    __________

    _______________________________
    _______________________________
    _______________________

    Physical Access
    1. Where are the mail servers
    physically located? Who has access to
    them?

    Names and phone numbers of contact


    persons for this
    section:_________________________
    __________

    _______________________________
    _______________________________
    _______________________

    Logical Access
    1. What is the process for creating
    and removing users from the
    system?

    2. What is the process for granting


    access to an employee for another
    employee’s mailbox?

    3. Describe the groups and roles that


    have been configured in the email
    system.

    Internal Control Questionnaire-AuditNet LLC


    Prepared by: _____
    Date: ___________
    Reviewed by: ____
    Date: _________

    Question Yes No N/A Comments

    4. Are any encryption technologies


    being utilized? If yes, please
    describe.

    Names and phone numbers of contact


    persons for this
    section:_________________________
    __________

    _______________________________
    _______________________________
    _______________________

    Mail Administration
    1. Describe the responsibilities of the
    email administrators and the
    frequency that specific duties are
    performed.

    2. What training do the administrators


    of the email system receive?

    3. How is the system protected


    against malicious code (e.g.
    viruses, worms, Trojans)?

    4. How are new patch fixes and


    system vulnerabilities identified?
    How are they deployed?

    Names and phone numbers of contact


    persons for this
    section:_________________________
    __________

    _______________________________
    _______________________________
    _______________________

    Internal Control Questionnaire-AuditNet LLC


    Prepared by: _____
    Date: ___________
    Reviewed by: ____
    Date: _________

    Question Yes No N/A Comments

    Service Level Agreements


    1. List any Service Level Agreements
    that relate to the email system
    (between IT and the business units,
    vendor, third parties, etc.)

    2. How are service levels monitored?

    3. Is there a process to identify and


    provide continual improvements to
    the email system?

    Names and phone numbers of contact


    persons for this
    section:_________________________
    __________
    _______________________________
    _______________________________
    _______________________

    Contingency Planning & Backups


    1. Describe how the email system and
    data are backed up (what is backed
    up, frequency, storage medium,
    storage facility, retention period,
    etc.)

    2. Do written backup and recovery


    procedures exist? If yes, when
    were they last updated?

    3. Have any tests been performed on


    the backup and recovery of the
    system and data? (If so, when and
    what were the results?)

    4. Does a written disaster


    recovery/business continuity plan
    exist for the email system?

    5. If a written disaster
    recovery/business continuity plan

    Internal Control Questionnaire-AuditNet LLC


    Prepared by: _____
    Date: ___________
    Reviewed by: ____
    Date: _________

    Question Yes No N/A Comments


    exists for the email system, has it
    been tested? (If so, when and what
    were the results?)

    Names and phone numbers of contact


    persons for this
    section:_________________________
    __________
    _______________________________
    _______________________________
    _______________________

    Internal Control Questionnaire-AuditNet LLC

    You might also like