Professional Documents
Culture Documents
Chapter 3 Administrative Controls
Chapter 3 Administrative Controls
Chapter Three
Administrative Controls
Introduction
2
Supervision
Cont’d…… Segregation of functions
3
IS must be auditable.
Some computer audit techniques require special
features that must be designed into the system.
The auditor has a stake in such systems and must
be involved early in the design.
Procedure development
Well-documented user and operator manuals provide a
sound basis for the day-to-day control over system
operations.
Cont’d………
21
Acceptance testing
The auditor should check that test documentation
shows
How the testing process was developed
Conversion
Data being converted from one storage to other is
not corrupted
Operational and maintenance
A formal change process exists to authorize and
control needed changes to the system
Post-audit
Periodically the system needs to be reviewed and
The End!
Thank you!