IFGICT ICT Standard Audit Processes Clinets Version

Initi
ard atio
Aw n
IFGICT Standard
Mission
Ana nning
Pla
lysi
s&
The ICT Audit is conducted as part of
the wider accreditation process by ICT Standard
the IFGICT. The aim of an ICT audit is
Process
ign
to review the information system
Des
architecture (including the KPI
documentations), assess the actual
implementation and effectiveness of
ICT ent
controls for a system and to report A udit lem
on any observed operational risks Imp
relating to the operation of the
system to the certification .
Copyright notice: This document is provided under audit committee license of Attribution-Non Commercial-Share Alike. For more information on this license, please visit the http://www.ifgict.org
Evaluating ICT aspects & Review checklist
Interview Gap analysis report
•Appropriate personnel •Standards/ KPI
•Monitoring and Measurement •Documentation
•Evaluation of Compliance
Overview: ICT
Accreditation Diagnostic
Baseline Assessment
Processes •Organizational Structure
•Policies and Procedures
Execute & Record Review & Corrections
Audit & Policies &

Documentations Procedures Audit
Audit Output
Input
START
START 11 22 33
Requirements Satisfactions
Plan Process Check BIA
Business Impact
Define & Preparation Analysis
Measure & Compare
Organization’s BIA Process:
Based ICT Impact
ICT Standard Audit: Practical lifecycle / Roles
Top Management ICT Manager / Coordinator

Practical: Develop
Perspectives on ICT Standard tailored ICT-MS
Audit
documentation
Top Management ICT Manager / Implement an
Coordinator effective ICT-MS
Roles
Practical lifecycle
Practical: functions need to Practical: ICT impacts related to

support the ICT-MS daily working activities, and how
Department Frontline Staff they can be controlled.
Heads
Department Heads Frontline Staff
Legal and Other
Requirements Review & Corrections
ICT –MS Audit Planning Phase Phase B-P
11 22 33
Phase A-P Phase C-P
ICT-MS Aspects Objectives, Targets and

Programme(s)
ICT-MS: Implementation and Operation Stages
Competence, Training and Operational Control
Awareness
Implementation
and Operation
Stages
Resources, Roles, Communication &

Responsibility and Documentation
Authority
6
ICT-MS Checking Stages
Monitoring and Measurement

Phase A
1
1
Evaluation of Compliance
Phase B
2
2
Nonconformity, Corrective Action and Preventive Action

towards ICT Standard
Phase C
3
3
Phase D Control of Records & Internal Audit

4
4
Audit checklist, Audit report & Corrective action & preventive action report: The checklist
focuses on the ICT-MS’s processes and controls allowing an organization to concentrate
on an individual information system.
Procedures of ICT Management System Review
Training materials
Guidance notes for
ICT Management supplier control
Commitment Assessment Forms for
Checking & audit
implementing
procedures
Developing
operational control Monitoring plan
procedures Implementation Audit plan
Operational control
procedures and work
of the ICT-MS Audit checklist
Audit report
instructions
Audit checklist, Audit report & Corrective action & preventive action report: The checklist focuses on the ICT-MS’s processes and controls allowing an
organization to concentrate on an individual information system.
Processes Timeframe
Internal Audit External Audit

Diagnostic & Checklist & Gap Evaluating ICT
Baseline analysis aspects &
Assessment Documentations
Time Frame 8-12 Weeks
ICT Management
Commitment Assessment
RESOURCES
OVERVIEW
The Certification Authority of IFGICT will
receive the compliance Report from the ICT-MS ICT-MS
president of the committee (Audit Aspects Aspects
Committee)and make a judgment based on
the findings of the review to determine if any
residual risk is present in the manner in which
the controls are operated. The (Audit
Committee) with client should provide
detailed information regarding the operation
of controls if they are found to be ineffective
or partially effective to enable the Checking & Implementatio
Certification Authority to make this audit n
assessment. Obtaining certification for an ICT of the ICT-MS
Audit provides an organization /company
with the needed assurance that their
Information systems are compliant with
IFGICT’s best practice ICT guidelines.
Objectives, Targets
and Programme(s)
IFGICT audit objectives focus on substantiating that the internal controls exist and are
functioning as expected to minimize business risk along with given KPIs. These audit objectives
include assuring compliance with legal and regulatory requirements, as well as the
confidentiality, integrity, and availability.
The audit committee by the IFGICT steered by ICT experts above 20 Implementation
years in ICT auditing
and Operation
Stages
review and control.
Questions about ICT Standard , reach out to

audit@ifgict.org
customerservice@ifgict.org

IFGICT ICT Standard Audit Processes Clinets Version

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

IFGICT ICT Standard Audit Processes Clinets Version

Uploaded by

Copyright:

Available Formats

Initi

Audit & Policies &

Top Management ICT Manager / Coordinator

Practical: functions need to Practical: ICT impacts related to

Department Heads Frontline Staff

Phase A-P Phase C-P

ICT-MS Aspects Objectives, Targets and

Resources, Roles, Communication &

Monitoring and Measurement

Nonconformity, Corrective Action and Preventive Action

Phase D Control of Records & Internal Audit

Internal Audit External Audit

Time Frame 8-12 Weeks

Questions about ICT Standard , reach out to

You might also like