Key components and operability evaluation of internal controls for risk assessment modeling in IT audit
Part of : WSEAS transactions on business and economics ; Vol.7, No.4, 2010, pages 349-358
Issue:
Pages:
349-358
Author:
Abstract:
The purpose of this paper is to present some directions to improve the implementation methodology of an audit process, from the analysis of tolerance to IT systems unavailability for organizations in a critical situation caused by the materialization of IT vulnerabilities. The article follows a series of key components of IT risk management process, proposing practical elements for risk control, internal controls operability analysis and aggregation of results, providing a deterministic model process. The use of predefined questionnaires and risk matrix can help the services providers to adapt to the market and maintain the service quality. These practical elements can be found in the proposed IT audit questionnaire, along with a workflow process in seven steps for the audit mission.
Subject (LC):
Keywords:
IT systems tolerance, risk areas and subareas, control evaluation, risk assessment, IT risk, IT audit steps, audit questionnaires
Notes:
Περιέχει πίνακες και βιβλιογραφία