Professional Documents
Culture Documents
Audit Objectives
1. Provide ISSO with an independent assessment relating to the effectiveness of the operating system and network.
2. Provide ISSO with an evaluation of the IT function’s preparedness in the event of an intrusion
3. Identify issues which affect the security of the enterprise’s operating system and network
Done
Control With
Procedures Result by /
Description Finding?
Date
I. Control Environment
Existence of
programs and 1. Obtain copy of DWCC ISSO organization
efforts to set the structure and determine if it support
tone, cultures, delegation of authority and functions of
values and DWCC's organization chart.
behavior of the 2. Obtain copy of the Job Description (JD) of
DWCC ISSO personnel and determine if duties and
are completely responsibility are clearly identified and
and properly aligned with the unit’s objective.
documented.
Adequate
1. Verify that current version of antivirus
management
software is installed on the server and that
policies and
upgrades are regularly downloaded to
procedures are
workstations
in place to
2. Determine if the operations personnel have
prevent the
educated about computer virus and aware of
introduction and
Verify if changes
Test of Operating Effectiveness
in the firewall
Check if the requested changes were properly
settings are
approved, implemented and documented.
implemented.
Verify if the
Test of Operating Effectiveness
software
Determine if the software is efficient and effective
installed is fit for
in performing its function.
its functions
Prepared by:
Approved by: