信息安全審計
江蘇美特羅信息科技有限公司 2018-07-13 09:23:53 作者:SystemMaster
通過專業的信息安全審計培訓服務,各企事業單位可以培養自己的信息安全審計專家,滿足機構長遠的信息安全審計能力要求,發現遇到的各類信息安全問題;將助您在信息安全領域提升競爭能力.
IT audit methodology requires us to understand, document and test selected controls within the computer processing environment in relation to the significant applications.
We will conduct the following:
1)Obtain an understanding of the general computer controls environment for each location. This will include the 6 areas noted below at 3) and the following 4 areas:
Information Strategy and Planning
Relationship with Outsourced Vendors
Business Continuity Planning
Technique Support
2)Obtain an understanding of the Application-specific Controls environment for each location. This will include the 6 areas noted below at 3) and the following 4 areas:
ERP
HR System
PDM
Other significant applications
3)Conduct Design & Implementation* and Operating Effectiveness** testing for the following six areas of general computer controls and Application-specific Controls as specified by the International Audit Approach (IAA) guidelines:
Information Security
Application Systems Implementation and Maintenance
Information Systems Operations
Database Implementation and Support
Network Support
System Software Support