Access to Programs and Data Audit Work Program

Subscriber Content
Screenshot of the first page of Access to Programs and Data Audit Work Program

The purpose of this sample audit work program—focused on access to programs and data—is to outline the IT general controls to be tested, review the results of management’s testing, and document the procedures to test each control.

Document the procedures to be performed to conclude on the operating effectiveness of the controls identified, including a specific description of the nature, timing and extent of procedures. For all controls that are tested at an interim date, list the procedures performed to roll-forward the interim testing to period end. Organizations should continuously update/monitor this work program to ensure that documentation reflects business operations.


Topics
Internal Audit
IT Audit
Sarbanes-Oxley Act
Section 404-Internal Control Reporting
Audit Testing
Data Security

Related Resources

Risk & Control Matrices - RCMs

Manage Security and Privacy RCM

Checklists & Questionnaires

IT General Controls Questionnaire

Free Trial

Sign up for a free, no-obligation trial to start exploring our timesaving, valuable resources.

Let's Do It