Utilize this audit report sample to evaluate your organization’s general computer control risks and report on the progress made toward addressing audit findings.  

Sample procedures to perform include interviewing key members of the management team and other key participants involved with technology infrastructure while leveraging heavily the results of the GCC and (Insert Program or Application) reviews; performing a gap analysis by comparing interview results, documentation reviews and observations to the information technology infrastructure library (ITIL) best practices; and validating findings with the company’s interview participants to ensure the accuracy of the results and discussing efforts in progress that meet ITIL best practices.