Scope of Application Security Memo

Subscriber Content
Screenshot of the first page of Scope of Application Security Memo

This memo outlines the assumptions and decision criteria used to scope the documentation efforts around application security.

In this sample, management classified application security as a high-risk process. Management evaluated several attributes and concluded that the process holds the following attributes: highly dependent on manual intervention, has a lack of segregation of duties in key tasks, is moderately people dependent, and involves a moderate level of judgment or assumption. In addition, management considers application security an IT entity–wide process and therefore its control environment affects all financial statement elements.

Free Trial

Sign up for a free, no-obligation trial to start exploring our timesaving, valuable resources.