System Management Risk Assessment and Control Audit Work Program

Subscriber Content
Screenshot of the first page of System Management Risk Assessment and Control Audit Work Program

Since most financial transactions are processed and maintained in the IT environment, the IT function is critical for all financial audits. This System Management Risk Assessment and Control Audit Work Program will assist audit teams with identifying risks and related controls for logical security administration and monitoring, physical security, change management, problem management, and system availability.

Audit procedures include: identify all methods for accessing the application system to confirm access requires authentication and authorization and is auditable; and obtain and review documented procedures for administering and monitoring access to the application, database, and operating system that hosts the application to verify a standardized control process is in place to facilitate appropriate access.


Topics
IT Risk
IT Audit
IT Controls
Internal Controls
Audit Testing
Risk Assessment

Related Resources

Risk & Control Matrices - RCMs

Manage Security and Privacy RCM

Audit Reports

Security Assessment Audit Report

Policies & Procedures

Systems Audit Logging and Monitoring Policy

Free Trial

Sign up for a free, no-obligation trial to start exploring our timesaving, valuable resources.

Let's Do It