Week 04 – Laws, Regulations and Audit Planning

We start this week talking about outsourcing. While there are multiple combinations of geographic, physical and logical configurations we focus on what is most important to the assurance and audit professional. SLAs and Contracts are perhaps the most important controls that we like to see in these scenarios, but they are worth their value only if they are actively managed.

What are the key elements of an SLA? To answer this question we walked through APO09 in the COBIT 5 Enabling Processes document. We provided the definition, objective and key activities of documenting and managing an SLA. (Hint: you may want to consider this example as you work on your case).

Finally, I introduce the subject of Laws and Regulations and their impact on Audit Planning. We will continue this subject in our next class.

Look out for my next post in the next day or so.