Assignment #1 Requirements
You are a team of IT auditors from XYZ Company’s Internal Audit department. You are assigned for the upcoming audit in 2017 for the company’s IT infrastructure or Applications.
You are asked to develop an Audit Planning Memorandum (APM) base on your understanding of the company’s IT environment and your research on risks and controls associated with the infrastructure components or applications.
(IT infrastructure components samples: OSs; databases; network; email; information security; change management; etc. applicatons: ERP systems; accounting or financial applications; etc.)
Key components of an APM should include the following:
- Entity background or overview (reporting structure, DBMS environment, key applications using DBs, etc.
- Audit objective(s) and scope (Thinking about the C.I.A components)
- Out-of-scope area (what not to cover during this audit and why – Ref. to where should they belong to)
- Key risk areas and risk rating (Place holder for Assignment #2)
- Prior audit finding (if any…)
- Management self-identified issues (based on your own experience)
- Current development or on-going project
- Key contact from business lines
- Audit resources and responsibilities
- Audit time period
Document type – MS Word ONLY!
Due Date: 9/23 EOD
Submission: Team Leader via email