IT Audit and Controls
Added on 2023-01-12
10 Pages2980 Words83 Views
IT Audit and Controls
(Assessment 3)
(Assessment 3)
Contents
INTRODUCTION...........................................................................................................................3
Main Body.......................................................................................................................................3
Audit findings in the RAMS...................................................................................................3
Audit findings in the Horizon Power......................................................................................4
Audit findings in the PRS and PRX.......................................................................................5
Audit findings in the NRL-T..................................................................................................6
Professional, legal, and ethical responsibilities of an IT Auditor...........................................7
CONCLUSION................................................................................................................................8
REEFRENCES..............................................................................................................................10
INTRODUCTION...........................................................................................................................3
Main Body.......................................................................................................................................3
Audit findings in the RAMS...................................................................................................3
Audit findings in the Horizon Power......................................................................................4
Audit findings in the PRS and PRX.......................................................................................5
Audit findings in the NRL-T..................................................................................................6
Professional, legal, and ethical responsibilities of an IT Auditor...........................................7
CONCLUSION................................................................................................................................8
REEFRENCES..............................................................................................................................10
INTRODUCTION
Applications are computer programs which automate the main business functions of an
organization including accounting, human capital, support services, permitting, including billing.
Programs often promote professional roles which are specific to particular agencies and are
important (Chou, 2015). Auditing is an analysis of an individual, organization, structure, method,
corporation, program or product conducted to determine the truth and dependability of the
data and also to include an assessment of the financial reporting of a scheme. The aim of an
evaluation is to give an opinion inspired by the work performed however since, due to realistic
limitations, an audit only gives reasonable evidence that the assertion is free from physical
mistake and usually relies on statistical analysis.
Main Body
Audit findings in the RAMS.
The Council has not conducted or obtained an unbiased guarantee that the information protection
standards controlled by key providers are sufficient and work effectively. Consequently, the
Commission has no guarantee that knowledge is secured in RAMS to guarantee its secrecy,
honesty and accessibility (About RAMS, 2020).
Unsupported software: The device manufacturers no refuse to help certain software
components which underlying the software. Additionally, no new features were applied to 1
component to address known security weaknesses. Unsubstantiated and obsolete infrastructure
raises the likelihood of attackers exploiting identified bugs to obtain exposure to or interrupt
confidential information structures.
Untested Disaster Recovery: Although 2015 the company has not carried out a complete
disaster recovery study. The Council could not be sure whether it will retrieve the request as
needed.
Out-dated software design documents: The application's technological documents do not
represent the existing development setting. The Council could not be sure whether all necessary
checks are in effect to safeguard the submission.
Unspecified responsibility to disclose data protection infringements: The role and procedure
of the provider to submit data security infringements to the Commission has not been defined.
There are, however, no fixed fines or penalty fees for a violation of protection. Defining such
Applications are computer programs which automate the main business functions of an
organization including accounting, human capital, support services, permitting, including billing.
Programs often promote professional roles which are specific to particular agencies and are
important (Chou, 2015). Auditing is an analysis of an individual, organization, structure, method,
corporation, program or product conducted to determine the truth and dependability of the
data and also to include an assessment of the financial reporting of a scheme. The aim of an
evaluation is to give an opinion inspired by the work performed however since, due to realistic
limitations, an audit only gives reasonable evidence that the assertion is free from physical
mistake and usually relies on statistical analysis.
Main Body
Audit findings in the RAMS.
The Council has not conducted or obtained an unbiased guarantee that the information protection
standards controlled by key providers are sufficient and work effectively. Consequently, the
Commission has no guarantee that knowledge is secured in RAMS to guarantee its secrecy,
honesty and accessibility (About RAMS, 2020).
Unsupported software: The device manufacturers no refuse to help certain software
components which underlying the software. Additionally, no new features were applied to 1
component to address known security weaknesses. Unsubstantiated and obsolete infrastructure
raises the likelihood of attackers exploiting identified bugs to obtain exposure to or interrupt
confidential information structures.
Untested Disaster Recovery: Although 2015 the company has not carried out a complete
disaster recovery study. The Council could not be sure whether it will retrieve the request as
needed.
Out-dated software design documents: The application's technological documents do not
represent the existing development setting. The Council could not be sure whether all necessary
checks are in effect to safeguard the submission.
Unspecified responsibility to disclose data protection infringements: The role and procedure
of the provider to submit data security infringements to the Commission has not been defined.
There are, however, no fixed fines or penalty fees for a violation of protection. Defining such
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
BUSINESS INFORMATION SYSTEMSlg...
|10
|1992
|9
Audit Findings in RAMS, Horizon Power, PRS and PRX, NRL-Tlg...
|10
|2929
|69
IT Audit Findings in Different Firmslg...
|11
|2785
|34
IT Audit and Control: Analysis, Findings, Strategies, and Recommendationslg...
|10
|3122
|62
Audit Findings for Information Systemslg...
|9
|2676
|69
IT Audit and Controllg...
|10
|2933
|385