Download as pdf or txt
Download as pdf or txt
You are on page 1of 1

cipfa-audit-IT-03.

qxd
Page 400

COMPUTER AUDIT GUIDELINES . SIXTH EDITION


Network Controls: Internal Control Questionnaire
RISK ICQ CONTROL ANSWER COMMENTS CT
ID CTL REF Y N
1.1 1.1 Does a strategy exist for the continued effective, efficient and secure 1.1.1
use of networking facilities? 1.1.2
1.2 1.2 Is responsibility for the management and operation of the network 1.2.1

10/10/2002
clearly defined?
1.3 1.3 Are network users adequately trained on network usage and security? 1.3.1
1.3.2
1.3.3

16:58
1.4 1.4 Do network administrators receive adequate and appropriate training 1.4.1
on network security and control? 1.4.2
1.5 1.5 Are technical standards and configuration information for all network 1.5.1

Page 400
facilities clearly documented? 1.5.2
1.5.3
1.6 1.6 Is network activity monitored to ensure that security has not been 1.6.1
breached and performance is optimised? 1.6.2
1.6.3
1.6.4
1.6.5
1.6.6
1.7 1.7 Are the commercial and service arrangements for the network fully 1.7.1
documented, supported, monitored and agreed by all parties? 1.7.2
1.7.3
2.1 2.1 Do procedures exist for the approval and installation of network 2.1.1
connections? 2.1.2
2.1.3
2.2 2.2 Are only authorised users able to make network connections and are 2.2.1
procedures in place to check for unauthorised connections? 2.2.2
2.2.3

You might also like