Professional Documents
Culture Documents
Information Systems Audit Report: Presented by - Sanjiv Arora, Cisa, Cism, Cgeit
Information Systems Audit Report: Presented by - Sanjiv Arora, Cisa, Cism, Cgeit
0 1 2 3 4 5 6
Data Centre team has at its disposal software tools, policies and procedures to perform the DC
management effectively
DC team acts on CMR, Alerts, emails and client requests in timely manner
DC team was working in tandem within technical groups, vendors across the IT operations
Monthly VA is carried out using Qualys Guard to identify and act upon vulnerabilities in
servers, Network devices
Key Weaknesses
Key administrative IDs are used by multiple admin and this may reduce accountability of
individuals
Backup storage procedures are somewhat weak and do require a review to enhance controls
Proactive management and exceptional reporting desires improvement through process of
setting up of KPIs
Access controls allowed to Admin users in respect to confidential folders / information across
network should be reviewed
Multiple vendor situation for IT operations at client location dilutes accountability to some
extent, thus may result (currently unmonitored) delay to resolve problems and issues
Information Systems Audit
7
CASE – A MANUFACTURING COMPANY IMPLEMENTED
ERP 3 YEARS BACK, WISHED TO REVIEW ADEQUACY
AND SUCCESS OF IMPLEMENTATION.