Professional Documents
Culture Documents
Eis - Summary Notes - Sample
Eis - Summary Notes - Sample
2
EIS 1.O
SUMMARY
NOTES ON EIS
Edition 1
Benefits of Business Process Automation Process which requires Business Process Automation
Time-sensitive processes
The streamlined processes eliminate wasteful activities and focus
on enhancing tasks that add value.
RISKS
Types of Risks
•Potential events that •Entire ERM process •This encompasses •Relevant information
might have an impact should be monitored tone of an is identified,
on entity should be and modified organisation & sets captured and
identified. wherever necessary. the basis of how risk communicated in a
is viewed and form and stipulated
addressed by an time frame .
entity’s people.
•Policies & •Risks which are •Management selects •ERM should ensure
procedures that are identified are an approach to align that management
established by analyzed to form assessed risk with has a process in
company ensures basis of determining entity’s risk place to set
that risk responses how they should be tolerance and risk objectives.
that mgmt. selected managed. appetite.
are effectively
carried out.
CONTROLS
Classification of controls-
• General Controls
• Application Controls
Objectives of IT controls-
Statement of desired result or purpose to
be achieved by implementation of
control procedures within a particular IT
activity.
• Monitoring:
Code to Remember: C.A.R .E .S 2 2 Ongoing & separate evaluations or some
combinations are used to ascertain whether each of
• Clear communication to management. the 5 components are present & functioning.
• Availability and reliability. • Information & communication:
• Resources allocation. Info. Is necessary for entity to carry out internal
• Recovery from new vulnerabilities. control responsibilities to achieve the objectives.
• Execution of new work. • Control activities:
Actions which are established through policies &
• Effective development of projects.
procedures that help ensure that mgmt.’s directive
• Security awareness on the part of the users. to mitigate risks.
• Risk assessment:
Basis for determining how risks will be managed.
• Control environment:
Set of standards, processes and structures that
provide basis of carrying out internal control across
the organisation.