O'Reilly logo

IT Auditing: Using Controls to Protect Information Assets by Kevin Wheeler, Mike Schiller, Chris Davis

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

CHAPTER 3Auditing Entity-Level Controls

In this chapter we will discuss how to audit entity-level controls, which are pervasive across an organization. We will be discussing the auditing of information technology (IT) areas such as

• Strategic planning and technology roadmaps

• Performance indicators and metrics

• Project approval and monitoring processes

• Policies, standards, and procedures

• Employee management

• Asset and capacity management

• System configuration change management

Background

Because entity-level controls are pervasive across an organization, you can audit them once and feel confident that you have covered the topic for the whole company. This chapter discusses areas that the auditor should expect to see centralized in an ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required