Page 101 - ITGC_Audit Guides
P. 101

Contents









                   Executive Summary ................................................................................................................................... 2

                   Introduction ................................................................................................................................................ 3
                   IT-IS Control Frameworks ................................................................................................................................................ 4

                   Previous GTAG and Terminology .................................................................................................................................. 4
                   Objectives .............................................................................................................................................................................. 6

                   Business Application Engagement Planning ........................................................................................ 6
                   Scoping the Engagement ................................................................................................................................................ 8

                   Performing the Engagement ................................................................................................................... 9
                   Technology Planning ......................................................................................................................................................... 9

                   System Development Life Cycle ..................................................................................................................................11
                   Production Support .......................................................................................................................................................... 16
                   Other Relevant Control Types ...................................................................................................................................... 19

                   Using Computer-assisted Audit Techniques ......................................................................................................... 22

                   Conclusion ................................................................................................................................................. 23
                   Appendix A. Related IIA Standards and Guidance ............................................................................ 24

                   Appendix B. Glossary ............................................................................................................................... 25

                   Appendix C. References .......................................................................................................................... 32
                   Acknowledgements ................................................................................................................................. 33





















                   1 — theiia.org
   96   97   98   99   100   101   102   103   104   105   106