Page 264 - ITGC_Audit Guides
P. 264

Contents








                   Executive Summary ...................................................................................................................... 2

                   Introduction .................................................................................................................................... 3
                   Business Significance: Risks and  Opportunities ..................................................................... 5

                   Patches as Part of the Change-Management Process ................................................................... 6
                   Risks Related to Change Management ........................................................................................... 6

                   Change Management Elements, Management’s Responsibilities, and Patches .................... 9
                   Elements of Change Management .................................................................................................. 9
                   Management’s Controls ................................................................................................................. 13

                   Effective Change Management ..................................................................................................... 13
                   Patches .......................................................................................................................................... 15
                   The Role of Internal Audit in Change Management ................................................................. 18

                   Internal Audit Responsibilities ....................................................................................................... 18
                   Understanding and Assessing the Change Management Process ............................................... 19
                   Audit Findings/Observations .......................................................................................................... 22

                   Appendix A. Relevant IIA Standards and Guidance ................................................................ 24

                   Appendix B. Glossary ................................................................................................................. 25

                   Appendix C. Detailed Change Management Process .............................................................. 27
                   Appendix D. Sample Questions to Assess Effective Change Management ......................... 29

                   Appendix E. Characteristics of Effective and Ineffective Change Management Processes 30

                   Appendix F. Sample Change Management Audit Program ..................................................... 34
                   Appendix G. Sample Change Management Metrics................................................................. 37

                   Appendix H. References and Additional Reading .................................................................... 38
                   Additional Reading ........................................................................................................................ 38

                   Acknowledgements ..................................................................................................................... 39








                   1 — theiia.org
   259   260   261   262   263   264   265   266   267   268   269