Defining the Scope, Objectives, Goals, and Frequency of an Audit
The scope, objectives, goals, and frequency of audits are based on a risk. The goal of the planning phase of an audit is to define an audit universe and then identify the risk that puts the organization’s goals in jeopardy. An audit universe is defined as the collection or grouping of auditable areas, units, or entities grouped of logically separate areas to ensure full coverage of risks. For example, to cover all of the IT infrastructures we can logically separate the information technology (IT) operations versus the information security (IS) functions. Both are needed to ensure data are appropriately processed and applications are protected to support the business's goals. Consequently, ...
Get Auditing IT Infrastructures for Compliance, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
