CHAPTER 3Auditing Entity-Level Controls
In this chapter we will discuss how to audit entity-level controls, which are pervasive across an organization. We will be discussing the auditing of information technology (IT) areas such as
• Strategic planning and technology roadmaps
• Performance indicators and metrics
• Project approval and monitoring processes
• Policies, standards, and procedures
• Employee management
• Asset and capacity management
• System configuration change management
Background
Because entity-level controls are pervasive across an organization, you can audit them once and feel confident that you have covered the topic for the whole company. This chapter discusses areas that the auditor should expect to see centralized in an ...
Get IT Auditing Using Controls to Protect Information Assets, 2nd Edition, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
