08-13-2015, 06:48 PM
The overall objective of Audit and Control Requirements is to consider audits and controls that will reduce or minimize the risk of those transactions being executed that place organization assets or information in jeopardy. Such transactions, if executed, should be detectable and their recurrence prevented.
Remember to include functional and manual audits and controls, as well as automated background controls. By categorizing these types, you can further describe the needs of each area. Be sure to address the following:
Remember to include functional and manual audits and controls, as well as automated background controls. By categorizing these types, you can further describe the needs of each area. Be sure to address the following:
- Who or what is dictating control?
- Why do certain data, functions, or other elements require control?
- Why do certain data, functions, or other elements require audit?
- Who or what will perform these audits or controls?
- Is timing or sequencing critical to the requirement?
- What is the level and type of control (field, form, process, host, and so on)?
- What impact does audit and controls create for normal business operations?