Minimum Testing Standards for Systems and Data Memo

Subscriber Content
Screenshot of the first page of Minimum Testing Standards for Systems and Data Memo

The purpose of this memo is to outline minimum IT controls process teams should be assessing when performing their reviews. Specifically, it covers minimum controls process owners should have in place around user access, change control, backup, privacy, licenses and document retention for the primary accounting and informational systems that are within the scope of the review.

Implementing these minimum IT control standards into each work program creates consistency across reviews and verifies that internal auditors are assessing key areas of IT risk within the client’s key informational and accounting systems.


Topics
Document Retention
Audit Testing
Identity and Access Management
Change Management
IT Audit
Project Management
Data Security

Related Resources

Audit Programs

Access to Programs and Data Audit Work Program

Checklists & Questionnaires

IT General Controls Questionnaire

Checklists & Questionnaires

Data Center General Controls Questionnaire

Free Trial

Sign up for a free, no-obligation trial to start exploring our timesaving, valuable resources.

Let's Do It