Audit-l is sponsored by Audit Leverage by IAD Solutions, Inc. Audit Leverage is a department management software package that integrates and automates the entire audit process. This comprehensive package includes risk assessment, audit planning, budgeting, staffing, scheduling, timekeeping, automated work papers, audit findings & recommendations, reporting and audit follow-up. Audit Leverage allows auditors in the field to work off-line and dial in to synchronize their work with the Audit Leverage database on the network, enabling managers to review the work papers instantly without being at the job site.
Demo available at www.auditleverage.com Dear Community members I am working on an assignment for a government owned telecommunication company. The scope of work involves the following: Phase 1: 1. Developmnet of an Information Security Controls Framework in accordance with COBIT and BS7799 2. Development of an Information Secuirty Auditing Strategic Plan for critical IT and PSN processes (Public Switch Networks) Phase 2: Information Security Auditing of the Landline, Mobile Phone, Public Internet and Public Data Networks in order to ensure compliance with the Controls Framework developed in Phase 1 above. Q1. Is any one out there aware of any Information Security Audit Programs for the following telecom areas: 1. Land line network 2. Mobile Phone network 3. Public Internet (the telecom company provides internet backbone to private sector ISPs) 4. Public Data network Q2. Can any one share any ideas on the development of the Controls Framework to be prepared in Phase 1? It would be a great help if any one could provide me a sample control framework or a template based on COBIT and BS7799. Please note that we have to perform the following activities before developing the Controls Framework: a. Current State Assessment of IT and PSN processes b. Identification of critical IT and PSN processes c. Risk Assessment d. Gap analysis for critical IT and PSN processes only to identify control weaknesses and mapping with high level Control Objectives (COBIT) and detailed corresponding controls (COBIT/BS7799) e. Maturity Evaluation along with the identification of CSFs, KGIs, and KPIs (using COBIT management guidelines) f. Development of a Control Framework based on (a) to (e). Thank you very much. Umair ______________________________________________________________________ The information contained in this communication is intended solely for the use of the individual or entity to whom it is addressed and others authorized to receive it. It may contain confidential or legally privileged information. If you are not the intended recipient you are hereby notified that any disclosure, copying, distribution or taking any action in reliance on the contents of this information is strictly prohibited and may be unlawful. If you have received this communication in error, please notify us immediately by responding to this email and then delete it from your system. Ernst & Young is neither liable for the proper and complete transmission of the information contained in this communication nor for any delay in its receipt. If your organization would like to sponsor this discussion list send an e-mail to [EMAIL PROTECTED] for information. To unsubscribe to the Audit-l list send an e-mail to [EMAIL PROTECTED] Leave the subject line blank and include the following message in the body: Unsubscribe audit-l (yourname) Thanks, Jim Kaplan List Manager
