RE: CRM Audit

[Robin Mathews]

Title: CRM Audit

Would anyone be able to breeze me on the requirements (contract agreement, disclosure, change management, controls, attacks, etc.) of having an in-house developed software. Would the company need to sign something similar to an escrow agreement with the program developer for him to reveal the program codes? Any insights on the same would be appreciated.   Regards, Robin   -----Original Message----- From: Kaplan, Jim [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 05, 2003 6:06 PM To: Robin Mathews; [EMAIL PROTECTED] Subject: RE: CRM Audit   Robin,   Perhaps the following documents may help regarding best practices in CRM:   http://www.netsessions.net/euniversity/download/best_whitepaper.pdf   Flushing out the hidden cost of CRM http://www.crmbuyer.com/perl/story/17614.html   If you are developing an audit program for CRM consider sharing it with AuditNet for the benefit of the audit community.   Thanks,   Jim -----Original Message----- From: Robin Mathews [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 05, 2003 7:55 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: CRM Audit   I am auditing the customer relationship management department of our hospitality group. The software being used by them has been designed in-house by our data warehouse manager who has integrated the property management system & the point of sales data into the CRM program.  Please advice from an: �       IS point of view, what would be the risks associated with running an in-house CRM program, requirements needed and main areas to audit in the program. �       Operation point of view, what risks would be involved in a CRM package and specific auditing checkpoints. Kind regards, Robin Mathews