Internal Controls
Internal Controls explain the activities we perform at our organisation to deal with Risks and Compliance Requirements. We document what they do, how we test them and what Policies, Standards and Procedures govern them.
60
0%
Current Internal Controls
0
0%
New Internal Controls
0
0%
Updated Internal Controls
|
Actions
|
Title | Objective | Audit Methodology | Audit Success Criteria | Maintenance Task | Policies |
|---|---|---|---|---|---|---|
|
CMDB Reviews
|
The organisation keeps track of individual assets assigned in a CMDB (a spreadsheet), this is updated by Service Desk as they distribute and manage the assignment of them. This controls reviews that the assignment has been done correctly.
|
Evidence:
- List of CMDB changes since the last audit - List of Service Desk tickets related to CMDB changes Analysis: - Validate that the CMDB changes have valid Service Desk number - Validate Service Desk ticket followed the process in particular approvals and incident reports - Visit the stock room and validate that items that show on the CMDB as pending assignment are visible Output: - Spreadsheet with the analysis - Screenshots of the service desk tickets analysed |
CMDB is updated and accurate
Service Desk tickets have followed the document process to the detail |
NA
|
System inventory End Point CMDB Management Procedure |