Internal Controls

Internal Controls explain the activities we perform at our organisation to deal with Risks and Compliance Requirements. We document what they do, how we test them and what Policies, Standards and Procedures govern them.

60

0%
Current Internal Controls

0

0%
New Internal Controls

0

0%
Updated Internal Controls
Actions
Title
Objective
Audit Methodology
Audit Success Criteria
Maintenance Task
Policies
CMDB Reviews
The organisation keeps track of individual assets assigned in a CMDB (a spreadsheet), this is updated by Service Desk as they distribute and manage the assignment of them. This controls reviews that the assignment has been done correctly.
Evidence:
- List of CMDB changes since the last audit
- List of Service Desk tickets related to CMDB changes

Analysis:
- Validate that the CMDB changes have valid Service Desk number
- Validate Service Desk ticket followed the process in particular approvals and incident reports
- Visit the stock room and validate that items that show on the CMDB as pending assignment are visible

Output:
- Spreadsheet with the analysis
- Screenshots of the service desk tickets analysed
CMDB is updated and accurate
Service Desk tickets have followed the document process to the detail
NA
System inventory End Point CMDB Management Procedure