Scribd Logo
Importer

Bienvenue sur Scribd !

  • I.T Checklist

    Transféré par

    AT
    6 vues4 pages
    aid in conducting audit

    Copyright

    © © All Rights Reserved

    Formats disponibles

    DOC, PDF, TXT ou lisez en ligne sur Scribd

    Avez-vous trouvé ce document utile ?

    Ce contenu est-il inapproprié ?

    Signaler ce document
    aid in conducting audit

    Droits d'auteur :

    © All Rights Reserved
    Téléchargez comme DOC, PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    6 vues4 pages

    I.T Checklist

    Transféré par

    AT
    aid in conducting audit

    Droits d'auteur :

    © All Rights Reserved
    Téléchargez comme DOC, PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    sur 4

    AUDIT CHECKLIST

    Yes No N/A Comments


    Business Continuity/Disaster Recovery (BC/DR)
    Is there a BC/DR plan in place for
    the organisation/office location?
    Is it approved / current?
    Is it appropriate?
     All areas covered?
     Escalation list with current
    individuals?
     Any emergency numbers
    not listed (e.g. utilities)?
     Has it been tested?
    Can staff perform their jobs and
    the office function without an
    office building?
     If not, why not, list any
    affected functional areas?
    Yes No N/A Comments
    Information Technology (IT) Server Room/ Activities
    Does the office have an IT server
    room?
    Which server does the office run
    off (i.e. UK, India, USA)?
    How is access to the room
    controlled?
     Is there a signing in/out
    book?
     Is entry accompanied by
    IT staff?
    Are there any pest control
    activities?
     Are pest control activities
    possibly needed (e.g.
    basement location)
    AUDIT CHECKLIST

    Yes No N/A Comments


    Business Continuity/Disaster Recovery (BC/DR)
    How is temperature monitored?
     Manual or automated?
     Is there a back up?
     How often are temperature
    probes calibrated, and is
    this documented?
     Is the temperature
    monitoring alarmed?
     Upon alarming where does
    the signal relay to?
     Is the calibration vendor
    approved?
    Is there a false floor?
    Are the servers off the floor?
    Is there a controlled / graceful
    shutdown?
    Are there any water pipes within
    the ceiling of the room?
    If the room is in the basement are
    there any moisture detectors?
    Does the office have a source for
    Uninterrupted Power Supply
    (UPS)?
     If so, describe-battery /
    generator
     How much time do they
    allow before shut down?
     What part of the system is
    supported before shut
    down?
     Is there a controlled /
    graceful shutdown?
    AUDIT CHECKLIST

    Yes No N/A Comments


    Business Continuity/Disaster Recovery (BC/DR)
    Does the office have a back up
    generator?
     If so what is the capacity?
     Is there a contract with a
    diesel provider?
     How often is the generator
    tested?
     Is the testing
    documented?
     Is there an equipment log
    for the generator?
     How quickly does the
    generator kick in when
    power supply is
    interrupted?
     What equipment is linked
    to the generator?
    Are there back up servers? If so,
     Are they in a different
    location?
     Configuration (mirrored,
    clustered, VM ware, etc)?
     How is the back up
    accomplished?
     Is there a service
    agreement in place?
     Where are back up
    media / tapes kept?
    Overnight, long term
     Is the movement of the
    media / tapes
    documented?
     If vendor used for storage
    of back up media / tapes
    are they approved?
     What is the media / tapes
    rotation policy?
     Are backups periodically
    restored to verify data is
    still readable, and is this
    documented?
    AUDIT CHECKLIST

    Yes No N/A Comments


    Business Continuity/Disaster Recovery (BC/DR)
    Is there an IT disaster recovery
    plan in place?
     Is it approved / current?
     Has it ever been tested?
     Was testing documented?
     Were any FU actions
    implemented?
    Is there a current
    hardware/software inventory log?
    How often is it updated?
    Is there IT help in the office?
     If not, how is IT support
    contacted?
     Hours of support?
    How are old IT systems
    decommissioned? Is there,
     An SOP in place?
     Are Vendors used?
     Are the Vendors
    approved?
     Review documentation of
    decommissioned system
    Is training on use of computerised
    systems provided to new
    employees?
     By whom?
     Is this documented?
    Do IT staff give/revoke staff
    access to systems?
     How is this
    controlled/documented?
     Review an example
    Are firewalls/virus protections in
    place? If so,
     How often are they
    updated?
     How are they updated?

    Vous aimerez peut-être aussi