Change Management | Logical Access | IT Ops | General 1 | General 2 |
---|---|---|---|---|
What is CM-3?
(Approved)
This key control activity test that changes are approved prior to promotion to production
|
What is LA-6?
(Physical Access)
This key control activity test that physical access to computer hardware is limited to appropriate individuals
|
What is OP-1.2?
(Back-Up & Modification)
This key control activity test that access to establish new backups or modify existing backups is limited to appropriate personnel
|
What is LA-5.2?
(New User)
This key control activity test that user access is authorized and appropriately established
|
What is an Emergency Change?
This Change is assigned with an elevated priority level for implementation
|
What is CM-2 ?
(Tested)
This key control activity test that changes are tested prior to promotion to production
|
What is LA-3?
(Privileged)
This key control activity test that access to privileged IT functions is limited to appropriate individuals access
|
What is OP-2.1?
(Deviations from scheduled processing)
This key control activity test that deviations from scheduled processing are identified and resolved in a timey manner
|
What is LA-4?
(System Resources & Utilities)
This key control activity test that access to system resources and utilities is limited to appropriate individuals
|
What is a Technology Summary?
This document is completed after identifying the scope of applications based on planning
|
What is CM-4.1?
(Segregation of Incompatible Duties)
This key control activity tests that segregation of incompatible duties exists within the manage change environment
|
What is LA-2?
(Password Settings)
This key control activity test that password settings are configured to limit unauthorized access
|
What is OP-1.3?
(Back-Up & Recoverable)
This key control activity test that financial data that has been backed-up is recoverable.
|
What is LA-5.1?
(Current Users)?
This key control activity test that user access is appropriately maintained
|
What is a Client Assistance Listing?
This document is a request list of all supporting documentation needed from the client to conduct testing
|
What is CM-5?
(Monitoring)
This key control activity tests that the production environment is monitored to identify changes that have not been properly authorized, tested, and approved
|
What is LA-5.3
(Terminated User)
This key control activity test that terminated employee's user access is removed.
|
What is OP-3?
(Problems, Incidents)
This key control activity test that IT operations problems or incidents are identified, resolved, reviewed, and analyzed in a timely manner
|
What are types of Changes?
(Change Management)
Projects, Bug/Fixes, and Vendor are types of______.
|
What is Audit Evidence?
These documents are utilized by auditors to support performance of audit procedures
|
What is CM-1?
(Authorized)?
This key control activity test that changes are authorized prior to development
|
What is LA-1?
(Security Settings)
This key control activity test that general system security settings are configured to limit unauthorized access
|
What is OP-1.1?
(Back-Up & Recoverable)
This key control activity test that financial data has been backed-up
|
What are the Types of IT General Controls?
Change Management, Logical Access, IT Ops
|
What is an Exception?
This occurs when controls have been tested and are not designed or operating appropriately
|