Internal audit of Information technology system
Internal audit of Information technology system is established to identify non compliance in system and for continual improvement.
Internal audit of information technology system is required to identify non-compliance in information technology system which is deployed by management for conducting all task and communication, interactions and sequences of processes are managed by systematic ways, and easier for implementation of processes for commit any issues on time frame. Information technology audit is part of internal management system where audit conducted as same to other department, for the specific in the audit is information system is not directly concern with product quality but is responsible for product and process quality implementation and failures. So it’s important that information technology audit should be conducted by serious manner & also implement non-conformance are identified during audit period.
Internal audit of information technology and preparation of audit is conducted by management representative and will be conducted by qualified audits and should not be belong to information technology department, hence auditors should be well aware of processes and system knowledge to helps for implementation of some part like system maintenance, schedules of services and network management with software reliability and database management system. Internal audit of information technology and documentation are prepared by auditors on base of management representative audit format prepared for information technology, audits are conducted some basic points which help as checklist for internal audit of information technology department:
- Is there all the terminals (System) records are available with department? Each computer configurations, peripherals records are available?
- Whether department have all the hardware records, installation packages, CDs, software lists are available?
- Is there information technology department having maintenance schedule for each system of company?
- Information technology department having records of computers are attached with machine, equipment and devices? Specific records where all concern details like software, installation guidelines.
- Whether standard operating system is defined by information technology? Is there all the processes are covered?
- Check the records of maintenance activities, preventive records of previous month?
- Is there training records for computer / devices users are prepared, scheduled and implemented?
- Information technology Department generated waste like circuit boards, monitors, waste hard disks, power suppliers and other materials records are properly handled? Is there hazardous category materials are disposed properly? And those records are maintained?
- Information technology departmental objectives are defined? How its concern with product quality, environment and main stream system?
- How department handle improvements plan? Is there continual improvement records are evident?
- Whether previous audit documents are available with department i.e. internal and external audit reports, capa and other documentations.
- How department maintained internal complaints from system users? How it’s conducted? Documents, complains registers, records are available?
Information technology system internal audit are conducted on above points help to auditors, the system audit are conducted on base of company level and information technology structure in company but almost points are mentioned above are important for audit and internal management system required clauses. Internal auditors are conducting internal audit in information technology department and prepared document as system defined, management representative are provides standard audit format to auditor for conducting audit, see picture below given example format for information technology internal audit format for education purpose, below format is prepared for information technology requirements, standard system requirements which needs to specific formatting system as below:
Internal audit report of information technology’s internal system are prepared by auditors and all related non conformity records, information are provided to department manager for immediate actions on it, information technology manager is conducting all non conformity and corrective actions and preventive actions plan are submit to auditors, and implement in the system, once auditors are satisfied with implementation and compliance that auditors are closed non conformity in line with N.C. report.
——————————————————————————-
Download format in word document | Excel Sheet | PDF format
Information technology internal audit report
——————————————————————————-