SYSTEM AUDIT
Your business is very dependent on the controls of your computer systems:
servers, Internet Access, email, etc. The purpose of an IT audit is to evaluate the
system controls related to security, user management, access, and data
integrity. It gives an assurance that the IT systems are adequately protected
and properly managed to achieve the intended objectives. What we do? An
information systems audit performed by Universal Accountants consists of an
establishment of the IT audit objectives and scope and development of a
comprehensive audit plan. The evaluation of the system components happens
in the following areas:
- End user identity management (e.g. password standards, roles limiting
authentication mechanisms) - Business process mapping
- Backup/Restore procedures
- Application security controls
- Operating systems configurations (e.g. services hardening)
- Database access controls (e.g. roles defined in and account access to the
- database, database configuration)
- Anti-virus/Anti-malware controls
- Logging and auditing systems and processes
- Network controls (e.g. firewall rules)
- System Administrator/IT privileged access control