It considers the revision of the organization’s commitments in matters of Information Technology, but oriented to the Planning, Supervision and Control of its fulfillment and in strict alignment with the corporation strategies.
Risk assessment in data processing centers
It consists in submitting to review the physical facilities where the computers/servers that store and process the organization’s transactions reside, ensuring timely availability over time.
Computer assisted auditing techniques (CAAT)
It constitutes an Audit tool that allows for a substantive and / or compliance examination.
Internal operating procedures assesment of the it department
The purpose is to evaluate the proper compliance with the operating procedures that the IT Department must execute as part of its daily work, in order to achieve the objectives set out in the IT Plan.
Operational continuity plans review
Operational Continuity seeks to establish (unlike a Disaster Recovery Plan), the alternative actions that should be executed in the absence of electronic information processing.
Risk assessments, unauthorized access assessment and information integrity
Process by which the different types of risks to which the organization is exposed are identified, measured, monitored, limited, controlled, reported and disclosed, taking into account the definition of objectives, policies and procedures.
DRP evaluation: disaster recovery plan
It consists in establishing precisely aspects related to the possibility of interruption of the electronic information processing service.
Through a critical analysis, carry out an examination of the processes and / or operational cycles of the organization in order to identify weaknesses and suggest recommendations to improve them.
Application controls assesment
It aims to ensure that the programmed controls of the applications (End user access to the functionalities and data, Transaction entry, Rejected or not processed items and Transaction processing) operate properly to guarantee the security and reliability of the information.
Planning, supervision and control of systems audit tasks
Basically, it establishes the minimum phases necessary to carry out and successfully complete any Systems Audit work, complying with the objectives set and delivering the results in a timely manner.
Review and analysis of contractual agreements related to information technologies
Considering the existing contractual background with providers of goods and services of technology Information, the proper compliance in the execution of these is determined, as in the respective payments that the organization must make as compensation for them.
Computer security review and evaluation
It implies ensuring the Confidentiality, Integrity and Availability of the information that is processed electronically by computer systems.
Development and implementation audit process of computer systems
Evaluate the correct software development application methodologies that ensure the construction or implementation of quality tools.