Information Systems Audit Program (cont.). PHYSICAL SECURITY CONTROLS. Step 5. Assess the adequacy of physical security over the computer system hardware and storage media. Step 6. Determine whether an adequately trained backup system security administrator has been designated. Step 7.
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
Information SystemsAudit Program (cont.)
a. Assess the adequacy of backup procedures for system software and data. The procedures should include periodic backups as necessary (daily, weekly, monthly), off-site storage at a secure location, and rotation of backup media.
b. Verify that at least one alternative set of processes exists for each key assumption (transportation, communications, staffing, processing facilities, etc.).
a. Assess the reasonableness of the access capabilities assigned to each user.
b. Confirm that user IDs of terminated employees are suspended in a timely manner.
c. Confirm that system access capabilities of transferred employees are adjusted accordingly.