From the course: Building a Data-Driven Audit
Unlock this course with a free trial
Join today to access over 24,600 courses taught by industry experts.
Fieldwork and change management
From the course: Building a Data-Driven Audit
Fieldwork and change management
- Winding down our zoolilly.com saga, we already mentioned that the employee's access to the systems code was appropriate and that's how they managed to initiate the scheme. But shouldn't there have been some kind of control in place to prevent them from making nefarious changes to critical systems? The answer is yes, there should have been. Let's talk about change management controls. There are a few main components to change management when it comes to making changes to a systems code. You should be testing all changes in a separate environment dedicated to testing. All changes that need to be made to a system need to go through an approval process. And most importantly, that approver should be someone separate from the person that developed and or tested the change. The purpose of testing change management controls is to ensure that all changes to systems, software, or configurations are properly authorized, tested, and documented before implementation. Some ways to go about…
Contents
-
-
-
-
-
-
(Locked)
Setting the stage1m 7s
-
(Locked)
Planning and risk assessments3m 21s
-
(Locked)
Fieldwork and expense reimbursements4m 30s
-
(Locked)
Fieldwork and revenue recognition4m 55s
-
(Locked)
Fieldwork and access controls5m 15s
-
(Locked)
Fieldwork and change management5m 7s
-
(Locked)
Reporting and data visualizations3m 13s
-
(Locked)
-