Page 35 - Quick Insights Book 2022

P. 35

Chap. 6 – Information Technology

Project And Program Execution Audit IT CONTRACT MANAGEMENT ASSESSMENT

Basics Evaluates the IT organization’s ability to manage contracts and
how effectively IT and supply chain coordinate to manage costs
Evaluates common areas of high risk on programs (e.g., and negotiate effective agreements.
third-party contracting, business change, test strategy, data
migration). Outputs provide confidence to management that Audit Considerations
high- risk areas have been independently checked and verified
to leading practice.  Are IT asset and software contracts planned,
executed, managed and monitored effectively?
Deliverable  Are there “shadow IT” contractual agreements
executed in other parts of the organization?
Management audit of project/program methodology adopted,
and related risk management strategy.
SOCIAL MEDIA RISK MANAGEMENT
Performance audit of projects implemented.
Social Media Risk Assessment
SOFTWARE/IT ASSET MANAGEMENT
Collaborates with the IT organization to assess the social
IT and Software Asset Management Process and Control Audit media activities that would create the highest level of risk to
the organization. Evaluates the threats to the organization’s
Assesses the design and effectiveness of processes and information security through the use of social media. This audit
controls IT has deployed related to software and IT asset may be combined with a social media governance audit to then
management. confirm policies have been designed to address the highest

Reviews the impact of these processes on related IT processes risks to the organization.
such as IT service management, IT contract management and
information security. Audit Considerations
 Does the organization understand what risks exist
Audit Considerations
related to social media?
 Do we have a comprehensive approach to IT asset  How well are the identified risks managed?
and software management?
 How well do we manage software license costs? Social Media Governance Audit

 Is there an IT and software asset management Evaluates the design of policies and procedures in place to
technology solution in place to support these manage social media within the organization. Reviews policies
processes? If not, should there be? and procedures against leading practices.

SOFTWARE LICENSE REVIEW Audit Considerations
Performs a review of significant software license agreements  Does a governance process exist for social media
(e.g., ERPs) and evaluate the effectiveness of IT’s software within the organization?
asset management process in practice. Assesses opportunities  How well are policies related to social media
for cost reduction by improving the management of software known amongst employees?
licenses.
SOCIAL MEDIA ACTIVITIES AUDIT
Audit Considerations
Audits the social media activities of the organization and
 Are there opportunities to renegotiate software its employees against the policies and procedures in place.
licensing agreements based on the way the Identifies new risks and assist in developing policies and
organisation actually utilizes software versus the controls to address the risks.
way original contracts were negotiated?
 Is the organisation violating any existing contractual Audit Considerations
agreements?
 Are social media activities aligned to policy?
 What corrective actions need to be put in place
given activity?

22 Quick Insights on Professional Opportunities for Chartered Accountants

30 31 32 33 34 35 36 37 38 39 40