Information
Technology is a pervasive and intrinsic part of most organizations
and traditional internal control methods are not enough for the new
technologies being used. Kilclare Software is continuously seeking
out industry best practice material which would be useful for our
users and which could be formatted for use in VA. COBIT and the FFIEC
Information Technology (IT) Examination Handbook are two such sources.
COBIT,
issued by the IT Governance Institute, is increasingly internationally
accepted as good practice for control over information, IT and related
risks.
The Federal Financial
Institutions Examination Council (FFIEC) has, over the past few years,
been issuing a series of booklets as updates to the 1996 FFIEC Information
Systems Examination Handbook, which will eventually replace the 1996
handbook and comprise the new FFIEC Information Technology (IT) Examination
Handbook. Whilst this material has been issued by a financial institution
regulatory body, much of it has a much wider general application.
Financial institutions are heavily dependent on IT, their systems
are often complex and as a result, the FFIEC material is very comprehensive.
The material in these templates could be used to augment users existing
templates where assessment has indicated that controls may need to
be strengthened. For example, the Outsourcing Technology Services
template addresses the material issues which might be included in
any contract with a 3rd party provider. The authoring function in
VA allows users to pick and choose from various templates when creating
templates to fit their particular circumstances. Click here
to see the FFIEC IT Examination Handbook material
If there is other
source material which you find useful and which you think would be
suitable for use in VA please contact us to discuss it.
