If follow up reviews are not done, then IT tend to ignore the commitment that they made to address certain control issues. They remain untouched and appear again next time a full audit is done of that environment. Audit must have some teeth. The follow-up review should be performed about 6 months after the audit, to establish that those items that IT Management have commited to addressing, in those 6 months, have been addressed. Should this not have occurred then either a good reason must be given or senior management should consider disciplinary action against the person responsible for addressing that risk.
Information Request Form
Select the items that apply, and then let us know how to contact you.
Send service literature Please could you set up a Asset Management System Please contact me
