Risk Assessment - Level 5 Aquisition & Installation

Detailed Control Objective:
This is a generic page as some of the risks are pertinent to multiple risk objectives in the install and accredit systems.

KEY
A.	Non Existant: Management processes are not applied at all
B.	Intial Adhoc: Processes are ad hoc and disorganised
C.	Repeatable but intuitive: Processing follows a regular pattern
D.	Defined Process: Processes are documented and communicated
E.	Managed and Measurable: Processes are monitored and measured
F.	Optimised: Best practises are followed and automated
N/A	Not Applicable: This question is not applicable to this particular staff member

CobiT Control: Identify automated solutions

5.1 Training		A.	B.	C.	D.	E.	F.	N/A
5.0.1	The policies and procedures relating to systems development lifecycle process exist
5.0.2	Does the formal systems development lifecycle methodology in place for the systems installation and accreditation include a phased approach to :
	training
	performance sizing
	conversion plan
	testing of
	programs
	groups of programs
	entire system
	a parallel or prototype test plan
	acceptance testing
	security testing and accreditation
	operational testing
	change control
	implementation review
	post implementation review and
	modifications

Click here to return to Risk Assessment

Website Designed and Hosted by Grey Pebbles Design Studio | Sitemap