Given the current economic situation, companies need to maximize returns on all their assets and investments. It is common for business managers to focus attention on staff, inventory, energy costs and other ways to improve cash flow. In this article, I will give an overview of a simple but effective way to conduct a review of information technology.
Revision of your information technology may be informal and connected at home depending on the skills available within your organization. A formal review may be outsourcing to specialized consultancy companies. This option is selected in the following cases.
- Repeated IT expenditures are a significant part of the business plan.
- A significant task is because it is prepared in the short to medium term.
- Company does not have formal information technology or does not use senior professionals.
- Different defects in the company's internal control system.
The purpose of the review of information technology must be clearly defined when the audit is planned. Audit efficiency will be improved if owners are informed from the beginning, such as managers, current internal auditing team and external auditors. Approved goals will determine the work needed in the following six areas.
Is an indication of a comprehensive documented overall information technology policy? Is it a member of the board and management?
Have major IT expenses and recruitment decisions been in line with IT? Take minutes of a consistent approach to information technology in decisions reached by the board and other board members?
2. Policies and Procedures
Are documents setting out the principles and procedures related to information technology? Are these to be followed and enforced by the IT department? Is sufficient production and education within the company? There are regular tests to ensure compliance with access rights, appropriate use and security. Is there a clue of remedial improvements?
Are relevant occupational and human information technology at all levels? Is there an indication that this has been approved in the recruitment and selection process? Do periodic reviews of performance? Have IT staff talent to support the business in the future? Do IT staff continue professional development that is relevant to the business needs? Does the company have a good outsourcing partner to provide a special, special task or urgent framework?
This area is becoming increasingly important as companies go beyond the wired system as fast and mobile technology continues to come together. Many employees working outside the office are now routing by mobile phones to access and update office applications. A number of corporate research has shown that the vast majority do not have a strategy for mobile services. Likewise, the results indicate that there are no skills in this area. Some legitimate companies have had their wireless network hacked in recent years, leading to their customers & # 39; Credit card details are stolen. Tools presented on the web have made "War driving" affordable and convenient for people who wish to steal the company's information. It is important that regular internal or independent testing of the wireless infrastructure takes place to ensure one of the companies & # 39; The most important assets – its data.
The company's management is responsible for protecting the company's assets. Office equipment is not as easily monitored as it was ten years ago. In the past, most information technology remained stationary when older desktops were rebuilt in other departments. Today, every business site will have IT equipment that is replaced on a regular basis. Some mobile phones owned by the company can never be on site. The company must have procedures to monitor where the assets are located and who is responsible for them.
There should be signs of a competitive procurement process. The products purchased should match the planned growth and policy of the company.
The company should have a full list of software in use. It should be made sure that it is entitled to use this software by reviewing the applications against their licenses. An updated list of all licenses and support agreements should be updated. This should be checked by IT and other department managers who allow repayment of payments. As my experience, this exercise can lead to significant cost savings. Savings are achieved primarily by identifying software that has been replaced or unique modules that no longer need to be supported.
Many practical departments are usually too busy to participate in ways to change and improve. Although the downturn in activity is certainly unwelcome, there is an opportunity to take on stock, identify inability, take corrections and possibly make savings in the budget. This exercise will almost certainly enjoy the company in the future.