Recommending and Using IT Audits in Your Managed Services Program?
If not, from an advisory-services perspective including an IT audit as part of a managed services client package is an often-missed opportunity to add value to your clients.
These audit needs to be conducted independently of any managed service provider or web hosting provider. The audit may be annually or as frequently as the client requires, making this a great discussion to have with your clients. Your clients may have governance and compliance requirements, but more importantly their clients may require all vendors perform specific audits. While talking with clients about their managed service’s or web hosting needs, be sure to ask about audit needs.
Although there are many types of audits available, here are seven to consider as part of a managed services or web hosting package.
Client/Server, Intranets, and Extranets Audit
An audit to verify that telecommunications controls are in place on the client (computer receiving services), server, and on the network connecting the clients and servers.
General Controls Audit
An audit to review the generally accepted controls across all information systems implementation. This might involve systems development, systems operation, maintenance of systems and application security. It might also include a general control review of operating systems, a security software tool, data center security review and policies and procedures compliance.
Information Security Audit
An audit to assess how the organization’s security policy is employed. It is part of the on-going process of defining and maintaining effective security policies. Security audits provide a fair and measurable way to examine how secure a site really is.
Systems and Applications Audit
An audit to verify that systems and applications are appropriate, are efficient, and are adequately controlled to ensure valid, reliable, timely, and secure input, processing, and output at all levels of a system’s activity.
Information Processing Audit
An audit to verify that the processing facility is controlled to ensure timely, accurate, and efficient processing of applications under normal and potentially disruptive conditions.
Systems Development Audit
An audit to verify that the systems under development meet the objectives of the organization, and to ensure that the systems are developed in accordance with generally accepted standards for systems development.
Disaster Recovery/Business Continuity Audit
An audit to evaluate documented processes and procedures for information systems’ disaster preparedness, resilience and compliance and to evaluate the continuance of key business functions in the event of a disruption. Assessment of controls in place to verify that a disaster recovery plan exists and is properly filed.
Contact Madeline Parisi for more information.
Madeline Parisi & Associates LLC (MPA), is a Women Owned Business (WBE) located in Barrington, Illinois. Our Mission Statement is simple – To help organizations identify and recognize missed opportunities or pain points, and to provide business training solutions that help the organizations’ individuals and teams improve performance, and ultimately increase ROI.