Automation Controls Self-Assessment Guide

healthyapricotΜηχανική

5 Νοε 2013 (πριν από 3 χρόνια και 10 μήνες)

85 εμφανίσεις

Practices for Protecting Information Resources Assets

Appendix J
-
3. Automation Controls Self
-
Assessment Guide

J
-
3.
1

APPENDIX J
-
3

Automation Controls

Self
-
Assessment Guide

Texas State Auditor’s Office

http://www.sao.state.tx.us/cfdocs/apps/automationassess/icq
-
f.html


This online self
-
as
sessment guide will help managers at state agencies and universities
to assess the status of their computer operations control environment. The results will
point out areas of strength and areas that may need some improvements. Managers can
then decide whe
re to focus their resources for any needed review efforts and
improvement activities.

Given the significant amount of planned expenditures, the changes in information
technology and its workforce and the importance of information systems in any
organizati
on, it would be helpful for management at state agencies and universities to
know if appropriate general automation controls have been developed, are in place
(with appropriate documentation), and are working as intended.

This self
-
assessment guide is divi
ded into the following five sections:

1.

Self
-
Assessment Questionnaires

This section contains five questionnaires which cover
the following key control areas: Physical Security, Access Security, Computer
Operations, System Development Life Cycle, and Appli
cations.

2.

Report Card

This section provides the computerized results of your answers to the
questionnaires and provides guidance on how to analyze your results.

3.

Additional Resources

This section contains a list of information sources that will be
hel
pful in your efforts to improve your control environment. You should use your
computerized results to determine which sources will be the most helpful.

4.

Feedback Request

This section consists of a form for you to provide us with
suggestions on how to im
prove the self
-
assessment guide.

5.

Appendices




Objectives, Scope, and Methodology

a description of the information collected,
procedures performed, and criteria used in developing the General Automation
Controls



Self
-
Assessment Guide



Glossary

an alphabe
tical list of definitions for information technology words,
many of which are used throughout this self
-
assessment guide.



Bibliography

a list of the information sources we used in the preparation of this
self
-
assessment guide.




Practices for Protectin
g Information Resources Assets

J
-
3.
2

Appendix J
-
3. Automation Controls Self
-
Assessment Guide