Presentation is loading. Please wait.

Presentation is loading. Please wait.

Pertemuan 14 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.

Published byJennifer Cross Modified over 8 years ago

Similar presentations

Presentation on theme: "Pertemuan 14 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007."— Presentation transcript:

1 Pertemuan 14 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007

2 Bina Nusantara QUALITY MANAGEMENT

3 Bina Nusantara The Auditor’s Role in the Development Process Review user requirements Review manual and application controls Check all technical specifications for compliance with company standards Perform design walkthroughs at the end of each development phase Submit written recommendations for approval after each walkthrough Ensure implementation of recommendation before beginning the next phase Review test plans Present findings to management Maintain independence to remain objective

4 Bina Nusantara Risk Assessment Process Risks – Lack of strategic direction – Lack of development standards – Lack of a formal systems development process – Negative organizational climate Application Risks – Application complexity and magnitude – Inexperienced staff – Lack of end user involvement – Lack of management commitment

5 Bina Nusantara Audit Plan Compliance with standards and procedure Efficient and economical operation Conform systems to legal requirements Include the controls necessary to protect against loss or serious error Provide the controls and audit trails needed for management, auditor, and operational review Document the system : provide an understanding of the system that is required for appropriate maintenance and auditing

6 Bina Nusantara Software Development Controls Review Development standards Testing strategy Implementation and training Problem management Change management

7 Bina Nusantara SDLC Auditor influence is significantly increased when there are formal procedures and required guidelines identifying each phase and project deliverable in the SDLC and the extent of auditor involvement Auditors will be able to review all relevant areas and phases of the SDLC, identify any missing areas for the development team, and report independently to management on the adherence to planned objectives and procedures Auditors can identify selected parts of the system and become involved in the technical aspects based upon their skills and abilities Auditors can provide an evaluation of the methods and techniques applied in the systems development process, as defined earlier

8 Bina Nusantara Auditing Quality Assurance Goals – Quality Assurance Activities are planned and documented – Adherence of project activities and products to applicable standards, procedures and requirements is verified objectively – All impacted groups are aware of and corporative with Quality Assurance activities – Noncompliance issues are addressed with senior management

9 Bina Nusantara Auditing Quality Assurance Commitments – The SQA functions are in place on all software projects – The SQA group has a reporting channel to senior management that is independent of all project related groups – Senior management periodically reviews SQA activities and results

10 Bina Nusantara Auditing Quality Assurance Abilities – The SQA group exists and is active – Adequate resources and funding are provided – SQA personnel are adequately trained – Project team members understand and support the SQA function within their project.

11 Bina Nusantara Auditing Quality Assurance Activities – An SQA plan is prepared according to a documented procedure – The SQA plan is reviewed by all impacted groups – The SQA plan is managed and controlled – SQA activities are performed according to the SQA plan that covers responsibilities and authority, resource requirements, schedule and funding, role in establishing software development plans, standards, and procedures, evaluations to be performed, audits and reviews to be conducted, project standards and procedures to be used in audits, and procedures for documenting and reviewing finding

12 Bina Nusantara Auditing Quality Assurance Activities – The SQA function participates in the preparation and reviews of the project development plan, standards, and procedures – The SQA function reviews the software engineering activities to verify compliance – The SQA function audits designated software work products to verify compliance with standards, procedures, and contractual obligations and identifies, documents, and tracks deviations and corrections – The SQA function periodically reviews its findings with the customer SQA function and IT senior management

13 Bina Nusantara Auditing Quality Assurance Measurements – Measurement are devised and utilized to determine the cost, schedule, and effectiveness of SQA activities Verification – SQA activities are reviewed periodically with senior management – Subcontractor management activities are reviewed periodically with project management – Independent experts periodically review Quality Assurance activities and work products

14 Bina Nusantara Audit Report Depending on the audit scope and the length of the project, interim reports may be needed at the completion of major phases in the development process. Key reporting points include: – Planning – Design – Testing – Implementation – Post Implementation

Download ppt "Pertemuan 14 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007."

Similar presentations

1 Dr. Ashraf El-Farghly SECC. 2 Level 3 focus on the organization - Best practices are gathered across the organization. - Processes are tailored depending.

1 Dr. Ashraf El-Farghly SECC. 2 Level 3 focus on the organization - Best practices are gathered across the organization. - Processes are tailored depending.
Quality Assurance/Quality Control Plan Evaluation February 16, 2005.

Quality Assurance/Quality Control Plan Evaluation February 16, 2005.
Software Quality Assurance Plan

Software Quality Assurance Plan
By: MSMZ. Objective After completing this chapter, you will be able to: Explain 2 contract review stage List the objective of each stage of the contract.

By: MSMZ. Objective After completing this chapter, you will be able to: Explain 2 contract review stage List the objective of each stage of the contract.
1.Quality-“a characteristic or attribute of something.” As an attribute of an item, quality refers to measurable characteristics— things we are able to.

1.Quality-“a characteristic or attribute of something.” As an attribute of an item, quality refers to measurable characteristics— things we are able to.
CIP Cyber Security – Security Management Controls

CIP Cyber Security – Security Management Controls
Chapter 7: Key Process Areas for Level 2: Repeatable - Arvind Kabir Yateesh.

Chapter 7: Key Process Areas for Level 2: Repeatable - Arvind Kabir Yateesh.
More CMM Part Two : Details.

More CMM Part Two : Details.
Stepan Potiyenko ISS Sr.SW Developer.

Stepan Potiyenko ISS Sr.SW Developer.
Quality Assurance Copyright, 2002 © Jerzy R. Nawrocki Quality Management Auxiliary.

Quality Assurance Copyright, 2002 © Jerzy R. Nawrocki Quality Management Auxiliary.
Pertemuan 5-6 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.

Pertemuan 5-6 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
PROCESS AND PRODUCT QUALITY ASSURANCE

PROCESS AND PRODUCT QUALITY ASSURANCE
Pertemuan 16 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.

Pertemuan 16 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
Pertemuan 25 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.

Pertemuan 25 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
IS Audit Function Knowledge

IS Audit Function Knowledge
Internal Control Pertemuan 05 s.d 06 Matakuliah: F0712 / Lab Sistem Informasi Akuntansi Tahun: 2007.

Internal Control Pertemuan 05 s.d 06 Matakuliah: F0712 / Lab Sistem Informasi Akuntansi Tahun: 2007.
Pertemuan 7-8 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.

Pertemuan 7-8 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
Pertemuan 20 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.

Pertemuan 20 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
University of Sunderland CIFM03Lecture 1 1 Quality Management of IT CIFM03 Introduction.

University of Sunderland CIFM03Lecture 1 1 Quality Management of IT CIFM03 Introduction.
1 Pertemuan 9 Department Organization Matakuliah:A0274/Pengelolaan Fungsi Audit Sistem Informasi Tahun: 2005 Versi: 1/1.

1 Pertemuan 9 Department Organization Matakuliah:A0274/Pengelolaan Fungsi Audit Sistem Informasi Tahun: 2005 Versi: 1/1.

Similar presentations

Ads by Google