audit sistem informasi -...
TRANSCRIPT
AUDIT SISTEM
INFORMASI MUHAMMAD BAGIR, MTI
CONTENTS
INFORMATION SYSTEM H/W
INFORMATION SYSTEM ARCHITECTURE &
SOFTWARE
INFORMATION SYSTEM NETWORK
INFRASTRUCTURE
INFORMATION SYSTEM OPERATION
AUDITING INFRASTRUCTURE & OPERATIONS
INFORMATION SYSTEM
HARDWARE COMPUTER HARDWARE COMPONENTS AND
ARCHITECTURES PROCESSING COMPONENTS INPUT/OUTPUT COMPONENTS TYPES OF COMPUTERS UNIVERSAL SERIAL BUS MEMORY CARDS
RADIO FREQUESNCY IDENTIFICATION (RFID)
HARDWARE ACQUISITION
HARDWARE MAINTENANCE PROGRAM
HARDWARE MONITORING PROCEDURES
CAPACITY MANAGEMENT
HARDWARE ACQUISITION
Selection of Computer H/w and S/w
environment frequently requires the
preparations of a specification for
distribution to h/w and s/w vendors and
criteria for evaluating vendor proposals.
This specification is sometimes presented
to vendors in the form of an invitation to
tender(ITT), also known as request for
proposal (RFP)
HARDWARE ACQUISITION
(CONT’D)
For acquiring a system the ITT, or specification, should include the following:
Organizational description
Information processing requirements
Hardware requirements
System software applications
Support requirements
Adaptability requirements
Constraints
Conversion requirements
ACQUISITION STEPS Testimonials or visits with other users
Provisions for competitive bidding
Analysis for bids against requirements
Comparison of bids against each other
Analysis of vendor financial conditions
Analysis of vendor capability
Review of delivery schedule against requirements
Analysis of h/w / s/w upgrade capability
Analysis of security and control facilities
Evaluation of performance against requirements
Review and negotiation of price
Preparation of a formal written report summarizing
INFORMATION SYSTEM
ARCHITECTURE & SOFTWARE OPERATING SYSTEMS
Software Control Features or Parameters
Software Integrity Issues
Activity logging and Reporting Options
Access Control Software
DATA COMMUNICATION SOFTWARE
DATA MANAGEMENT File Organizations
DATABASE MANAGEMENT SYSTEM
PROGRAM LIBRARY MANAGEMENT SYSTEMS
TYPE AND RISK MANAGEMENT SYSTEMS
JOB SCHEDULING SOFTWARE
UTILITY PROGRAMS
SYSTEM SOFTWARE ACQUISITION
SYSTEM SOFTWARE IMPLEMENTATION
SYSTEM SOFTWARE CHANGE CONTROL PROCEDURES
INFORMATION SYSTEM
NETWORK INFRASTRUCTURE
ENTERPRISE NETWORK ARCHITECTURES
TYPES OF NETWORK
NETWORK SERVICES
NETWORK STANDARDS AND PROTOCOLS
OSI ARCHITECTURE
APPLICATION OF THE OSI MODEL IN
NETWORK ARCHITECTURES
INFORMATION SYSTEM
OPERATION COMPUTER OPERAIONS MANAGEMENT OF IS OPERATIONS
Control Functions
IT SERVICE MANAGEMENT Service Management
JOB ACCOUNTING SCHEDULING MONITORING USE OF RESOURCES
PROBLEM MANAGEMENT Detection, Documentation, Control, Resolution and Reporting of
Abnormal Conditions
PROGRAM CHANGE CONTROL QUALITY ASSURANCE SUPPORT/HELP DESK
AUDITING INFRASTRUCTURE &
OPERATIONS HARDWARE REVIEWS OPERATINGS SYSTEM REVIEWS
DATABASE REVIEWS LOCAL AREA NETWORK REVIEWS NETWORK OPERATING CONTROL REVIEWS IS OPERATION REVIEWS
Computer Operations
File Handling Procedures
Data Entry Control
LIGHT-OUT OPERATIONS PROBLEM MANAGEMENT REPORTING REVIEWS HARDWARE AVAILABILTY AND UTILIZATION REPORTING
REVIEWS SCHEDULING REVIEWS