This report is to provide Audit Committee with the terms of reference for an audit project included in the 2007 Audit Work Plan.
|
|
- Myron Cameron
- 2 years ago
- Views:
Transcription
1 Terms of Reference - Audit Project Date: September 5, 2007 STAFF REPORT INFORMATION ONLY To: From: Wards: Audit Committee Jeff Griffiths, Auditor General All Reference Number: SUMMARY This report is to provide Audit Committee with the terms of reference for an audit project included in the 2007 Audit Work Plan. FINANCIAL IMPACT There is no financial impact resulting from the adoption of this report. ISSUE BACKGROUND Each year the Auditor General s Office submits a work plan to the Audit Committee summarizing audit projects to be undertaken. The audit process requires the development of the terms of reference for each project providing background, objectives and reporting timeframe for the respective assignment. COMMENTS The terms of reference for our review of a project entitled Information Technology Disaster Recovery Plan is provided as an appendix to this report. It should be noted that the terms of reference has been forwarded for information purposes to senior management of the respective program area and audit work has been initiated. Terms of reference for audit projects are important in providing direction and focus for the work undertaken. They also specify the background, scope and objectives of the review, as well as the expected reporting date. It should be noted that the audit process is not restricted to those areas contained in the terms of reference. Terms of Reference Audit Projects 1
2 CONTACT Alan Ash, Director, Auditor General s Office Tel: , Fax: , Ben Smid, Senior Audit Manager, Auditor General s Office Tel: , Fax: , SIGNATURE Jeff Griffiths, Auditor General cg 07-TOR-01 ATTACHMENTS Appendix 1: Information Technology Disaster Recovery Plan G:\AGO\2007\Reports\Deputy City Mgr & CFO\I & T\Disaster Recovery Plan - Terms of Reference Sept doc Terms of Reference Audit Projects 2
3 APPENDIX 1 AUDITOR GENERAL S OFFICE TERMS OF REFERENCE Project Name: Information Technology Disaster Recovery Plan Division/Board: Multi-Divisional Year of Audit: 2007 Project Code: 06-ITD-01 A. Introduction/Background The delivery of essential services provided by the City of Toronto is dependent upon the availability of resources including employees, facilities, utilities and automated systems. The City external auditor s 2001 Management Letter expressed concern that the City had not yet developed a formal organization-wide recovery plan for critical systems in the event of a computer disaster. The external auditors also suggested that a full Disaster Recovery Plan be put in place as soon as possible. A Disaster Recovery Plan is an information technology plan designed to restore a system, application or computer facility after a catastrophic event. At the July 2003 meeting, Council directed the Auditor General to conduct a review of the City s Disaster Recovery Plan. The project was subsequently included in the Auditor General s 2004 Work Plan. In June 2004, the Auditor General informed the Audit Committee that staff had initiated work in this area and as a result an audit of the Disaster Recovery Plan was not appropriate at that time. Instead a more appropriate and meaningful audit should be conducted upon completion of management s efforts in developing a Disaster Recovery Plan. B. Financial/Operational Highlights Under the City s present Information Technology governance structure, divisions are responsible for their respective Disaster Recovery Plans for applications and systems they manage outside of the City s main data centre. The City s Information and Technology Division is responsible for formulating a Disaster Recovery Plan to minimize the impact a disaster may have on the availability of computer applications and systems maintained at the City s main data centre. In 2004, the City contracted with SunGard Availability Services to conduct a disaster recovery business impact analysis for applications and systems administered by the Information and Technology Division. The SunGard study provided a number of recommendations. Based on the results of their business impact analysis, the SunGard Terms of Reference Audit Projects 3
4 analysis estimated that approximately $14.5 million is required to implement recommendations from their report. C. Key Financial/Operational Issues and Controls Citizens rely on services to be available. An extended interruption in service effects customer service, management control and decision-making ability, the reputation of the City and the City s ability to comply with regulatory and legal requirements. The Ontario Comprehensive Emergency Management Program requires that the City of Toronto have a plan to deal with disasters. In order to support that plan the city must have an information technology disaster recovery plan. The SunGard Availability Services study concluded the City would experience a negative financial impact if business units were not able to carry on operations. Estimated losses from potential regulatory, legal, operational costs and potentially delayed or lost revenues are in the range of $5 million after 24 hours to $158 million if the delay exceeds one month. Public and employee health and safety also become an issue in the event information technology systems supporting Toronto Public Health and Social Services fail. D. Audit Objectives and Scope Disaster recovery planning for large and complex organizations is a significant task. The overall question addressed by this review is how prepared is the City in responding to a disaster causing critical computer systems to fail? The specific objectives of this review are to determine: the adequacy of current corporate governance and coordination of recovery planning efforts in the event of a disaster; compliance with laws, rules and regulations set forth in related legislation; compliance with generally accepted standards for disaster recovery planning and management established by related professional and industry organizations; and completeness of the City s disaster recovery plan, continuity of operation plans, and related policies and procedures. Our audit methodology will include: a review of relevant legislation, policies and procedures; interviews with relevant staff; an examination of documents and records; review of current literature on disaster recovery practices; and other procedures deemed appropriate. Terms of Reference Audit Projects 4
5 This audit will not include an in-depth review of disaster recovery plans for City Agencies, Boards and Commissions. E. Expected Reporting Date Audit Committee Meeting February 2008 Terms of Reference Audit Projects 5
Auditor General s Office. Governance and Management of City Computer Software Needs Improvement
Auditor General s Office Governance and Management of City Computer Software Needs Improvement Transmittal Report Audit Report Management s Response Jeffrey Griffiths, C.A., C.F.E Auditor General, City
DISASTER RECOVERY PLANNING FOR CITY COMPUTER FACILITIES
APPENDIX 1 DISASTER RECOVERY PLANNING FOR CITY COMPUTER FACILITIES March 2008 Auditor General s Office Jeffrey Griffiths, C.A., C.F.E. Auditor General City of Toronto TABLE OF CONTENTS EXECUTIVE SUMMARY...1
IT Service Desk Unit Opportunities for Improving Service and Cost-Effectiveness
AUDITOR GENERAL S REPORT ACTION REQUIRED IT Service Desk Unit Opportunities for Improving Service and Cost-Effectiveness Date: September 18, 2013 To: From: Wards: Audit Committee Auditor General All Reference
Auditor General s Office REMOTE ACCESS TO THE CITY S COMPUTER NETWORK THE MANAGEMENT OF THE PROCESS REQUIRES IMPROVEMENT
Auditor General s Office REMOTE ACCESS TO THE CITY S COMPUTER NETWORK THE MANAGEMENT OF THE PROCESS REQUIRES IMPROVEMENT Transmittal Report Audit Report Management s Response Jeffrey Griffiths, C.A., C.F.E
Cost Benefits of Extended Warranties for Construction Projects Are Unknown
AUDITOR GENERAL S REPORT ACTION REQUIRED Cost Benefits of Extended Warranties for Construction Projects Are Unknown Date: May 1, 2014 To: From: Wards: Audit Committee Auditor General All Reference Number:
City Purchasing Card (PCard) Program Improving Controls Before Expanding the Program
STAFF REPORT ACTION REQUIRED City Purchasing Card (PCard) Program Improving Controls Before Expanding the Program Date: October 27, 2009 To: From: Wards: Audit Committee Auditor General s Office All Reference
Review of Training, Conference and Related Travel Expenses
AUDITOR GENERAL S REPORT ACTION REQUIRED Review of Training, Conference and Related Travel Expenses Date: February 7, 2014 To: From: Wards: Audit Committee Auditor General All Reference Number: SUMMARY
Software Licenses Managing the Asset and Related Risks
AUDITOR GENERAL S REPORT ACTION REQUIRED Software Licenses Managing the Asset and Related Risks Date: February 4, 2015 To: From: Wards: Audit Committee Auditor General All Reference Number: SUMMARY The
Toronto Building - Improving the Quality of Building Inspections
AUDITOR GENERAL S REPORT ACTION REQUIRED Toronto Building - Improving the Quality of Building Inspections Date: January 15, 2014 To: From: Wards: Audit Committee Auditor General All Reference Number: SUMMARY
IN THE MATTER OF section 59 of the Ontario Energy Board Act, 1998, S.O. 1998, c.15, Schedule B;
Ontario Energy Board Commission de l énergie de l Ontario IN THE MATTER OF section 59 of the Ontario Energy Board Act, 1998, S.O. 1998, c.15, Schedule B; AND IN THE MATTER OF the extension of an interim
IN THE MATTER OF section 59 of the Ontario Energy Board Act, 1998, S.O. 1998, c.15, Schedule B;
Ontario Energy Board Commission de l énergie de l Ontario IN THE MATTER OF section 59 of the Ontario Energy Board Act, 1998, S.O. 1998, c.15, Schedule B; AND IN THE MATTER OF the extension of an interim
Information and Communication Technology. Service Continuity Plan
BELA-BELA LOCAL MUNICIPALITY Chris Hani Drive, Bela- Bela, Limpopo. Private Bag x 1609 BELA-BELA 0480 Tel: 014 736 8000 Fax: 014 736 3288 Website: www.belabela.gov.za OFFICE OF THE MUNICIPAL MANAGER Information
Department of Public Utilities Customer Information System (BANNER)
REPORT # 2010-06 AUDIT of the Customer Information System (BANNER) January 2010 TABLE OF CONTENTS Executive Summary..... i Comprehensive List of Recommendations. iii Introduction, Objective, Methodology
IN THE MATTER OF section 59 of the Ontario Energy Board Act, 1998, S.O. 1998, c.15, Schedule B;
Ontario Energy Board Commission de l énergie de l Ontario IN THE MATTER OF section 59 of the Ontario Energy Board Act, 1998, S.O. 1998, c.15, Schedule B; AND IN THE MATTER OF the extension of an interim
NORTHERN TRUST CORPORATION BUSINESS RISK COMMITTEE CHARTER
NORTHERN TRUST CORPORATION BUSINESS RISK COMMITTEE CHARTER Effective January 20, 2015 (Supersedes the Business Risk Committee Charter Effective October 21, 2014) The By-laws of Northern Trust Corporation
Oracle Database Review Security Controls and Other Issues Toronto Public Library Management Response
Oracle Database Review Security Controls and Other Issues Toronto Public Library Management Response Recommendation City Management Response TPL Management Response Status and Timeline for implementation
SOUTH LAKELAND DISTRICT COUNCIL INTERNAL AUDIT FINAL REPORT IT 11-02. IT Backup, Recovery and Disaster Recovery Planning
SOUTH LAKELAND DISTRICT COUNCIL INTERNAL AUDIT FINAL REPORT IT 11-02 IT Backup, Recovery and Disaster Recovery Planning Executive Summary Introduction As part of the 2011/12 Audit Plan and following discussions
Disaster Recovery and Business Continuity Plan
Disaster Recovery and Business Continuity Plan Table of Contents 1. Introduction... 3 2. Objectives... 3 3. Risks... 3 4. Steps of Disaster Recovery Plan formulation... 3 5. Audit Procedure.... 5 Appendix
Review of Toronto Transit Commission, Non-Revenue Vehicle Fuel Card Controls Need Immediate Improvement
AUDITOR GENERAL S REPORT ACTION REQUIRED Review of Toronto Transit Commission, Non-Revenue Vehicle Fuel Card Controls Need Immediate Improvement Date: February 6, 2015 To: From: Wards: TTC Audit Committee
IN THE MATTER OF section 59 of the Ontario Energy Board Act, 1998, S.O. 1998, c.15, Schedule B;
Ontario Energy Board Commission de l énergie de l Ontario EB-2009-0285 IN THE MATTER OF section 59 of the Ontario Energy Board Act, 1998, S.O. 1998, c.15, Schedule B; AND IN THE MATTER OF the extension
STAFF REPORT ACTION REQUIRED
STAFF REPORT ACTION REQUIRED Auditor General s Report - Review of Toronto Transit Commission, Non-Revenue Vehicle Fuel Card Controls Need Immediate Improvement Date: February 19, 2015 To: From: TTC Audit
Audit of the UNESCO Data Center. Internal Oversight Service. Contributors: Sameer Pise Prashant Sharma. IOS/AUD/2010/09 Original: English.
Independent auditor report on the result of the UNESCO s Data Center Audit 1 Internal Oversight Service IOS/AUD/2010/09 Original: English Audit of the UNESCO Data Center June 2010 Contributors: Sameer
WHITE PAPER Email and Data Protection: Best Practice Guidelines for Europe
Next Generation Email Archiving Appliances WHITE PAPER Best Practice Guidelines for Europe 8 Wellington Street East, Mezzanine Level, Toronto, Ontario, CANADA, M5E 1C5 Tel: 416.840.0418 1.888.JATHEON (1.888.528.4366)
GOVERNANCE AND MANAGEMENT OF CITY COMPUTER SOFTWARE NEEDS IMPROVEMENT. January 7, 2011
APPENDIX 1 GOVERNANCE AND MANAGEMENT OF CITY COMPUTER SOFTWARE NEEDS IMPROVEMENT January 7, 2011 Auditor General s Office Jeffrey Griffiths, C.A., C.F.E. Auditor General City of Toronto TABLE OF CONTENTS
IT Risk Assessment Action Plan. South Staffordshire District Council Audit 2010/11
IT Risk Assessment Action Plan South Staffordshire District Council Audit 2010/11 The Audit Commission is a public corporation set up in 1983 to protect the public purse. The Commission appoints auditors
Business continuity management (BCM) for insurance companies in Switzerland minimum standards and recommendations
Business continuity management (BCM) for insurance companies in Switzerland minimum standards and recommendations June 2015 2 Publication details Recipients: All insurance companies supervised by Finma
IT Assurance - Business Continuity and Disaster Recovery
Audit Summary Report October 2006 PAPER D IT Assurance - Business Continuity and Disaster Recovery Audit 2006/2007 Paper D - 1 External audit is an essential element in the process of accountability for
FINAL AUDIT REPORT WITH RECOMENDATIONS Information Technology No. 11-001
FINAL AUDIT REPORT WITH RECOMENDATIONS Information Technology No. 11-001 SUBJECT: Review of Emergency Plans DATE: September 24, 2010 for Critical Information Technology Operations and Financial Systems
INTERNET USAGE REVIEW
APPENDIX 1 INTERNET USAGE REVIEW July 31, 2007 Auditor General s Office Jeffrey Griffiths, C.A., C.F.E. Auditor General City of Toronto TABLE OF CONTENTS EXECUTIVE SUMMARY... 1 BACKGROUND... 2 AUDIT OBJECTIVES,
Protecting Official Records as Evidence in the Cloud Environment. Anne Thurston
Protecting Official Records as Evidence in the Cloud Environment Anne Thurston Introduction In a cloud computing environment, government records are held in virtual storage. A service provider looks after
(Mr. Krirk Vanikkul) Assistant Governor, Financial Institutions Policy Group Governor For
Unofficial Translation by the courtesy of The Foreign Banks' Association This translation is for the convenience of those unfamiliar with the Thai language. Please refer to the Thai text for the official
FINANCIAL ASSESSMENT CRITERIA (The Assessment Criteria should be read in conjunction with OSFI s Supervisory Framework)
ROLE OF Financial is an independent function responsible for ensuring the timely and accurate reporting and in-depth analysis of the operational results of the operating units (including business lines)
Midsize Enterprise Summit Business Continuity Questions
Select Q&A, D. Scott, F. DeSalvo Research Note 6 February 2003 Midsize Enterprise Summit Business Continuity Questions Current events have created a new awareness of the importance of business continuity
BARRAMUNDI L IMITED RISK MANAGEMENT POLICY
BARRAMUNDI L IMITED RISK MANAGEMENT POLICY Last updated: 25 August 2014 THE OBJECTIVES OF RISK MANAGEMENT Risk management is the systematic process of managing an organisation's risk exposures to achieve
Financial Services FINANCIAL SERVICES UTILITIES 57 FINANCIAL SERVICES AND UTILITIES 2016-2018 BUSINESS PLAN. CR_2215 Attachment 1
CR_2215 Attachment 1 Financial Services FINANCIAL SERVICES & UTILITIES 57 FINANCIAL SERVICES AND UTILITIES 2016-2018 BUSINESS PLAN Acting Branch Manager: Stacey Padbury Table of Contents INTRODUCTION Our
Arena Boards of Management 2013 Operating Surpluses/Deficits Settlement. Deputy City Manager & Chief Financial Officer
STAFF REPORT ACTION REQUIRED BU8.2 Arena Boards of Management 2013 Operating Surpluses/Deficits Settlement Date: May 4, 2015 To: From: Budget Committee Executive Committee Deputy City Manager & Chief Financial
Government Management Committee. Deputy City Manager and Chief Financial Officer. P:\2011\Internal Services\Cf\Gm11013cf (AFS #13494)
STAFF REPORT ACTION REQUIRED 2011-2012 Insurance Program Renewal Date: April 13, 2011 To: From: Wards: Reference Number: Government Management Committee Deputy City Manager and Chief Financial Officer
Advisory Guidelines of the Financial Supervisory Authority. Requirements regarding the arrangement of operational risk management
Advisory Guidelines of the Financial Supervisory Authority Requirements regarding the arrangement of operational risk management These Advisory Guidelines have established by resolution no. 63 of the Management
An Overview of Professional Directors and Officers Liability in Disaster Preparedness and Recovery Planning
An Overview of Professional Directors and Officers Liability in Disaster Preparedness and Recovery Planning Eric Martin Scott Southern University Law Center Preparation for disasters involves a variety
Guidance Note on Credit and Credit Control for Credit Unions. October 2007. Office of the Registrar of Credit Unions
Guidance Note on Credit and Credit Control for Credit Unions October 2007 Office of the Registrar of Credit Unions Contents Page Introduction 2 1. The Board of Directors 3 2. Credit Policy 5 3. Credit
Review of Toronto Transit Commission Bus Maintenance and Shops Department, Phase Two Audit Progress on Implementation of Audit Recommendations
AUDITOR GENERAL S REPORT ACTION REQUIRED Review of Toronto Transit Commission Bus Maintenance and Shops Department, Phase Two Audit Progress on Implementation of Audit Date: June 11, 2015 To: From: Wards:
External Supplier Control Requirements BCM
External Supplier Control Requirements BCM BCM Requirement Description BCM Tiers Recovery Time Objective Why this is important 1. Business Continuity Policy Supplier will have a documented Business Continuity
Business Continuity Planning Instructions
Business Continuity Planning Instructions Business continuity planning is a proactive planning process that ensures critical services or products are delivered during a disruption. In creating the plan,
BUSINESS CONTINUITY. Audit Report No. ABC0109. March 31, 2009
BUSINESS CONTINUITY Audit Report No. ABC0109 March 31, 2009 MENTAL HEALTH MENTAL RETARDATION AUTHORITY OF HARRIS COUNTY Report AUDITOR S REPORT Business Continuity / Disaster Recovery / Contingency Emergency
Joint Audit Report for South Lakeland District Council. & Eden District Council
Joint Audit Report for South Lakeland District Council & Eden District Council Audit of IT Data Backup and Recovery Arrangements Audit of Development Management 22nd May 2015 11 th June 2015 0 Page 0 Audit
Application for CISA Certification
Application for CISA Certification 4/2015 Requirements to Become a Certified Information Systems Auditor become a Certified Information Systems Auditor (CISA), an applicant must: 1. Score a passing grade
Prudential Practice Guide
Prudential Practice Guide LPG 232 Business Continuity Management March 2007 www.apra.gov.au Australian Prudential Regulation Authority Disclaimer and copyright This prudential practice guide is not legal
OFFICE OF AUDITS & ADVISORY SERVICES SUNGARD TREASURY MANAGEMENT SYSTEM CONTRACT COMPLIANCE FINAL AUDIT REPORT
County of San Diego Auditor and Controller OFFICE OF AUDITS & ADVISORY SERVICES SUNGARD TREASURY MANAGEMENT SYSTEM CONTRACT COMPLIANCE FINAL AUDIT REPORT Chief of Audits: Juan R. Perez Senior Audit Manager:
OVERVIEW. In all, this report makes recommendations in 14 areas, such as. Page iii
The Office of the Auditor General has conducted a procedural review of the State Data Center (Data Center), a part of the Arizona Strategic Enterprise Technology (ASET) Division within the Arizona Department
Implementing an Integrated City-wide Risk Management Framework
AUDITOR GENERAL S REPORT ACTION REQUIRED Implementing an Integrated City-wide Risk Management Framework Date: June 11, 2015 To: From: Wards: Audit Committee Auditor General All Reference Number: SUMMARY
Accountants & Auditors
Accountants & Auditors An accountant is a professional who prepares and examines financial records. Some of the tasks of an accountant include ensuring the records are accurate, taxes are paid and inspection
Our consultancy team will provide guidance throughout the process helping you to produce the necessary documentation and raise staff awareness.
Service Definition Business Continuity Plan Overview of Service Sapphire provides a bespoke service, working with your organisation to develop a comprehensive Business Continuity Plan (BCP) designed to
Comptroller of the Treasury Information Technology Division
Audit Report Comptroller of the Treasury Information Technology Division September 2006 OFFICE OF LEGISLATIVE AUDITS DEPARTMENT OF LEGISLATIVE SERVICES MARYLAND GENERAL ASSEMBLY This report and any related
IT Governance Dr. Michael Shaw Term Project
IT Governance Dr. Michael Shaw Term Project IT Auditing Framework and Issues Dealing with Regulatory and Compliance Issues Submitted by: Gajin Tsai gtsai2@uiuc.edu May 3 rd, 2007 1 Table of Contents: Abstract...3
EMERGENCY MANAGEMENT PERFORMANCE AND STATE HOMELAND SECURITY PROGRAM FEDERAL GRANTS
EMERGENCY MANAGEMENT PERFORMANCE AND STATE HOMELAND SECURITY PROGRAM FEDERAL GRANTS REPORT ON AUDIT FOR THE YEAR ENDED JUNE 30, 2014 Auditor of Public Accounts Martha S. Mavredes, CPA www.apa.virginia.gov
Auditor General s Office 2015-2024 Capital Budget and Plan
AUDITOR GENERAL S REPORT ACTION REQUIRED Auditor General s Office 2015-2024 Capital Budget and Plan Date: January 15, 2015 BU3.4a To: From: Wards: Budget Committee Auditor General All Reference Number:
Telephone System Selection for the City of Toronto Forensic Review
STAFF REPORT December 12, 2003 To: From: Subject: Audit Committee Auditor General Telephone System Selection for the City of Toronto Forensic Review Purpose: This report summarizes, in a manner that allows
AUDIT OF THE CONTRIBUTIONS TO THE CATHOLIC WORLD YOUTH DAY (CWYD) 2002 COUNCIL
FOREIGN AFFAIRS AND INTERNATIONAL TRADE OFFICE OF THE INSPECTOR GENERAL AUDIT OF THE CONTRIBUTIONS TO THE CATHOLIC WORLD YOUTH DAY (CWYD) 2002 COUNCIL SEPTEMBER 2003 Audit Division ( SIV ) This document
2014 Consulting Services Expenditure City Divisions and Major Agencies and Corporations. Government Management Committee
GM5.6 STAFF REPORT ACTION REQUIRED 2014 Consulting Services Expenditure City Divisions and Major Agencies and Corporations Date: May 29, 2015 To: From: Wards: Reference Number: Government Management Committee
COMPLIANCE FRAMEWORK AND REPORTING GUIDELINES
COMPLIANCE FRAMEWORK AND REPORTING GUIDELINES DRAFT FOR CONSULTATION June 2015 38 Cavenagh Street DARWIN NT 0800 Postal Address GPO Box 915 DARWIN NT 0801 Email: utilities.commission@nt.gov.au Website:
Business Continuity Business Impact Analysis arrangements
Aberdeen City Council Internal Audit Report 2012/2013 for Aberdeen City Council May 2013 Business Continuity Business Impact Analysis arrangements Final Report Contents Section Page 1. Executive Summary
Guidelines. for developing an Injury Management Program. Licensed Insurers and Self-Insurers:
Licensed Insurers and Self-Insurers: Guidelines for developing an Injury Management Program VERSION 2 Effective 1 July 2014 and to apply to all injury management activities regardless of when the injury
The PNC Financial Services Group, Inc. Business Continuity Program
The PNC Financial Services Group, Inc. Business Continuity Program 1 Content Overview A. Introduction Page 3 B. Governance Model Page 4 C. Program Components Page 4 Business Impact Analysis (BIA) Page
ADMINISTRATIVE REGULATION AR: 6.03 DATE APPROVED September 10, 2002 ORIGINATING DEPARTMENT:
ADMINISTRATIVE REGULATION AR: 6.03 DATE APPROVED September 10, 2002 SUBJECT: ORIGINATING DEPARTMENT: Debt Management Policy Office of Management & Budget Page 1 of 8 I. PURPOSE: The County recognizes the
AICPA GAO INDEPENDENCE RULES COMPARISON: NONAUDIT SERVICES
Overarching Principle(s) With respect to nonaudit services, the rule is more restrictive than the rule as a result of a proscription from providing nonaudit services (except for routine advice/activities)
Risk Management Policy and Framework
Risk Management Policy and Framework December 2014 phone 1300 360 605 08 89589500 email info@centraldesert.nt.gov.au location 1Bagot Street Alice Springs NT 0870 post PO Box 2257 Alice Springs NT 0871
ACA INFORMATION TECHNOLOGY READINESS AND DATA SECURITY
JOINT HEARING BEFORE THE COMMITTEE ON OVERSIGHT AND GOVERNMENT REFORM, SUBCOMMITTEE ON ENERGY POLICY, HEALTH CARE AND ENTITLEMENTS AND THE COMMITTEE ON HOMELAND SECURITY, SUBCOMMITTEE ON CYBERSECURITY,
Business Continuity Management
Business Continuity Management Standard Operating Procedure Notice: This document has been made available through the Police Service of Scotland Freedom of Information Publication Scheme. It should not
Communications Plan for Refunds of Property Tax Credit Balances
STAFF REPORT ACTION REQUIRED Communications Plan for Refunds of Property Tax Credit Balances Date: June 2, 2010 To: From: Wards: Reference Number: Government Management Committee Treasurer All P:\2010\Internal
FIRST CITIZENS BANCSHARES, INC. FIRST-CITIZENS BANK & TRUST COMPANY CHARTER OF THE JOINT AUDIT COMMITTEE
FIRST CITIZENS BANCSHARES, INC. FIRST-CITIZENS BANK & TRUST COMPANY CHARTER OF THE JOINT AUDIT COMMITTEE As amended, restated, and approved by the Boards of Directors on July 28, 2015 This Charter sets
STATE OF NEW YORK OFFICE OF THE STATE COMPTROLLER 110 STATE STREET ALBANY, NEW YORK 12236
THOMAS P. DiNAPOLI COMPTROLLER STATE OF NEW YORK OFFICE OF THE STATE COMPTROLLER 110 STATE STREET ALBANY, NEW YORK 12236 GABRIEL F. DEYO DEPUTY COMPTROLLER DIVISION OF LOCAL GOVERNMENT AND SCHOOL ACCOUNTABILITY
Customer Responsiveness Strategy
Customer Responsiveness Strategy Dated 23 June 2006. Telstra Corporation Limited (ABN 33 051 775 556) ( Telstra ) Disclaimer This Customer Responsiveness Strategy is being published in furtherance of Telstra
Audit of the Test of Design of Entity-Level Controls
Audit of the Test of Design of Entity-Level Controls Canadian Grain Commission Audit & Evaluation Services Final Report March 2012 Canadian Grain Commission 0 Entity Level Controls 2011 Table of Contents
4.11. Ontario Works Program. Chapter 4 Section. Background. Follow-up on VFM Section 3.11, 2009 Annual Report
Chapter 4 Section 4.11 Ministry of Community and Social Services Ontario Works Program Follow-up on VFM Section 3.11, 2009 Annual Report Chapter 4 Follow-up Section 4.11 Background Under the Ontario Works
MANAGEMENT ADVISORY SERVICE REPORT
MANAGEMENT ADVISORY SERVICE REPORT 2014 Disaster Recovery Exercise Date: September 8, 2014 Report Number: 2014-MAS-04 Report Number: 2014-MAS-04 Disaster Recovery Exercise Table of Contents: Page Executive
CENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT
CENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT JANUARY 2008 GUIDELINE ON BUSINESS CONTINUITY GUIDELINE CBK/PG/14
January 12, 2016. Dr. Hobson Wildenthal, President ad interim Ms. Lisa Choate, Chair of the Institutional Audit Committee:
THE UNIVERSITY OF TEXAS SYSTEM AT THE UNIVERSITY OF TEXAS AT DALLAS OFFICE OF INTERNAL AUDIT 800 W. CAMPBELL RD. SPN 32 RICHARDSON, TX 75080 PHONE 972-883-4876 FAX 972-883-6846 January 12, 2016 Dr. Hobson
CORPORATE GOVERNANCE CHARTER. ThromboGenics NV
CORPORATE GOVERNANCE CHARTER ThromboGenics NV INTRODUCTION This Corporate Governance Charter is based on the provisions of the Belgian Corporate Governance Code (2009 Edition), which has been adopted by
Appendix 6c. Final Internal Audit Report Disaster Recovery Planning. June 2007. Report 6c Page 1 of 15
Appendix 6c Final Internal Audit Report Disaster Recovery Planning June 2007 Report 6c Page 1 of 15 Contents Page Executive Summary 3 Observations and Recommendations 8 Appendix 1 - Audit Framework 13
Paragraph 1.21 of HD19/03 says: [An] Audit Team works together on all aspects of the audit, independent of the Design Team [designing the works]...
Safety Audit Our guidance note (KCC Design and As-Built Assessment Process for Scheme Promoters) dated Sept 2004, contains information regarding what is required in terms of safety audit. The Design Manual
J u n e 2 0 1 0. N a t i o n a l R e s e a r c h C o u n c i l C a n a d a. I n t e r n a l A u d i t, N R C. Audit of Risk Management.
N a t i o n a l R e s e a r c h C o u n c i l C a n a d a Audit of Risk Management I n t e r n a l A u d i t, N R C J u n e 2 0 1 0 June 2010 i 1.0 Executive Summary and Conclusion Background This audit
Assessing the Adequacy and Effectiveness of a Fund s Compliance Policies and Procedures. December 2005
Assessing the Adequacy and Effectiveness of a Fund s Compliance Policies and Procedures December 2005 Copyright 2005 Investment Company Institute. All rights reserved. Information may be abridged and therefore
The University of Texas at Tyler. Audit of Compliance with Texas Administrative Code 202
Audit of Compliance with Texas Administrative Code 202 August 2015 OFFICE OF AUDIT AND CONSULTING SERVICES 3900 UNIVERSITY BOULEVARD TYLER, TEXAS 75799 BACKGROUND Texas Administrative Code (TAC) Title
GUIDANCE FOR MANAGING THIRD-PARTY RISK
GUIDANCE FOR MANAGING THIRD-PARTY RISK Introduction An institution s board of directors and senior management are ultimately responsible for managing activities conducted through third-party relationships,
BOARD OF DIRECTORS MANDATE
BOARD OF DIRECTORS MANDATE Board approved: May 7, 2014 This mandate provides the terms of reference for the Boards of Directors (each a Board ) of each of Economical Mutual Insurance Company ( Economical
TIER II STANDARD FOR FINANCIAL MANAGEMENT SPECIALISTS
Job Classification Manual Page 1 of 60 TIER II STANDARD FOR FINANCIAL MANAGEMENT SPECIALISTS INTRODUCTION 1. This grade level standard illustrates the application of the ICSC Master Standard (Tier I) to
Business Continuity Management
Prudential Standard CPS 232 Business Continuity Management Objective and key requirements of this Prudential Standard This Prudential Standard requires each APRA-regulated institution to implement a whole-of-business
Mecklenburg County Department of Internal Audit. PeopleSoft Application Security Audit Report 1452
Mecklenburg County Department of Internal Audit PeopleSoft Application Security Audit Report 1452 February 9, 2015 Internal Audit s Mission Through open communication, professionalism, expertise and trust,
Office of the State Auditor. Audit Report
Office of the State Auditor Audit Report Department of the Treasury Office of Telecommunications and Information Systems River Road and Barrack Street Data enters March 6, 1995 to September 30, 1995 Department
RISK MANAGEMENT POLICY & FRAMEWORK. \\vmfileserver02\company\council\judy\risk Management\Risk Management Framework 2013 (2).
RISK MANAGEMENT POLICY & FRAMEWORK \\vmfileserver02\company\council\judy\risk Management\Risk Management Framework 2013 (2).doc 20 Page 1 of Table of Contents Risk Management Policy...3 Risk Management
RISK MANAGEMENT STRATEGY
RISK MANAGEMENT STRATEGY 1 Introduction The purpose of this document is to outline a which facilitates the effective recognition and management of risks facing the University. The Combined Code on Corporate
Advisory Guidelines of the Financial Supervision Authority. Requirements for Organising the Business Continuity Process of Supervised Entities
Advisory Guidelines of the Financial Supervision Authority Requirements for Organising the Business Continuity Process of Supervised Entities These advisory guidelines were established by Resolution No
O FFICE O F T HE C ITY A UDITOR. 14 04 City of Colorado Springs and Colorado Springs Utilities Claims Reserve and Workers Compensation Funds
O FFICE O F T HE C ITY A UDITOR C OLORADO S PRINGS, C OLORADO 14 04 City of Colorado Springs and Colorado Springs Utilities Claims Reserve and Workers Compensation Funds February 2014 O FFICE O F T HE
AUDIT REPORT. Cloud Software as a Service (SaaS) Procurement and Governance Audit. June 9, 2016
AUDIT REPORT Cloud Software as a Service (SaaS) Procurement and Governance Audit June 9, 2016 Table of Contents: Page Executive Summary Background 1 Audit Objectives and Scope 1 Management s Assessment
VIRGINIA WORKERS COMPENSATION COMMISSION REPORT ON AUDIT FOR THE YEARS ENDED JUNE 30, 2006 AND JUNE 30, 2007
VIRGINIA WORKERS COMPENSATION COMMISSION REPORT ON AUDIT FOR THE YEARS ENDED JUNE 30, 2006 AND JUNE 30, 2007 AUDIT SUMMARY Our audit of the Virginia Workers Compensation Commission found: proper recording
GUIDELINES FOR THE MANAGEMENT OF OPERATIONAL RISK FOR CREDIT UNIONS
SUPERVISORY AND REGULATORY GUIDELINES Guidelines Issued: 22 December 2015 GUIDELINES FOR THE MANAGEMENT OF OPERATIONAL RISK FOR CREDIT UNIONS 1. INTRODUCTION 1.1 The Central Bank of The Bahamas ( the Central
Operational Risk Publication Date: May 2015. 1. Operational Risk... 3
OPERATIONAL RISK Contents 1. Operational Risk... 3 1.1 Legislation... 3 1.2 Guidance... 3 1.3 Risk management process... 4 1.4 Risk register... 7 1.5 EBA Guidelines on the Security of Internet Payments...
Auditor General s Office 2015-2024 Capital Budget and Plan
AUDITOR GENERAL S REPORT ACTION REQUIRED Auditor General s Office 2015-2024 Capital Budget and Plan Date: February 10, 2015 To: From: Wards: Audit Committee Auditor General All Reference Number: SUMMARY
Item No. 6. Integration Joint Board Finance and Audit Committee. Duncan Black, Head of Audit & Inspection
Item No. 6 Meeting Date 17 June 2016 Integration Joint Board Finance and Audit Committee Report By: Contact: Chief Internal Auditor to the Integrated Joint Board Duncan Black, Head of Audit & Inspection
Application for CISM Certification
Application for CISM Certification 4/2015 Requirements to Become a Certified Information Security Manager become a Certified Information Security Manager (CISM), an applicant must: 1. Score a passing grade