Escolar Documentos
Profissional Documentos
Cultura Documentos
The audit working papers (programs or documents) you send must be original and current. You must have
either created the documents or have permission from whoever prepared them or from your organization to
share. They must be in Word or Excel format (Excel preferred).
Based on advice from legal counsel, before we accept the material and process your payment we need to perform
due diligence on what you are sharing. You must answer these questions and your email response will be
considered an electronic signature for purposes of this statement.
Name:
Organization:
Title of the Audit Working Paper(s)
a) Are you the author of the Materials (are the Materials original works that you created?
b) Please provide a brief explanation of the purpose of the working paper:
c) Please provide the audit objectives for the working paper:
d) By submitting the Materials or other communication or content after receipt of this notice, you grant
AuditNet permission to, on an irrevocable, perpetual, worldwide and royalty-free basis, reproduce, distribute,
display, perform, read, enhance, adapt, modify, create derivative works or use the Submitted Materials and any
other such communication or content on this site, on any other site and anywhere throughout the world in all
media?
e) Please provide the industry sector for your contribution. (i.e. life insurance, banking, energy etc.)
f) Please provide the functional area for your audit program.
g) Please provide several keywords to help categorize programs and facilitate searches.
h) Please ensure that you have removed (scrubbed) all confidential or proprietary information such as company
name, employee name, email addresses, social security numbers, etc.
Your name and email address will not be added to the Materials.
Certification
I hereby certify that I am the author of the materials shared or have written permission from the author
and/or the organization that I work for in the form of a transfer of all rights or a license from the author to
grant use of the Materials to AuditNet. By submitting the Materials or other communication or content after
receipt of this notice, I hereby grant AuditNet permission to, on an irrevocable, perpetual, worldwide and
royalty-free basis, reproduce, distribute, display, perform, read, enhance, adapt, modify, create derivative
works or use the Submitted Materials and any other such communication or content on this site, on any other
site and anywhere throughout the world in all media.
Signed:
Inserting your name here electronically will serve as a valid representation of your signature and will be considered bind
Date:
Price:
PayPal:
Payment Details if PayPal not an option:
COBIT ASSESSMENT
Yes
This Guide provides tabs for evaluation of the Entity (Short and Long Form),
Contract Services, Responsible Party reporting and Risk Assessment.
All
Yes
Name removed
be considered binding
1/5/2014
This is the AuditNet Standard Risk Control Audit Matix which incorporates formats
used by many audit organizations in their documentation working papers. There are
format templates for risk control, audit procedures, questionnaires and checklists.
There is a blank workpaper and a report summary that can in used by audit
organizations. AuditNet has prepared a monograph for guidance on preparing and
developing audit work programs, checklists, questionnaires and matrices. The
monograph is available to AuditNet subscribers. For more information go to
www.auditnet.org
Audit Program Licensing Terms 1. You accept that this product is intended for your
use, and you will not duplicate in any form or manner, electronic or otherwise, copies
of this product nor distribute this product to anyone else. 2. You recognize that the
product and its content are the sole property of AuditNet® (the Publisher), and that
we have copyrighted the product. 3. You agree that the Publisher is not responsible
for any interruption of service or malfunction that is a consequence of the Internet, a
service provider, personal computer, browser or other software or hardware
components. You accept that there is no guarantee that this product is totally error
free. You further understand and accept that the Publisher intends to provide reliable
information but does not guarantee the accuracy or completeness of any information,
and is not responsible for any results obtained from the use of such information. 4
This license is effective until terminated, when the license or subscription period ends
without renewal, or when you destroy this product and any related documentation.
The Publisher may terminate your license without notice if you fail to comply with the
conditions set forth in this agreement, and may pursue any other legal recourse.
This template was purchased by AuditNet from a third party under a work for hire
agreement. However, while we have attempted to provide accurate information no
representation is made or warranty given as to the completeness or accuracy of the
template. In particular, you should be aware that the template may be incomplete,
may contain errors, or may have become out of date. While every reasonable
precaution has been taken in the preparation of this template, neither the author nor
AuditNet assumes responsibility for errors or omissions, or for damages resulting
from the use of the information contained herein. The information contained in this
document is believed to be accurate. However, no guarantee is provided. Use this
information at your own risk.
Audit Program Licensing Terms 1. You accept that this product is intended for your use,
and you will not duplicate in any form or manner, electronic or otherwise, copies of this
product nor distribute this product to anyone else. 2. You recognize that the product and its
content are the sole property of AuditNet® (the Publisher), and that we have copyrighted
the product. 3. You agree that the Publisher is not responsible for any interruption of
service or malfunction that is a consequence of the Internet, a service provider, personal
computer, browser or other software or hardware components. You accept that there is no
guarantee that this product is totally error free. You further understand and accept that the
Publisher intends to provide reliable information but does not guarantee the accuracy or
completeness of any information, and is not responsible for any results obtained from the
use of such information. 4 This license is effective until terminated, when the license or
subscription period ends without renewal, or when you destroy this product and any
related documentation. The Publisher may terminate your license without notice if you fail
to comply with the conditions set forth in this agreement, and may pursue any other legal
recourse.
Table of Contents
Table of Contents
Sheet
1 Table of Contents
2 Entity Short Form
3 Entity Long Form
4 Contract Service
5 Responsible Party
6 Prior Audit Work
7 Risk Assessment
Page 10
Information Technology Assessment
Entity Short Form
Entity:________________________
Audit Number: _________________
Importance Performance
Somewhat Important
Very Important
Not Important
Satisfactory
Very good
Excellent
Not sure
Poor
IT Process
PO1 Define a strategic IT plan
PO2 Define the information architecture
PO3 Determine technological direction
PO4 Define organization and relationships
PO5 Manage the investment
PO6 Communicate management aims & direction
PO7 Manage human resources
PO8 Ensure compliance with external requirements
PO9 Assess risk
PO10 Manage projects
PO11 Manage quality
Completed by ____________________
Date ______________
Information Technology Assessment
Entity Short Form
Completed by ____________________
Date ______________
Information Technology Assessment
Entity Short Form
Performance
Not Sure
Completed by ____________________
Date ______________
Information Technology Assessment
Entity Long Form
Entity:________________________
Audit Number: _________________
Internal WP
Importance Performance Controls Ref.
Somewhat Important
Not Documented
Very Important
Not Important
Documented
Satisfactory
Very good
Excellent
Not Sure
Not Sure
Not sure
Poor
IT Process
PO1 Define a strategic IT plan
PO2 Define the information architecture
PO3 Determine technological direction
PO4 Define organization and relationships
PO5 Manage the investment
PO6 Communicate management aims & direction
PO7 Manage human resources
PO8 Ensure compliance with external requirements
PO9 Assess risk
PO10 Manage projects
PO11 Manage quality
Completed by __________
Date __________
Information Technology Assessment
Entity Long Form
Completed by __________
Date __________
Information Technology Assessment
Contract Service
Entity:________________________
Audit Number: _________________
Not Documented
Not Applicable
IT Department
Documented
Outsourced
Not Sure
Not Sure
Not sure
Yes
No
IT Process
PO1 Define a strategic IT plan
PO2 Define the information architecture
PO3 Determine technological direction
PO4 Define organization and relationships
PO5 Manage the investment
PO6 Communicate management aims & direction
PO7 Manage human resources
PO8 Ensure compliance with external requirements
PO9 Assess risk
PO10 Manage projects
PO11 Manage quality
Completed by:
Name:
Title:
Information Technology Assessment
Responsible Party
In Prior Audit
Scope Audit Opinion Findings
Not Determined
Unqualified
Unresolved
Disclaimer
Resolved
Qualified
Adverse
N/A
Yes
No
IT Process
PO1 Define a strategic IT plan
PO2 Define the information architecture
PO3 Determine technological direction
PO4 Define organization and relationships
PO5 Manage the investment
PO6 Communicate management aims & direction
PO7 Manage human resources
PO8 Ensure compliance with external requirements
PO9 Assess risk
PO10 Manage projects
PO11 Manage quality
Completed by __________
Date __________
Audit Planning Sheet
Prior Audit Work
Completed by __________
Date __________
Audit Planning Sheet
Prior Audit Work
Prior
Audit
Number of findings
Completed by __________
Date __________
Audit Planning Sheet
Risk Assessment
Entity:________________________
Audit Number: _________________
Internal
Importance Risk Controls
Somewhat Important
Not Documented
Very Important
Not Important
Documented
Immaterial
Not Sure
Not Sure
Not sure
Medium
High
Low
IT Process
PO1 Define a strategic IT plan
PO2 Define the information architecture
PO3 Determine technological direction
PO4 Define organization and relationships
PO5 Manage the investment
PO6 Communicate management aims & direction
PO7 Manage human resources
PO8 Ensure compliance with external requirements
PO9 Assess risk
PO10 Manage projects
PO11 Manage quality
WP
Ref.