Information Technology Process Audit - Suggestions for Auditing IT

D

David J Quality

Hi, I'm new and today is my first day joining this forum.
I'm trying to establish Information Technology as a part of our internal process audits but I have no idea as to how to establish it. Does anyone have any suggestions for auditing IT?

Thanks,
David
 
D

Duke Okes

Re: Information Technology Process Audit

It depends on why you want to audit it:

- security?
- compliance to a standard (ITIL, CMMI)?
- support of QMS?
- ...
 
D

David J Quality

Re: Information Technology Process Audit

Good morning.
I'm looking to add Information Technology as a stand alone process to our internal ISO/TS auditing, so it would be from a QMS standpoint.
 
D

David J Quality

Re: Information Technology Process Audit

I guess I'm looking for something generic that I can start with and then modify to make more specific to our operations. I'm just not sure where to start. Is Information Technology commonly audited as an internal ISO/TS process?
 
D

Duke Okes

Re: Information Technology Process Audit

IT is obviously a part of the QMS, such as for customer information management, order management, scheduling, inventory management ...

Send me a private message and I'll email you an article I published on the topic.
 
C

Cari Spears

Super Moderator
Leader
Super Moderator
Re: Information Technology Process Audit

David J Quality said:
Good morning.
I'm looking to add Information Technology as a stand alone process to our internal ISO/TS auditing, so it would be from a QMS standpoint.
Click to expand...
Duke Okes said:
IT is obviously a part of the QMS, such as for customer information management, order management, scheduling, inventory management ...
Click to expand...
Duke Okes said:
It depends on why you want to audit it:

- security?
- compliance to a standard (ITIL, CMMI)?
- support of QMS?
- ...
Click to expand...

Welcome to the cove, David! :bigwave:

I agree with Duke - treat it as you do any other QMS process. Define the criteria, create checklists or whatever you use, and audit it just like any other process.
 
S

skybertus

Re: Information Technology Process Audit

Cari Spears said:
Welcome to the cove, David! :bigwave:

I agree with Duke - treat it as you do any other QMS process. Define the criteria, create checklists or whatever you use, and audit it just like any other process.
Click to expand...



I am currently drafting our company's general IT procedure, we have implemented policies but not documented, are these enough to be put together in one document (under clause 6.3 Infrastructure) ?

1. Email/account policies
2. equipment inventory and preventive maintenance
3. IT physical control (security and access control)
4. IT system violation
5. contingency plans/backup policies

I appreciate your help guys. Thanks.
 
Q

QAMTY

Re: Information Technology Process Audit

Try it as a support process, if your core system is not IT, trying to make it basic,consider it under 6.3 infraestructure, with computer maintenance prev and corrective and records backup 4.2.4.
Regards
 
You must log in or register to reply here.

Similar threads

F
Difference between System Audit and Proces Audit
2
Replies
14
Views
1K
AMIT BALLAL
A
R
Why why analysis for internal audit
Replies
3
Views
271
Golfman25
G
F
Confused about Non conformace from internal audit
2 3
Replies
22
Views
1K
qualitymanagerTT
Q
S
Remote to the Remote Location
Replies
4
Views
489
shess
S
J
Audit finding for challenge parts
2
Replies
10
Views
249
Johnnymo62
Johnnymo62
Top Bottom