Please enable JavaScript.
Coggle requires JavaScript to display documents.
4.10.2
5.10.2
6.10.2 (GOVERNANCE IN OUTSOURCING (governance of…
4.10.2
5.10.2
6.10.2
-
It is critical for the IS auditor to understand right-to-audit clauses and controls in outsourcing activities involving confidential information and sensitive processes.
This understanding includes, but is not limited to these issues:
• How auditing of the outsourced service provider is allowed to be conducted under the terms of the contract
• What visibility the IS auditor has into the internal controls being implemented by the outsourced service provider to provide reasonable assurance that confidentiality, integrity and availability and preventive, detective and corrective controls are in place and effective
• Requirement that SLAs regarding problem management including incident response are documented and communicated to all parties affected by these outsourcing agreements
-
-
-