document

Download Free SAS 70 (Statement on Auditing Standards no 70) Service Auditor’s Opinion Templates


To XYZ Service Organization:
We have examined the accompanying description of controls related to the ABC application of XYZ Service Organization. Our examination included procedures to obtain reasonable assurance about whether
(1) The accompanying description presents fairly, in all material respects, the aspects of XYZ Service Organization’s controls that may be relevant to a user organization’s internal control as it relates to an audit of financial statements,

(2) The controls included in the description were suitably designed to achieve the control objectives specified in the description, if those controls were complied with satisfactorily, and

(3) Such controls had been placed in operation as of .

Download Free Payment Card Industry Data Security Standard Compliance (PCI DSS) Roles and Responsibilities Matrix Templates

- Chief Information Officers (CIOs) who are concerned with the deployment and operation of systems and IT-related processes.

- Chief Information Security Officers (CISOs) who are concerned with the overall information security program and compliance with information security policies.

- Chief Financial Officers (CFOs) who are concerned with the overall control environment of their organizations. This is often delegated to financial positions such as those in Payments Operations, and Accounts Receivable.

- Chief Privacy Officers (CPOs) who are responsible for the implementation of policies that relate to the management of personal information, including policies that support compliance with privacy and data protection laws.

Download Free GLBA Compliance Risk Assessment Templates for Banking and Financial Institution.
Administrative Safeguards
1) Do you check references prior to hiring employees who will have access to customer information?
2) Do you ask every new employee to sign an agreement to follow your organization's confidentiality and security standards for handling customer information
3) Do you train employees to take basic steps to maintain the security, confidentiality and integrity of customer information, such as:
a. locking rooms and file cabinets where paper records are kept;
b. using password-activated screensavers;

This IT Audit Plan Templates is built based on Banking and Financial Institution business process. However this simple IT template also could be used in another industry since there are a lot of similarity between Banking and other industries in term of IT operation and usage. Banking industry is one of Highly IT Dependent Industry which required complying with a lot of regulatory compliances from Central Bank, GLBA up to Sarbanes Oxley Compliances.

Download Free IT Project Management Audit Templates

Objectives: Assess the adequacy of development project management standards, methodologies, and practices.
- Evaluate the adequacy of development activities by assessing:
- The adequacy of, and adherence to, development standards and controls;
- The applicability and effectiveness of project management methodologies;
- The experience of project managers;