Assume you have been hired to manage a team that will be responsible for testing IT controls, operating under the umbrella of the enterprise?

admin
Risk assessment activities are designed to identify risk and establish potential risk treatments. Once a risk treatment strategy has been selected, it is implemented by deploying specific controls. Controls represent changes to one or more architecture domains – Human Resources, Process, Information, and Technology & Tools. Specific controls are intended to manage risk is ways that order the functioning of the various domain. For example, Human Resources controls include training and the completion of background checks. Process controls may entail segregation of duties. Information controls can be designed to limit access based on the individual?s role and job functions. Technologies and tools can be controlled using technical solutions, such as the deployment of firewalls.

The controls architecture, therefore, represents the key deliverable of the governance, risk, and compliance structure, as all other GRC activities are integrated to drive the creation of the controls design. If we view this process as cyclical, we see the emergence of an ongoing enterprise process of assessing and treating risks, and validating the effectiveness of the treatment. ‘The Big Picture – GRC Process Overview’ is described in slide 23 of the Presentation materials. (PPTXPreview the document)

Assignment: Design a Controls Testing Program

Assume you have been hired to manage a team that will be responsible for testing IT controls, operating under the umbrella of the enterprise?s GRC function. You?ve been assigned the task of developing the Controls Testing Program.

Please complete the following:

1.PLEASE USE THE SAMPLE ORGANIZATION CREATED IN ATTACHED DOCUMENT AS THE BASIS FOR THIS ASSIGNMENT. Provide a short description of the sample organization.
2.Describe your new department?s mission and objectives with respect to executing Controls Testing.
3.Explain at least ten (10) critical Controls Testing activities the department will perform. Explain the desired outcomes for or each activity you?ve identified. In other words, think about known risks, and the likely risk treatments for the risks, and then comment on how you would make sure the risk treatments are actually functioning as intended.
4.Illustrate how your department will interface with corporate governance.
5.Describe how you would ensure the continuous monitoring of the effectiveness of the Controls Environment.

Previous answers to this question

This is a preview of an assignment submitted on our website by a student. If you need help with this question or any assignment help, click on the order button below and get started. We guarantee authentic, quality, 100% plagiarism free work or your money back.

order uk best essays Get The Answer