tailieunhanh - The CISA Prep Guide Mastering the Certified Information Systems Auditor Exam phần 6
vì vai trò này sau đó có thể được tính phí bảo hiểm thông báo quay trở lại và chấp thuận thay đổi bài xảy ra. Nó được ưa thích rằng những thay đổi tình trạng khẩn cấp được tự động bị mắc kẹt và xác định. Một kỹ thuật kiểm soát có thể là thông báo cho chủ sở hữu tự động để đảm bảo rằng tất cả thay đổi, | 282 Chapter 4 the facilities proximity to flood plains rising water and flooding situations may be an occurrence for which the evacuation of power down procedures will need to be invoked to protect the staff and equipment. Water sensors should be tied to an alarm system that is monitored centrally for the notification and dispatch of corrective measures. Records of the testing and validation of the working systems should be part of the maintenance records you would expect to see during your assessment. Maintenance Maintenance of the environmental systems supporting the information processes should be evaluated during the evaluation of that system to ensure that the support is designed and built adequately to preserve its intended environmental support functions and is based on the IS operations needs at the facility. These systems cannot be put in place and then forgotten because they will degrade from disuse and not work properly when called on to support emergency needs. You should expect to see routine testing and recording of the results of those test procedures so that the relative health of these systems is known at all times and periodically validated. Maintenance records including recording the replacement of parts system upgrades and other processes you would expect to see mapped out through similar change control processes on an information system also should be tracked and recorded relative to these systems as well. Due care to ensure that maintenance is performed by properly trained and qualified personnel will be important to accrediting the processes and in keeping the insurance carriers happy about relying on them as mitigants to limit losses they will ultimately cover should disasters occur. You should determine that similar quality of service controls are in place for your assurances as well. Evaluating Physical Access Controls and Procedures Physical access to systems and processes is an important aspect of evaluating the overall control of the .
đang nạp các trang xem trước