What are some of the principles that are involved for good compliance monitoring and evaluation?
What will be an ideal response?
There are several principles that are involved for good compliance monitoring and evaluation:
* Clear definition of the controls-A proper understanding of exactly what the controls are, why they are in place, and how they are to properly function is important. Without this understanding, it will not be possible to determine the validity of the controls.
* Continual oversight-Compliance monitoring is a continual process and not just an occasional check on the status of equipment. A process of ongoing risk and control assessment is necessary to see the continued operation of controls. This often involves continual cooperation among different business units within the organization.
* Validation by an external unit-Determining if compliance is being achieved should not be performed by the individuals or business units that designed, installed, or manage the controls. There will be too much temptation to approve the controls and not rigorously test the controls if the persons responsible for the controls are also evaluating them. In a large organization, the internal audit department should perform this function.
* Use of scanning tools - Whenever possible, tools should be used to scan systems for control implementation. If this is not possible, the controls can be evaluated through manually tracking the workflow.
You might also like to view...
Match the following terms to their meanings:
I. Theme colors II. Background style III. Theme font IV. Headings font V. Body font A. a set of coordinating colors applied to backgrounds, objects, and text B. determines the font applied to two types of slide text C. applied to slide titles D. applied to all text except slide titles E. a slide background fill variation that combines theme colors
What are the steps to add a label to a report?
What will be an ideal response?
Which tab contains options for starting a slide show?
A. View B. File C. Slide Show D. Home
Which of the following statements about functions is false?
A. Functions must be both declared and defined. B. Function declaration needs to be done before it is called. C. Function declaration contains the code needed to complete the task. D. The function declaration contains the name of the program, its return type, and a formal parameter list. E. The function declaration is generally placed in the global portion of the program.