Self-Assessment Questionnaire: IT Security Remediation
Subscriber Content
Assessing and Improving IT Security Measures
This sample is intended to be used to assist with Sarbanes-Oxley Act (SOX) control remediation efforts.
This sample provides the auditee with an opportunity to inform internal audit about controls and processes they employ, and it also gives the auditee ideas about other controls and processes that may be appropriate. Negative responses to questions indicate areas where remediation efforts may be required. This questionnaire can be used during the audit planning phase, to guide the creation of internal audit work programs; during reviews, to help to quickly assess the types of internal controls being employed within a particular process; and as a training tool to educate new internal auditors about processes, etc.