Accra Metropolitan University

  • Home
  • Information
  • News
  • Help
  • Librarian
  • Member Area
  • Select Language :
    Arabic Bengali Brazilian Portuguese English Espanol German Indonesian Japanese Malay Persian Russian Thai Turkish Urdu

Search by :

ALL Author Subject ISBN/ISSN Advanced Search

Last search:

{{tmpObj[k].text}}
Image of Global Technology Audit Guide (GTAG®) 2 Change and Patch Management Controls: Critical for Organizational Success
Bookmark Share

Management

Global Technology Audit Guide (GTAG®) 2 Change and Patch Management Controls: Critical for Organizational Success

Global Technology Audit Guide - Organizational Body;

Because every IT risk creates some degree of business risk, it is important that CAEs thoroughly understand IT change and patch management issues.
IT change and patch management can be defined as the set of processes executed within the organization’s IT depart- ment designed to manage the enhancements, updates, incremental fixes, and patches to production systems, which include:
• Application code revisions.
• System upgrades (e.g., applications, operating systems, and databases).
• Infrastructure changes (e.g., servers, cabling, routers, and firewalls).
Stable and managed IT production environments require that implementation of changes be predictable and repeat- able, as well as follow a controlled process that is defined, monitored, and enforced. Segregation of duties (e.g., separa- tion of preparer, tester, implementer, and approver roles) and monitoring controls will reduce the risk of fraud and errors in the process.
Internal auditors should be familiar with key controls in the IT change management process, including:
• Only the minimal staff required to implement IT production changes should have access to the production environment (preventive).
• Authorization processes should involve stakeholders to assess and mitigate risks associated with proposed changes (preventive).
• Supervisory processes should encourage IT manage- ment and staff to undertake their duties responsibly (preventive) and be able to detect errant perfor- mance (detective).
This Global Audit Technology Guide (GTAG) was devel- oped to help internal auditors ask the right questions of the IT activity to assess its change management capability, to assess the overall level of process risk, and to determine whether a more detailed process review may be necessary.
After reading this guide, internal auditors will:
• Have a working knowledge of IT change manage- ment processes.
• Be able to quickly distinguish effective change management processes from ineffective ones.
• Be able to quickly recognize red flags and indica- tors that IT environments are having control issues related to change management.
• Understand that effective change management hinges on implementing preventive, detective, and corrective controls to enforce segregation of duties and ensure adequate management supervision.
• Be in a position to recommend the best known practices for addressing these issues, both for assur- ance of risks (including controls attestations), as well as increasing effectiveness and efficiency.
• Be able to sell recommendations more effectively to the chief information officer (CIO), chief executive officer (CEO), and/or chief financial officer (CFO).



Availability

No copy data

Detail Information
Series Title
-
Call Number
-
Publisher
: .,
Collation
1-34
Language
English
ISBN/ISSN
-
Classification
NONE
Content Type
-
Media Type
-
Carrier Type
-
Edition
-
Subject(s)
-
Specific Detail Info
-
Statement of Responsibility
-
Other version/related

No other version available

File Attachment
  • Global Technology Audit Guide (GTAG®) 2 Change and Patch Management Controls: Critical for Organizational Success
Comments

You must be logged in to post a comment

Accra Metropolitan University
  • Information
  • Services
  • Librarian
  • Member Area

About Us

Accra Metropolitan University is a forward-thinking, private higher education institution in Ghana dedicated to empowering minds and shaping futures for sustainable global development. Fully accredited by the Ghana Tertiary Education Commission (GTEC), the university is built on the core pillars of LIFE: Leadership, Innovation, Flexibility, and Entrepreneurship.

Search

start it by typing one or more keywords for title, author or subject

Keep SLiMS Alive Want to Contribute?

© 2026 — Senayan Developer Community

Powered by SLiMS
Select the topic you are interested in
  • Computer Science, Information & General Works
  • Philosophy & Psychology
  • Religion
  • Social Sciences
  • Language
  • Pure Science
  • Applied Sciences
  • Art & Recreation
  • Literature
  • History & Geography
Icons made by Freepik from www.flaticon.com
Advanced Search
Where do you want to share?