IT Examiner School eBook
Risk Assessment: Control Testing • Assurance testing or self assessments on controls if documented, demonstrates risk monitoring. • Metrics reporting provides evidence of conformance with policies and procedures. • Independent review to test controls reduce bias, increase capabilities, and increase knowledge about threats and technologies. • Independence gives credibility to the test results. • The reports generated from the tests should be prepared by individuals who similarly are independent.
Risk Assessment Exercise
Made with FlippingBook - Online magazine maker