IT Examiner School eBook

Risk Assessment: Control Testing • Assurance testing or self assessments on controls if documented, demonstrates risk monitoring. • Metrics reporting provides evidence of conformance with policies and procedures. • Independent review to test controls reduce bias, increase capabilities, and increase knowledge about threats and technologies. • Independence gives credibility to the test results. • The reports generated from the tests should be prepared by individuals who similarly are independent.

Risk Assessment Exercise

Made with FlippingBook - Online magazine maker