The primary objective of this audit was to evaluate IS general controls at the University. The scope of our IS general controls audit included general security issues, access controls, program maintenance, physical security, operations procedures, system software, telecommunications, and disaster recovery. Other IS general control topics were reviewed as considered necessary. We did not find any significant weaknesses in general security, access control, program maintenance, physical security, operations procedures, software controls, or telecommunications controls during our audit. However, we noted some deficiencies in the disaster recovery plans.
First Published