University Technology Services Review
The purpose is to identify significant risks and control weaknesses at an institution associated with the university technology services (UTS) control environment.
The review covers a defined timeframe. The project scope includes meetings and discussions with UTS management and the completion of a comprehensive Information Systems and Technology Questionnaire that examines 15 different IT-related areas: IT policies, authentication, business continuity, firewalls, intrusion detection and prevention systems, networks, penetration tests, remote access, routers, security program, servers, vendor oversight, virus protection, website, and wireless networks.
Based upon project outcomes, an opinion is expressed on the design of the internal control structure supporting operations within the university technology services department.