3. SOFTWARE AUDIT:
SOFTWARE AUDIT OR SOFTWARE AUDIT REVENUE IS A TYPE OF SOFTWARE REVIEW IN WHICH
ONE OR MORE AUDITORS WHO ARE NOT MEMBERS OF THE SOFTWARE DEVELOPMENT
ORGANISATION CONDUCT “AN INDEPENDENT EXAMINATION OF A SOFTWARE
PROCESS,SOFTWARE PRODUCT OR SET OF SOFTWARE PROCESS TO ASSESS COMPLIANCE WITH
SPECIFICATIONS……
4. PARTICIPANTS OF IT AUDIT:
INITIATOR
LEAD AUDITOR
RECORDER
AUDITORS
AUDITED ORGANISATION
7. STEPS INVOLVED:
Conduct a software inventory (number of software, System Architecture, OS platform and
compatibility ratio)
Meter application usage (application usage and its criticality)
Gather software licensing data (licensed and pirated versions)
Adjust license counts (order appropriate to the requirements)
Establish and communicate software policies (software purchase & documentation, software use).
Manage ongoing license compliance.
8. PRINCIPLES :
– Timeliness
– Source Openness
– Elaborateness (quality, Scope & Effectivity)
– The financial Context (background reflection)
– Scientific referencing of learning perspectives
– Literature-Inclusion (Bibliography)
– Inclusion of User manuals & Documentation (Analysis of Documents)
– Identify references to innovations (Continuous Reviews)
9. some important measures in
ensuring Software Audit process
The systems audit consists of an evaluation of the components which comprise that system, with examination and
testing in the following areas:
High-level systems architecture review
Business process mapping (e.g. determining information systems dependency with respect to user business
processes)
End user identity management (e.g. authentication mechanisms, password standards, roles limiting or granting
systems functionality)
Operating systems configurations (e.g. services hardening)
Application security controls