BYOD Audit/Assurance Program 

 

BYOD Audit/Assurance Program  Download (187K; Member Only)
  Download—French (555K; Member Only)
Bookstore Purchase the Book

  Provide feedback on this document
Knowledge Center  Visit the Mobile Computing Knowledge Center community

The BYOD audit/assurance review will:

  • Provide management with an assessment of BYOD policies and procedures and their operating effectiveness
  • Identify internal control and regulatory deficiencies that could affect the organization
  • Identify information security control concerns that could affect the reliability, accuracy and security of the enterprise data due to weaknesses in mobile computing controls

The review will focus on:

  • BYOD devices that connect to the organization’s networks or contain organization data
  • BYOD devices in scope include all varieties of smartphones, tablet computers and their various operating systems

IT audit and assurance professionals are expected to customize this document to the environment in which they are performing an assurance process. This document is to be used as a review tool and starting point. It may be modified by the IT audit and assurance professional; it is not intended to be a checklist or questionnaire. It is assumed that the IT audit and assurance professional has the necessary subject matter expertise required to conduct the work and is supervised by a professional with the Certified Information Systems Auditor (CISA) designation and/or necessary subject matter expertise to adequately review the work performed.