{"id":8953,"date":"2020-03-31T16:06:01","date_gmt":"2020-03-31T23:06:01","guid":{"rendered":"http:\/\/cdcr.test\/dom\/chapter-4-information-technology\/article-10-project-review-and-basic-policy\/44010-3-4-edp-audit\/"},"modified":"2020-03-31T16:06:01","modified_gmt":"2020-03-31T23:06:01","slug":"44010-3-4-edp-audit","status":"publish","type":"dom","link":"https:\/\/www.cdcr.ca.gov\/operations-manual\/dom\/chapter-4-information-technology\/article-10-project-review-and-basic-policy\/44010-3-4-edp-audit\/","title":{"rendered":"44010.3.4 EDP Audit"},"content":{"rendered":"\t<ul class=\"cdcr-dom-group-block\">\n\t\t\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Every two years the Department shall carry out and submit to the DOF an EDP audit. This audit is the responsibility of the Internal Audit Unit of PFAB (see DOM 49040). The audit shall be consistent with the DOF publication, &#8220;Information Technology Security and Risk Management Guidelines.&#8221; This guide reflects the SAM requirements regarding the responsibility and control of EDP policy, and provides audit guidelines; however, it may not cover all areas to be audited. The guide and information about it are available through the Internal Audit Unit of PFAB.<\/p>\n\t\t\t\t\t<\/li>\n\t\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>To accomplish this audit it is likely that ITS under development shall be selected for audit on a sample basis. The intent of the audit is to make an assessment of the degree of compliance by CDC with departmental and State policies and procedures. The scope of the audit shall include, but not be limited to, the following:<\/p>\n\t\t\t\t\t<ul class=\"cdcr-dom-group-block\">\n\t\t\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Project approvals, feasibility study, and risk analysis (DOM 49020).<\/p>\n\t\t\t\t\t<\/li>\n\t\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Operational recovery plan (DOM 49030).<\/p>\n\t\t\t\t\t<\/li>\n\t\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Information security practices.<\/p>\n\t\t\t\t\t<\/li>\n\t\t<\/ul>\n\t\t<\/li>\n\t\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>The Project Manager is responsible for ensuring that the project documentation is in compliance with policy.<\/p>\n\t\t\t\t\t<\/li>\n\t\t<\/ul>\n\t","protected":false},"parent":8946,"template":"","class_list":["post-8953","dom","type-dom","status-publish","hentry"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>44010.3.4 EDP Audit - Department Operations Manual (DOM)<\/title>\n<meta name=\"robots\" content=\"noindex, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"44010.3.4 EDP Audit - Department Operations Manual (DOM)\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.cdcr.ca.gov\/operations-manual\/dom\/chapter-4-information-technology\/article-10-project-review-and-basic-policy\/44010-3-4-edp-audit\/\" \/>\n<meta property=\"og:site_name\" content=\"Department Operations Manual (DOM)\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/operations-manual\\\/dom\\\/chapter-4-information-technology\\\/article-10-project-review-and-basic-policy\\\/44010-3-4-edp-audit\\\/\",\"url\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/operations-manual\\\/dom\\\/chapter-4-information-technology\\\/article-10-project-review-and-basic-policy\\\/44010-3-4-edp-audit\\\/\",\"name\":\"44010.3.4 EDP Audit - Department Operations Manual (DOM)\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/operations-manual\\\/#website\"},\"datePublished\":\"2020-03-31T23:06:01+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/operations-manual\\\/dom\\\/chapter-4-information-technology\\\/article-10-project-review-and-basic-policy\\\/44010-3-4-edp-audit\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.cdcr.ca.gov\\\/operations-manual\\\/dom\\\/chapter-4-information-technology\\\/article-10-project-review-and-basic-policy\\\/44010-3-4-edp-audit\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/operations-manual\\\/dom\\\/chapter-4-information-technology\\\/article-10-project-review-and-basic-policy\\\/44010-3-4-edp-audit\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/operations-manual\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"DOM\",\"item\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/operations-manual\\\/dom\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Chapter 4 &#8211; Information Technology\",\"item\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/operations-manual\\\/dom\\\/chapter-4-information-technology\\\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"Article 10 &#8211; Project Review and Basic Policy\",\"item\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/operations-manual\\\/dom\\\/chapter-4-information-technology\\\/article-10-project-review-and-basic-policy\\\/\"},{\"@type\":\"ListItem\",\"position\":5,\"name\":\"44010.3.4 EDP Audit\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/operations-manual\\\/#website\",\"url\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/operations-manual\\\/\",\"name\":\"Operations Manual\",\"description\":\"CDCR\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/operations-manual\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"44010.3.4 EDP Audit - Department Operations Manual (DOM)","robots":{"index":"noindex","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"en_US","og_type":"article","og_title":"44010.3.4 EDP Audit - Department Operations Manual (DOM)","og_url":"https:\/\/www.cdcr.ca.gov\/operations-manual\/dom\/chapter-4-information-technology\/article-10-project-review-and-basic-policy\/44010-3-4-edp-audit\/","og_site_name":"Department Operations Manual (DOM)","twitter_card":"summary_large_image","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.cdcr.ca.gov\/operations-manual\/dom\/chapter-4-information-technology\/article-10-project-review-and-basic-policy\/44010-3-4-edp-audit\/","url":"https:\/\/www.cdcr.ca.gov\/operations-manual\/dom\/chapter-4-information-technology\/article-10-project-review-and-basic-policy\/44010-3-4-edp-audit\/","name":"44010.3.4 EDP Audit - Department Operations Manual (DOM)","isPartOf":{"@id":"https:\/\/www.cdcr.ca.gov\/operations-manual\/#website"},"datePublished":"2020-03-31T23:06:01+00:00","breadcrumb":{"@id":"https:\/\/www.cdcr.ca.gov\/operations-manual\/dom\/chapter-4-information-technology\/article-10-project-review-and-basic-policy\/44010-3-4-edp-audit\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.cdcr.ca.gov\/operations-manual\/dom\/chapter-4-information-technology\/article-10-project-review-and-basic-policy\/44010-3-4-edp-audit\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.cdcr.ca.gov\/operations-manual\/dom\/chapter-4-information-technology\/article-10-project-review-and-basic-policy\/44010-3-4-edp-audit\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.cdcr.ca.gov\/operations-manual\/"},{"@type":"ListItem","position":2,"name":"DOM","item":"https:\/\/www.cdcr.ca.gov\/operations-manual\/dom\/"},{"@type":"ListItem","position":3,"name":"Chapter 4 &#8211; Information Technology","item":"https:\/\/www.cdcr.ca.gov\/operations-manual\/dom\/chapter-4-information-technology\/"},{"@type":"ListItem","position":4,"name":"Article 10 &#8211; Project Review and Basic Policy","item":"https:\/\/www.cdcr.ca.gov\/operations-manual\/dom\/chapter-4-information-technology\/article-10-project-review-and-basic-policy\/"},{"@type":"ListItem","position":5,"name":"44010.3.4 EDP Audit"}]},{"@type":"WebSite","@id":"https:\/\/www.cdcr.ca.gov\/operations-manual\/#website","url":"https:\/\/www.cdcr.ca.gov\/operations-manual\/","name":"Operations Manual","description":"CDCR","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.cdcr.ca.gov\/operations-manual\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"}]}},"distributor_meta":false,"distributor_terms":false,"distributor_media":false,"distributor_original_site_name":"Department Operations Manual (DOM)","distributor_original_site_url":"https:\/\/www.cdcr.ca.gov\/operations-manual","push-errors":false,"_links":{"self":[{"href":"https:\/\/www.cdcr.ca.gov\/operations-manual\/wp-json\/wp\/v2\/dom\/8953","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cdcr.ca.gov\/operations-manual\/wp-json\/wp\/v2\/dom"}],"about":[{"href":"https:\/\/www.cdcr.ca.gov\/operations-manual\/wp-json\/wp\/v2\/types\/dom"}],"version-history":[{"count":0,"href":"https:\/\/www.cdcr.ca.gov\/operations-manual\/wp-json\/wp\/v2\/dom\/8953\/revisions"}],"up":[{"embeddable":true,"href":"https:\/\/www.cdcr.ca.gov\/operations-manual\/wp-json\/wp\/v2\/dom\/8946"}],"wp:attachment":[{"href":"https:\/\/www.cdcr.ca.gov\/operations-manual\/wp-json\/wp\/v2\/media?parent=8953"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}