Search
Topics
  Create an account Home  ·  Topics  ·  Downloads  ·  Your Account  ·  Submit News  ·  Top 10  
Modules
· Home
· Content
· FAQ
· Feedback
· Forums
· Search
· Statistics
· Surveys
· Top
· Topics
· Web Links
· Your_Account

Current Membership

Latest: FHeffner
New Today: 5
New Yesterday: 95
Overall: 141444

People Online:
Visitors: 75
Members: 3
Total: 78 .

Languages
Select Interface Language:


Major ITIL Portals
For general information and resources, ITIL and ITSM World is the most well known for both ITIL and ITIL Books. A shorter snapshot approach can be found at ITIL Zone

Related Resources
Service related resources
Service Level Agreement
Outsourcing

Note: ITIL is a registered trademark of OGC. This portal is totally independent and is in no way related to them. See our Feedback Page for more information.


The Itil Community Forum: Forums

ITIL :: View topic - Auditing report request
 Forum FAQForum FAQ   SearchSearch   UsergroupsUsergroups   ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Auditing report request

 
Post new topic   Reply to topic    ITIL Forum Index -> The ITIL Service Desk
View previous topic :: View next topic  
Author Message
FARIA
Newbie
Newbie


Joined: Dec 27, 2009
Posts: 2

PostPosted: Sun Dec 27, 2009 7:10 pm    Post subject: Auditing report request Reply with quote

For information risk auditing purpose,should an internal auditor have to log service request for information needed from a department under service desk??

i am trying to figure out this query whether the auditor needs to log it in service desk or approach the person directly..

i have a situation where a operations dept is refusing to provide information to audit unless they log the request under service desk
Back to top
View user's profile
Diarmid
Senior Itiler


Joined: Mar 04, 2008
Posts: 1884
Location: Newcastle-under-Lyme

PostPosted: Tue Dec 29, 2009 1:22 am    Post subject: Reply with quote

It would be normal for an auditor to access information through the responsible manager and to be given the information fairly quickly. The auditor is interested in the process of obtaining the information as well.

Otherwise the audit may be compromised.

Part of the planning for an audit is identifying the resources required to carry it out, not just the auditor but the auditees also. If there is a large body of data that needs to be collated for the audit that can be anticipated in the plan, but the auditor should not need to interface with the service desk for this (s/he may interface with the service desk, including putting forward requests as part of the audit of the processes) but rather go through management who should facilitate the request.

It makes no difference whether the audit is internal or external, if you take auditing seriously. Attempts to put the auditor through hoops has to be regarded with suspicion at the very least.

The auditor has one simple weapon available to counter this:

"No evidence was available at this time to indicate that the process/function/activity etc. has been working/controlled/performing to specification etc. during the period."

Lack of evidence cannot lead to a positive outcome.
_________________
"Method goes far to prevent trouble in business: for it makes the task easy, hinders confusion, saves abundance of time, and instructs those that have business depending, both what to do and what to hope."
William Penn 1644-1718
Back to top
View user's profile Send e-mail
FARIA
Newbie
Newbie


Joined: Dec 27, 2009
Posts: 2

PostPosted: Wed Dec 30, 2009 3:43 pm    Post subject: Thank you Reply with quote

Rightly Put ...Thank you Diarmid...
Back to top
View user's profile
viv121
Senior Itiler


Joined: Dec 15, 2007
Posts: 113

PostPosted: Sun Jan 03, 2010 5:53 am    Post subject: Auditing report request Reply with quote

Reminds me of a humour.

Once upon a time there was a shepherd looking after his sheep on the side of a deserted road.

Suddenly a brand new Porsche screeches to a halt.

The driver, a man dressed in an Armani suit, Cerutti shoes, Ray-Ban sunglasses, TAG-Heuer wrist-watch, and a Pierre Cardin tie gets out and asks the shepherd,

'If I can tell you how many sheep you have, will you give me one of them?'

The shepherd looks at the young man, then looks at the large flock of grazing sheep and replies, 'Okay.'

The young man parks the car, connects his laptop to the mobile-fax, enters a NASA Website, scans the ground using his GPS, opens a database and 60 Excel tables filled with algorithms and pivot tables. He then prints out a 150-page report on his high-tech mini-printer, turns to the shepherd and says,

'You have exactly 1,586 sheep.'

The shepherd cheers, 'That's correct, you can have your sheep.'

The young man takes one of the animals from the flock and puts it in the back of his Porsche.

The shepherd looks at him and asks, 'If I guess your profession, will you return my animal to me?'

The young man answers, 'Yes, why not?'

The shepherd says, 'You are an auditor..'

'How did you know?' asks the young man.

'Very simple,' answers the shepherd. '

Firstly, you came here without being wanted.

Secondly, you charged me a fee to tell me something I already knew..

Thirdly, you don't understand anything about my business....'

'.....Now can I have my dog back?'

Auditors come down to complete a job. With zero risk findings, there performance management would be at stake. Its safer to expose them to the known risks about which you have tried to do something. Well, when they come at the cost of the company, they will have to find out something even out of nothing. Otherwise, they will not be visiting places.
Back to top
View user's profile Send e-mail
Display posts from previous:   
Post new topic   Reply to topic    ITIL Forum Index -> The ITIL Service Desk All times are GMT + 10 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Powered by phpBB 2.0.8 © 2001 phpBB Group
phpBB port v2.1 based on Tom Nitzschner's phpbb2.0.6 upgraded to phpBB 2.0.4 standalone was developed and tested by:
ArtificialIntel, ChatServ, mikem,
sixonetonoffun and Paul Laudanski (aka Zhen-Xjell).

Version 2.1 by Nuke Cops 2003 http://www.nukecops.com

Forums ©

 

Logos/trademarks property of respective owner. Comments property of poster. Rest 2004 Itil Community for Service Management & Foundation Certification. SV
Site source copyright (c)2003, and is Free Software under the GNU / GPL licence. All Rights Are Reserved.