Background of the Organization for IT Audit

Control Authorities are responsible for determining the appropriate level of access to the systems and requesting authorization for their staff through Information Department. Information Department will clear authorization for access to specific modules and notify the Authorities for approval. These service requests are processed through e-mail or written notes by Help Desk running under Information Department. If the request is for a new hire personal, the Help Desk will set up a new network user ID based on request.

User capabilities are granted individually, based on needs as determined by the Authorities, either by the administrator of Information Department as the staff of this department is responsible for directing, the design, analysis, creation, monitoring, administration, troubleshooting and enhancement of personal computer network or by a Authority (staff in department which has responsibility for such action to be taken
According to procedures Authorities are also responsible for notifying Information Department when an employee is terminated or transferred so that Information Department may be timely cancelled or modify the authorizations of the said employee.

All the purchase requests are routed from information department to the purchase department which is then forwarded to the authority for approval.