Audit Information systems & IT Security
Audit Information systems & IT Security
Menu

: Home

: Terminology

: Best Practice
: : COBIT
: : ISO 27002 (ISO 17799)
: : ISO 27001
: : ISO 27000 Series
: : ISO 20000 - ITIL
: : COSO
: : Info Security Policy
: : Security Domains

: SOX

: Links
: : Organisations
: : Standards Orgs
: : Audit Links
: : Security Links

: The News Page

: Your IP Address

: Contact
: Legal Disclaimer
Search







Audit Information systems & and IT Security

Information System audit and IT Security

Definitions and Terminology

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z


assurance level


The amount of assurance obtained according to the specific scale used by the assurance method. NOTE 1. the assurance level may not be measurable in quantitative terms. NOTE 2. The amount of assurance obtained is generally related to the effort expended on the activities performed.

source: ISO/IEC-TR-15443-1, 2005

Practitioners should, in theory, be able to vary infinitely the level of assurance provided in assurance engagements. However, to help users understand the level of assurance being provided by the practitioner, the standards in ITAF section 2000 limit assurance to two distinct levels—a high level and a moderate level. Both attestation engagements and direct reporting engagements can be completed with either a high or a moderate level of assurance. The level of assurance appropriate for a particular engagement depends on the needs of users and the nature of the subject matter.

source: ITAF, ISACA, 2008


Google
 
Web www.audit-is.com

 

 



   
Auditing Security and IT Systems
Copyright 2006-2008. All Rights Reserved. Something missing on this page? Let us know