The aim of the audit is to identify and reduce high-risk areas within a dataset to prevent data integrity breaches.
Audits usually include the following stages:
Audit preparation
The purpose of the audit is to identify any anomalies that could lead a data integrity breach. This includes deleted data, reprocessed, injected as test/trial samples, or resides outside of the review during the final batch disposition.
The audit
Conduct interviews with frontline employees as this provides a fuller story than relying on management to provide critical data, the goal of obtaining the full story may not be achieved since managers may be several layers removed from the specific process being reviewed.
Conclusions and feedback
The audit report will include objectionable conditions found in data integrity controls, oversight and governance, and results.
Correcting any issues and concerns
Following discussions and recommendations with management, corrective and preventative action would include consideration for interim controls. This may be necessary when longer term technological solutions leave areas for substantial risk.