The questions included in this tool can be applied to the implementation of new systems or major upgrades.
Sample questions include: Has there been an application implementation risk assessment and who contributed? Is there a documented risk management plan for the implementation effort? Is there experienced audit or control representation on the implementation project? Does the IT charter or implementation requirements include a goal to save money by automating and optimizing controls? Does the implementation team include representatives from internal audit, the user community and relevant business processes as well as IT?