Audit Report 2.1 Background 2.2 Objectives, Criteria, Scope and Approach 2.2.1 Audit Objectives and Criteria 2.2.2 Audit Scope and Approach 2.3 Conclusion, Findings and Recommendations APPENDIX A Interviews Conducted: APPENDIX B Assessment of Audit Criteria Management Action Plan1.

Specifically the scope included desktops, laptops, monitors, printers, scanners, network servers, routers and switches.

Excluded from the scope of the audit were cameras, PDA’s and smart phones as well as all computer software.

The criteria were reviewed with and by Agency management in both CIOD and Administration.

They agreed the criteria are appropriate to render a conclusion on the audit objective.

Based on the audit procedures performed, Audit Services Canada has obtained sufficient and appropriate audit evidence to conclude that ACOA has an appropriate control framework for the management of information technology assets substantially in place, however, improvements are required in certain areas and there needs to be more diligence around the completeness and accuracy of the records maintained in the asset management application and its supporting processes. 2.3.1 Criterion 1 - Roles and responsibilities for the management of information technology assets are defined and communicated.

Based on the audit procedures performed, we concluded that this criterion was met.

The scope of the audit covered the management of IT assets for the period of April 1, 2010 to March 31, 2011.

We discussed and agreed with internal audit what IT assets would be in scope and those that would be excluded from our scope of coverage.

Prepared for: Atlantic Canada Opportunities Agency Internal Audit Directorate Prepared by: Audit Services Canada Project: A.000707.006 July 2011 1.

Executive Summary 1.1 Audit Objective 1.2 Audit Opinion 1.3 Summary of Recommendations 2.

Requests for services in the areas of IM/IT must be reviewed and approved by the technical authorities of the Chief Information Officer Directorate (CIOD).” 2.2 Objectives, Criteria, Scope and Approach 2.2.1 Audit Objectives and Criteria The objective of this audit is to provide assurance to the President that ACOA has established and is using an appropriate control framework for the management of information technology assets.