Successfully conducted IT audit of information system
IT audit of the information system has recently been conducted by an independent company.
The audit covered two fields – management of externalization and management of architecture of IT system.
These two are the key fields in management of IT system. Basic methodology used during the audit was the frame COBIT 4.1, while for assessment of a risk in case of lack of control, the frame ISO/IEC 27001 was used. On the basis of conducted audits it was concluded that the overall condition and adequacy of the management of externalization and architecture of IT system can be given a referent COBIT rating “Regulated”. The mentioned rating is an equivalent to 4 of maximum 5, what suggests that there is space for upgrading within the management of externalization and architecture for which the P.C. Sarajevo International Airport LLC has already been prepared.