Territory Stories

February 2008 report to the Legislative Assembly

Details:

Title

February 2008 report to the Legislative Assembly

Collection

Report to the Legislative Assembly; Reports; PublicationNT

Date

2008

Description

Made available via the Publications (Legal Deposit) Act 2004 (NT).

Notes

Date:2008-02

Language

English

Subject

Northern Territory. Auditor-General's Office -- Periodicals; Finance, Public -- Northern Territory -- Accounting -- Periodicals; Northern Territory -- Appropriations and expenditures -- Periodicals

Publisher name

Northern Territory Auditor-General's Office

Place of publication

Darwin

ISSN

1323-7128

Copyright owner

Check within Publication or with content Publisher.

Parent handle

https://hdl.handle.net/10070/223559

Citation address

https://hdl.handle.net/10070/686148

Page content

64 Auditor-General for the Northern Territory February 2008 Report Department of Health and Community Services QANTEL IT Controls Audit objectives and scope The objective and scope of the audit was to assess IT controls in relation to the QANTEL stock system, with a particular focus on: IT application controls over key processes within the QANTEL system. The focus was on ordering, receipting and issuing stock in the catering, laboratory, prosthetics, laundry, dental, and laboratory areas; Consideration of the adequacy of interface / validation controls between QANTEL and GAS; and Consideration of QANTEL application level access controls, focussing on where they relate to key IT application controls identified above (e.g. segregation of duties). Controls that are the responsibility of parties outside the Department of Health and Community Services (DHCS), other IT general controls (e.g. network access, physical access, communication controls, remote access controls) and/or systems other than QANTEL at DHCS were not focused on as part of this engagement. Fieldwork was conducted at Royal Darwin Hospital but not other locations. The focus was on IT controls and not manual controls. The approach was based on: observation and enquiry of appropriate IT and business personnel; identification of potential risks; assessing appropriate documentation; and walkthrough testing of key controls.


Aboriginal and Torres Strait Islander people are advised that this website may contain the names, voices and images of people who have died, as well as other culturally sensitive content. Please be aware that some collection items may use outdated phrases or words which reflect the attitude of the creator at the time, and are now considered offensive.

We use temporary cookies on this site to provide functionality.
By continuing to use this site without changing your settings, you consent to our use of cookies.