IT audit in the Czech Radio
Who is a client
Czech Radio is a public service organization. It broadcasts on 8 nationwide and 14 regional stations. It has 13 workplaces and approximately 1500 employees. Information technology of the organization in addition to the broadcasting technology is managed by the Prague IT department with 30 employees.
Head of IT of Czech Radio Ing. Zbyněk Javornický took over his department in 2015. The ordered IT audit should independently verify the state of IT and start preparing for the application of the Cyber Security Act in the Czech Radio, as it can be assumed that such an important organization will have to manage in the future.
Accepting the agenda was not easy for the IT manager. "Because of the workload, I did not have enough time to revise the strategic documentation, which was obviously not in good shape, instead of falling into professional blindness," Zbyněk Javornický described. From the audit, he expected an audit report, but mainly insights and suggestions from independent auditors.
"The IT Audit offered me an independent professional view from the outside, I confirmed where I started, I clarified the priorities, and verified that I can rely on external resources when the internal ones are overloaded."
Ing. Zbyněk Javornický, Head of IT, Czech Radio
How the audit took place
- During the interview, we informed the client about the course of the audit, timing and time requirements for the client, as well as for the other employees of the department.
- The client provided the requested information in the questionnaire.
- The client supplied the requested documentation samples.
- Several controlled interviews were conducted to verify the actual status.
- We processed and submitted draft audit reports.
- There was a discussion, the message was modified and supplemented.
- We processed and presented the final version of the audit report.
- The conclusions in the report were divided into Internal IT, Other Departments, and Organization Strategy Papers.
- The audit was completed in 2 months. The performance time has greatly influenced the IT department head and vacation times.
Claims on client
- Interview time (40 hours for the manager, unit hours for the staff).
- Time to collect required documentation (hourly units).
Key Benefits through the Client's Eyes
- A valuable confrontation of our own and independent expert opinions. Verification of priorities in the direction of the IT department.
- Assessing the quality of documentation, discussion of its purpose and strategy. Suggestions how to process it more formally, yet with a high impact on IT management efficiency. Proposed updating of the service catalog as the basis for bringing the IT department closer to the rest of the organization in terms of budget and quality of IT services.
- Awareness that IT service users negotiate IT development resources more easily than directly from IT departments. Appropriate conclusions were adopted.
- Verify that deploying external suppliers can flexibly and reliably address the problem of overloading their own capacities.
- The proposed measures will ensure compliance with ISO or ITIL, but will, above all, increase insight into the issue and make it easier to find the right solutions.
IT auditing is a service especially suited to larger state and public organizations. For entities covered by the Cyber Security Act, regular audits are mandatory.