| Goal | Audit Question | Audit Definition | Audit Method | Audit Frequency & Reports | Responsibility & Reporting |
GIS strategic vision & alignment | Assess effectiveness of GIS strategy in fulfilling overall system goals and objectives | Are the planned initiatives consistent with overall strategy being accomplished by the GIS | Strategic plan Implementation plan Management plan Communication plan Standard operating procedures (SOPs) Business continuity plan | Review aspects of system utilization, governance and funding to identify current or future needs and directions. Engagements and feedbacks Observations e.g. effect of GIS staff leaving or coming in SWOT analysis | Quarterly basis | GIS Program Manager Senior management |
Implementation | Assess GIS adoption & implementation within specified structure | Is the GIS achieving the intended goals and objectives | Activities schedule & workflows Statements of work Competency plan | Review quality of implementation through output examination | Daily to monthly | GIS Program Manager |
Communication plan | Examine enhancement in information flow & collaboration within the GIS | What strategies exist to ensure information flow | Communication plan Feedback plan | Review feedback to ensure the communication is understood by stakeholders | monthly or quarterly | GIS Program Manager |
Quality of system outputs (deliverables- products and services) | Certify the value of created products and services | Do the products and services comply to quality standards for the specified GIS applications | Quality management plan Quality control manual Performance plan Quality assurance program and quality rules Existing GIS data policies and standards | Validate data for compliance by tracking uncertainties, outliers, errors & anomalies Assess client’s satisfaction from their feedback | Daily production Weekly data reviews Data quality tests | GIS Program Manager |
Data Creation and Update | Establish procedures for geospatial data & information that meets desired industry standards, rules and best practices | Is the collected data fit for purpose and does it fit industry standards? | Existing geospatial data creation policies and standards Data Dictionary (Metadata & database description) Documentations Quality controls | Established procedures for data creation Data update notifications Automated data update mechanisms | Data update intervals specific for each dataset type ● Imagery ● Topographic ● Cadastre ● Elevation ● Geodetic ● Administrative boundaries ● Attribute ● Metadata | GIS Program Manager |
Data modification, dissemination, accessibility | Assess the safety of GIS information from unauthorized access, modification or deletion | Is there proper data dissemination and protection method and will sensitive data remain confidential? | Data modification & dissemination plans. Document protocols for confidential data Data user identity mechanism | Automated monitoring of data movements. Data surveillance through tracking. Data access control matrix & monitoring techniques Data watermarks | Daily controlled and restricted environment | GIS Program Manager Senior management |
Data redundancy checks | Assess system performance risks and losses associate with redundant data and storage requirements | Does data redundancy affect GIS performance and storage requirements | A centralized database Data catalogued and graded Data storage repository Procedures on data categorization | Prioritize system data in terms of ready for use, ready to delete and potential elimination Review data completeness, accuracy, integrity, timelines and applicability | Weekly review of system GIS spatial database | GIS Program Manager |
GIS technology: components, equipment and information sharing | Monitor effectiveness of the GIS technology that meets system goals | Does the GIS catching-up with the changing GIS technology and other existing systems integration mechanism | GIS components keep pace with technology Interoperability: concepts in terms of formats & standards required for data exchange & information sharing | Examine data, technology and workflows to determine current GIS technology trends & software upgrade Established procedures for data conversion for incompatible formats | Daily operations Timely software licensing/update | GIS Program Manager |
Hardware and network infrastructure | Establish adequacy in hardware and network setup that provide best performance and meet expected GIS loads | Does the hardware and network configuration provides acceptable response time and a conducive working environment | Networks, Workstations and Servers Data storage and backup options | Hardware and network performance monitoring software Use network management protocol Monitor new developments in hardware and network performance through online research or vendors | Daily monitoring of hardware/network performance in terms of ● CPU cores ● CPU speed ● RAM ● Operating System ● Hardware and network response ● Hardware and network failures ● Storage space and backup options ● Severs | GIS System Engineer Network Administrator |
GIS Standard Operating Procedures (SOPs) | Assess sound work methods that produces consistent products and services with least time possible and minimal errors | Are there existing SOPs that defines GIS operational requirements and do procedures conform to existing standards | Documented procedures GIS conformance to existing policies and standards Document Management System | Check documentation of procedures Check compliance of procedures to existing standards Measure work efforts and credibility Automate document management | Annual review and update of SOPs Review of conformance to standard operating Procedures during job production | GIS Program Manager
|
GIS support & maintenance | Examine support for GIS as a service for excellent delivery of products and services | Are the resources in good condition to run operations of GIS | GIS implementation & operation practices Risks mitigation measures Technical supports, After service warranties & support guarantee to customers | Review efficiency of operations through reduced time loss, maximum performance, increased profitability and broadened competitive edge | Timely, monitoring, upgrades & maintenance controls | GIS Program Manager System Engineer GIS developer Network Administrator GIS System administrator GIS programmer |
GIS security | Review GIS quality and safety measures | What are the overall GIS security measures in place | Data security guidelines Data Privacy guidelines Access and usage controls Physical security Potable device policy | Review of: ● System access & usage risks ● Information uniqueness ● Physical security measures ● Data storage and backups ● Monitor logs for access control violation | Daily security assessment Daily data backups | GIS user GIS Program Manager |
Resource Accountability | Assess resources accountability that supports the continuity of GIS | Are the resources used wisely and of the right choice and condition? | Resources inventory, Identified knowledge, roles & functions of GIS resources. Instrument calibration Firmware updates | Assessment of physical and internal condition of GIS resources Allocate staff responsibility for GIS resources Calibration & firmware update procedures | Routine evaluation Timely maintenance, update, calibration & servicing of equipment | GIS user GIS Program Manager |
Staff development programs | Examine GIS personnel to build on existing knowledge and skills | What are the existing gaps in the GIS that calls for development programs | Training & staff development programs | Review changes & improvements on ● Technical work outputs ● Software use ● Staff attitude towards the GIS Measure work performance difference especially after staff transition | Routine evaluation of gaps that may require training or development programs | GIS Program Manager Senior management |
Funding | Assess sufficiency of funds to support and sustain the GIS | Is there enough fund to cater for the GIS requirements | Initial capital & operating budget Funding decisions that compromise system performance | Review of cost and benefit analysis Review of procurement procedures | Monthly (Operational budget changes as system matures) | Senior management |