A
AcadiFi
CO
ConfigItemMara2026-05-20
ciaCIA Part 3CMDBData Quality

How should internal audit assess CMDB data quality?

57 upvotes
AcadiFi TeamVerified Expert
AcadiFi Certified Professional

author: AcadiFi Team

Answer:

Internal audit should first identify how the CMDB is used. If it supports incident routing, change impact analysis, ownership, service mapping, or risk reporting, data quality becomes a control issue rather than a housekeeping issue.

Useful tests include comparing CMDB records to source systems, checking required fields, scanning for duplicates and orphan records, testing relationship accuracy for critical services, reviewing update timeliness, and inspecting exception remediation. The key is to connect data quality to decisions the organization makes from that data.

🔍

Master CIA Part 3 with our CIA Course

45 lessons · 90+ hours· Expert instruction

View Course — $199All-Access $49/mo
#cmdb#configuration-items#data-quality#asset-management

Related Questions

What should an auditor do if a supervisor weakens a supported finding?

cia·CIA Part 2·46 upvotes

How should auditors prepare for a technical exit meeting?

cia·CIA Part 2·35 upvotes

When should audit quality concerns be escalated beyond the engagement team?

cia·CIA Part 2·56 upvotes

How does business knowledge affect internal audit quality?

cia·CIA Part 2·51 upvotes

Where should an auditor begin a full-company internal control audit?

cia·CIA Part 2·51 upvotes

Related Articles

Auditing a Service Management Platform: Objectives That Actually Test Risk

12 min read

Practice Questions

Test your knowledge with our CIA question bank.

Try Practice Questions

Join the Discussion

Ask questions and get expert answers.

Join Now