Published on March 1, 2014
Information System Audit and Control Lecture No 1
Recommended Readings • CISA Review Manual, ISACA Publications • Hunton, J.E., Bryant, S.M., and Bagranoff, N.A., Core Concepts of Information Technology Auditing, John Wiley & Sons, 2004. • Champlain, J.J., Auditing Information Systems, John Wiley, 2003. • Lecture Notes
Information System Audit • The government organizations have become increasingly dependent on computerized information systems to carry out their day-to-day operations. • IS Auditors evaluate the reliability of computer generated data supporting financial statements and analyze specific programs and their outcomes. • IS Auditors also examine the adequacy of controls in information systems and related operations to ensure system effectiveness.
Information System Audit (Con’d) • IS Audit is the process of collecting and evaluating evidence to determine whether an information system has been designed to maintain data integrity, safeguard assets, allows organizational goals to be achieved effectively, and uses resources efficiently. • Data integrity relates to the accuracy and completeness of information as well as to its validity.
Information System Audit (Con’d) • An error in the calculation of Income Tax to be paid by employees in a manual system will not occur in each case but once an error is introduced in a computerized system, it will affect each case. • A bank may suffer huge losses on account of an error of rounding off to the correct number of digits.
Information System Controls • Controls in a computer information system reflect the policies, procedures, and practices designed to provide reasonable assurance that objectives will be achieved. • The controls in a computer information system ensure effectiveness and efficiency of operations, reliability of financial reporting and compliance with the rules and regulations.
Information System Controls (Con’d) • General Controls – controls over data center operations, system software acquisition and maintenance, access security, and application system development and maintenance. • Application Controls – controls that help to ensure the proper authorization, completeness, accuracy, and validity of transactions, maintenance, and other types of data input.
Significance of IS Controls • The IS Controls overcome the following problems. – Data loss due to file damage, data corruption (manipulation), fire, power failure (or fluctuations), viruses etc. – Errors in software which can cause damage as one transaction in a computer system may affect data everywhere. – Computer abuse like fraud, negligent use etc.
An information technology audit, ... Management of IT and Enterprise Architecture: An audit to ... such as those from Information Systems Audit and Control ...
Download 1 × Close Share ... Information System Control & Audit. Need for IS Audit. Uncontrolled use of computers may results in: Data Loss Incorrect ...
Lecture Series covers the information covered ... The International Information System ... Data Information System Attacks; AUDIT AND MONITORING; Control ...
... Slide 1 Multimedia Information System Lab. Network Architecture Res ... Slide 1 Multimedia Information System Lab ... Rate Control Naoki Wakamiya ...
ISACA® is a nonprofit, independent association that advocates for professionals involved in information security, ... IS Audit & Assurance.
A MASTER’S PROJECT Submitted in partial fulfillment of the requirements for ... Audit Control Evaluation System ... audit and control information ...
2. What is Information? “Information is the processed and refined form of data that is meaningful or useful to the recipient”. Information processing ...
2. Audit in Computerized Environment 2.1. ... management and monitoring and control Information systems in any ... Information System Audit, ...