Information System Architecture and Audit Control Lecture 2

50 %
50 %
Information about Information System Architecture and Audit Control Lecture 2
Education

Published on March 1, 2014

Author: YasirAhmedKhan

Source: slideshare.net

Description

Information System Architecture and Audit Control

Information System Audit and Control Lecture No 2

IS Audit Resource Management • The IS technology is constantly changing. • The IS Auditors maintain their competency through updates of existing skills and obtaining trainings of new audit techniques. • The IS auditor should be technically sound and should maintain technical competence through continuing professional education.

IS Audit Resource Management (Cont’d) • A detailed staff training plan should be drawn based on technology and risk issues of an organization. • The trainings should be arranged at least semiannually. • The IS audit management provides necessary IT resources needed to perform IS audits of a highly specialized nature (e.g software scanners for network intrusion tests).

Audit Planning • Short term planning – Takes into account audit issues that will be covered during the year. • Long term planning – Takes into consideration risk-related issues which may affect the organization’s IT environment. • The planning of future audit activities should be reviewed by senior audit management and approved by audit committee.

Audit Planning (Con’d) • During audit planning, the IS auditor must have an understanding of the overall environment under review. – Various business practices and functions – Types of information systems – Supporting technology • The IS Auditor should: – Gain an understanding of business’s objectives – Information and processing requirements

Audit Planning (Con’d) – Identify policies, standards and guidelines – Perform risk analysis – Conduct IS control review – Set audit scope and audit objectives – Develop audit approach or audit strategy • Identifying available audit resources and assigning appropriate tasks.

Audit Planning (Con’d) – Identify policies, standards and guidelines – Perform risk analysis – Conduct IS control review – Set audit scope and audit objectives – Develop audit approach or audit strategy • Identifying available audit resources and assigning appropriate tasks.

Add a comment

Related presentations

Related pages

Information System Architecture and Audit Control Lecture 2

1. Information System Audit and Control Lecture No 2 ; 2. IS Audit ...
Read more

Information Technology - Information Assurance | ISACA

ISACA® is a nonprofit, independent association that advocates for professionals involved in information security, ... IS Audit & Assurance.
Read more

Information technology audit - Wikipedia

An information technology audit, ... Management of IT and Enterprise Architecture: An audit to ... such as those from Information Systems Audit and Control ...
Read more

By HAROLD J. WAGNER, CISA A MASTER’S PROJECT Submitted in ...

A MASTER’S PROJECT Submitted in partial fulfillment of the requirements for ... Audit Control Evaluation System ... audit and control information ...
Read more

CONTENTS 2. Audit in Computerized Environment

2. Audit in Computerized Environment 2.1. ... Availability of Information Systems 2.7. Access Control ... Information System Audit, ...
Read more

Information Systems Audit: The Basics | CSO Online

... information systems audit seems almost synonymous with information security control ... use to plan the audit. Policies, architecture ... 85.2 million ...
Read more

ISC2® - Systems Security Practitioner (SSCP) Lecture ...

The International Information System Security - (ISC)2’s exam SSCP, ... Data Information System Attacks; AUDIT AND ... System Architecture Requirements ...
Read more