Information System Architecture and Audit Control Lecture 2

50 %
50 %
Information about Information System Architecture and Audit Control Lecture 2
Education

Published on March 1, 2014

Author: YasirAhmedKhan

Source: slideshare.net

Description

Information System Architecture and Audit Control

Information System Audit and Control Lecture No 2

IS Audit Resource Management • The IS technology is constantly changing. • The IS Auditors maintain their competency through updates of existing skills and obtaining trainings of new audit techniques. • The IS auditor should be technically sound and should maintain technical competence through continuing professional education.

IS Audit Resource Management (Cont’d) • A detailed staff training plan should be drawn based on technology and risk issues of an organization. • The trainings should be arranged at least semiannually. • The IS audit management provides necessary IT resources needed to perform IS audits of a highly specialized nature (e.g software scanners for network intrusion tests).

Audit Planning • Short term planning – Takes into account audit issues that will be covered during the year. • Long term planning – Takes into consideration risk-related issues which may affect the organization’s IT environment. • The planning of future audit activities should be reviewed by senior audit management and approved by audit committee.

Audit Planning (Con’d) • During audit planning, the IS auditor must have an understanding of the overall environment under review. – Various business practices and functions – Types of information systems – Supporting technology • The IS Auditor should: – Gain an understanding of business’s objectives – Information and processing requirements

Audit Planning (Con’d) – Identify policies, standards and guidelines – Perform risk analysis – Conduct IS control review – Set audit scope and audit objectives – Develop audit approach or audit strategy • Identifying available audit resources and assigning appropriate tasks.

Audit Planning (Con’d) – Identify policies, standards and guidelines – Perform risk analysis – Conduct IS control review – Set audit scope and audit objectives – Develop audit approach or audit strategy • Identifying available audit resources and assigning appropriate tasks.

Add a comment

Related presentations

Related pages

Information Systems Audit and Control Association

Worldwide association of Information Systems professionals dedicated to the Audit, Control, and Security of financial and operating information systems
Read more

Information technology audit - Wikipedia, the free ...

An information technology audit, ... Management of IT and Enterprise Architecture: An audit to ... such as those from Information Systems Audit and Control ...
Read more

Chapter 3 Review and the audit process

Review and the audit process ... 3.1 The process of review and audit of internal control systems ... (and the information system feeding that process ...
Read more

IT Audit Manual Manual of - iCISA , NOIDA

IT Audit Manual Manual of Information ... system of the auditee. 3 2. Audit Check list 2: ... system audit process 12. System audit controls Are audits of ...
Read more

Five Components of Internal Control - Jacksonville State ...

2. Auditor Risk Assessment ... Assessment of Internal Control Auditor Responsibilities ... system of internal control consists of ...
Read more

Certified Information Systems Auditor - Wikipedia, the ...

Certified Information Systems Auditor ... control and security of information systems. ... [2 Obtaining the ...
Read more

Fundamentals of Information Systems Security/Access ...

Fundamentals of Information Systems Security/Access ... Network Architecture. This control defines the logical and physical ... Review of Audit Information.
Read more

Information systems control and audit ~ Lecture # 2

Information systems control and audit ~ Lecture # 2. ... Information systems control and audit ~ Lecture # 2Delivered at Gyaan Academy, Satellite, ...
Read more