Embed Size (px)
Citation preview
Information Systems Audit
1. Entity level
controls (e.g. policies)
2. Identification
of Key Controls
(that address specific risks
3. Test of General and Application
controls
4. Define Substantive tests (test of
detail)
5. Audit assessment
results
6. Client feedback
Information Systems Audit
Say hello: [email protected]
Why audit Information
Systems (IS)?
Answer:
Measure the extent to which IS controls are helping an Organization achieve
its objectives
How are Information Systems audited?
Why are Information Systems audited?
Information Systems
Audit
1. The Entity:
measure extent that
IS are helping achieve business
objectives 2. External audit:
assurance over
financial results
3. IT Department: custodians of IS assets
4. Internal audit:
management of risk and
controls
5. Staff and stakeholder:
improved quality and timing of
information
6. Board: improved
insight into operations
and achievement of business
goals
Information Systems Audit and Financial ReportingWho are the users of Information Systems audit results?
Poor information systems controls can lead to a heightened Risk of Material Misstatement (RMM)
Information Systems
producing complete, accurate, valid
information
Financial Reporting
measure business performance to
objectives
RMM
Say hello: [email protected]
