Embed Size (px)
Citation preview
IT Audit ChallengesV.Jawahar
B.Com(Hons); FCA; Grad.CWA; ISACISA; CISSP; CISM
IntroductionDeveloping an Audit Plan is one of the
weakest links in the IT audit processAssessing risks in every domain of business
should be the starting point for every audit. Don’t let others dictate what should be audited.
To develop and audit plan, it is vital to do a company wide risk assessment.
Heightened expectations from management – high level of service and low cost.
Gain an understanding of the IT environment
IT Audit Plan Development Process Understand the BusinessDefine IT UniversePerform Risk AssessmentFormulate Audit Plan
Understand the BusinessOrganizational Uniqueness Operating Environment & structure IT support model �
Degree of system and geographic centralization Types of technologies deployed Degree of customization Policies and standards Degree of Regulation and Compliance Degree of outsourcing Degree of operational standardization
Level of Reliance on Technology
Defining IT UniverseExamining the Business ModelRole of Supporting TechnologiesAnnual Business PlansCentralised and Decentralised IT FunctionsIT Support ProcessesRegulatory CompliancesAudit Subject Areas
Business ApplicationsAssessing Risks
Performing Risk Assessment Risk Assessment ProcessRanking RiskLeading IT Governance Frameworks
Formalising IT Audit PlanAudit Plan ContextStakeholders RequestsAudit FrequencyAudit Plan PrinciplesThe IT Plan ContentIntegration of the IT Audit PlansValidating the Audit planThe Dynamic Nature of the IT Audit PlanCommunicating, Gaining Executive Support,
and Obtaining Plan Approval
Thank You
