An information technology Audit, or information systems audit, is an examination of the management controls within an Information technology (IT) infrastructure. The evaluation of obtained evidence determines if the information systems are safeguarding assets, maintaining data integrity, and operating effectively to achieve the organization's goals or objectives. These reviews may be performed in conjunction with a financial statement audit, internal audit, or other form of attestation engagement.
IT Audit process
The following are basic steps in performing the Information Technology Audit Process:
- Planning
- Risk Assessment
- Studying and Evaluating Controls
- Testing and Evaluating Controls
- Reporting
- Follow-up
- Reports
IT Audit is not about ordinary accounting controls or traditional financial auditing. IT auditing is also not only about compliance testing. Some believe IT auditors are about making sure people conform to some set of rules—implicit or explicit—and that what we do is report on exceptions to the rules. Actually, that is management’s job. It is not the compliance with rules that is of interest to IT auditors. IT auditors are examining whether the entity’s relevant systems or business processes for achieving and monitoring compliance are effective. IT auditors also assess the design effectiveness of the rules—whether they are suitably designed or sufficient in scope to properly mitigate the target risk or meet the intended objective.
Career Opportunities for Information System Auditor
Career Opportunities for Information System Auditor
- IS Auditor
- IS Risk Management and Assurance
- IS Management Advisory
- Internal Auditor
- IS Security Consultant
Visit My Blog: http://vinay-kumar-saini.blogspot.in/
No comments:
Post a Comment