IT Audit Fundamentals

What is Auditing?
1. independent examination, inspection, or review.
  Annotations:
  - IT Auditing Financial Auditing Accounting Auditing
2. IT Auditing
  1. formal inspection
  2. check standards and guidelines
  3. records are accurate
  4. meets efficient and effective targets
  5. Internal
    1. follow procedures and apply criteria to organizations by the external auditors
  6. External
    1. follow strategies, plans, and procedures by the organization itself
3. What to audit
  1. business processes
  2. entire organizations
  3. mission functions
  4. individual business units
Why Audit?
1. manage risk
2. confirm efficient allocation of IT-related resources
3. achieve other IT and business objectives
Who gets Audited?
1. Public corporations
2. Financial institutions
3. Health care organizations
4. Nonprofit organizations
5. Government agencies
6. Federal funding recipients
7. Service providers
Who does Auditing?
1. Internal auditors
  1. employees of organizations hired by organizations to carry out internal audits;
2. IT auditors
  1. professional service firms provide external or internal IT auditing services
3. Auditing or accounting firms
4. Authorized certification organizations
  1. evaluate organizational practices and controls and confer certification to organizations
5. Organizations with the authority
  1. Government Accountability Office (GAO)
  2. Federal Deposit Insurance Corporation (FDIC)
  3. Department of Health and Human Services (HHS)
  4. Office for Civil Rights (OCR)
6. Inspectors general, audit executives
  1. authority to provide independent review of many aspects of the organizations for which they work

Next up

IT Audit Fundamentals

Description

Resource summary

Similar

	Created by Nurshara Fazreen Mazlan almost 7 years ago