1. What is the purpose of an IT audit?

IT audit usually embodies review and evaluation of automated information

processing systems, related non-automated processes and the crossing points
among them. The purpose of an IT audit is to evaluate the system's internal
control design and effectiveness. An IT audit also provides an independent
appraisal of some technology- or systems-related object, such as proper IT
implementation, or controls over computer resources. An IT audit also evaluates
the system's worth and security conventions to evaluate the organization's ability
to protect its information assets and properly doled out information to authorized
parties.
2. Discuss the concept of independence within the context of a financial audit.
How is independence different for internal auditors?
Unlike other professions, auditors shall be independent enough in doing
their jobs. Independence is essential to the effectiveness of financial audit.
Auditors, both internal and external auditors, must possess independence in
auditing financial statements and making assertions about the class of
transactions present in the financial statements. An assertion or opinion given by
an auditor shall be free from bias, not influenced by some other parties and is
objectively obtained by means of objectively gathering and evaluating evidences.
An audit shall bear the independence of the internal auditor or of the external
auditor from parties that may have a financial interest in the business being
audited.
Internal auditors must have independence from parties whose interests
might be harmed by the results of an audit. They must be objective in performing
their work and must have no immaterial or material direct interests or material
indirect connections with the client. The auditor can never be a backer of the
client, but must independently corroborate whether GAAP and other necessary
guidelines have been met. Independence for internal auditors is different
because they are employed by the organization, and cannot be as independent
as the external auditor. Thus internal auditors must use professional judgment
and independent minds in auditing.

3. What are the conceptual phases of an audit? How do they differ between
general auditing and IT auditing?

The three conceptual phases of auditing are:

Audit planning
Tests of internal controls, and
Substantive tests.

Theoretically, no difference exists between IT auditing and general

auditing. This is because IT auditing is a part of general auditing which merely
includes computer technology.
4. Distinguish between the internal and external auditors.
Internal auditors work within an organization and report to its audit
committee and directors. Internal auditors act for the interests of management.
They merely work under the provision and directive of the company itself. Internal
auditing includes evaluating operational efficiency, conducting financial audits,
examining an operations compliance with appropriate laws and regulations,
detecting and preventing fraud within the firm, and conducting IT audits. They
help to design the companys organizing systems and help develop specific risk
management policies. Internal auditors are usually employees of the company.
External auditors are appointed by the shareholders of a company.
External auditors must be appointed from a different company independent of
their own. External auditors represent the interests of third-party stakeholders in
the organization, like the stockholders, creditors, and government agencies.
External auditing is conducted by CPAs who are independent of the
organizations management.
5. What are the four primary elements described in the definition of auditing?
1.
2.
3.
4.

auditing standards
systematic process
managementassertions and audit objectives
obtaining evidence