Академический Документы
Профессиональный Документы
Культура Документы
INTRODUCTION
INTRODUCTION
IS AUDIT PROCESS
OVERVIEW
5
2 . 1 E S TA B L I S H I N G & A P P R O V I N G
AN AUDIT CHARTER
• The first audit objective is to establish an audit charter, which
gives you the authority to perform an audit. The audit charter is
issued by executive management or the board of directors.
• The audit charter should clearly state management’s assertion
of responsibility, their objectives, and delegation of authority.
Authority
Responsibility Accountability
Audit
Charte
r
• Internal Control • Fieldwork
Questionnaire • Evaluation
• Audit Scope • Testing
• Objective
Planning Assessment
Follow-Up Reporting
• Confirmation of • Communication
Planned Actions • Audit Findings
• Audit Response
Verification
• Assessment
Result
• First step in IT audit
• Short-Term Goal
- that will be covered during the year.
• Long-Term Goal
- regarding changes to the organization’s IT strategic direction.
• Objective : To obtain sufficient information about the firm to plan
following phases of the audit.
Planning Considerations Information Gathering
• Security Risk
2.4 Identifying the audit
evidence
Audit Evidence
Objective
Evidence Reliability
Obtaining Evidence
Audit Evidence
Evidence is any information used by the IS auditor to determine whether
the entity or data being audited follows the established audit criteria.
When planning the IS audit work, the IS auditor should take into the
account the type of audit evidence to be gathered to meet the audit
objectives and its varying levels of reliability.
The main objective of the work performed by the auditor in an audit engagement is that of
obtaining reasonable assurance as to whether the financial statements, as a whole, are free
from material misstatement, so that the auditor is able to express an opinion on the financial
statements and report accordingly in the auditor’s report
Usable Relevant
Is the provider of the evidence
Independent? Is the evidence provider qualified?
Evidence Reliability
Audit evidence provided by original documents is Audit evidence in documentary form, whether paper,
more reliable than audit evidence provided by electronic, or other medium, is more reliable than
photocopies evidence obtained orally.
Re-calculation
Observation Computation or Analytical procedures
Procedure that consists of recalculation provides a Analytical procedures are
looking at a process or high level of assurance used throughout the audit
procedure being performed by regarding arithmetical process and are
others so that evidence about accuracy. conducted for the primary
the actual performance is and secondary purposes
obtained.
The audit report is the end result of an audit and can be used by the recipient
person or organization as a tool for financial reporting, investing, altering
operations, enforcing accountability, or making decisions.
An effective audit report is essential to making sure the results of your audit are
presented in a way that is useful to the party receiving the audit.
Evaluate audit strength and weakness to develop the audit opinions and
recommendations.
It require IS auditor to make judgment that are often gain from experience.
In general, an audit report an introduction, a section which describes the
scope of the audit and the auditor’s opinion,
has three sections: which describes the audit findings.
4) objectives
2) Purpose
helps to prevent this becoming an issue:
• how outstanding recommendations/management actions will be tracked
• how resolution will be reported and validated
• what follow up action might be needed
• how this will be carried out in order to provide assurance that identified risks are being
appropriately addressed.
2. Depends on management
1) Integral part