IT auditing - Auditing Computer Systems Agenda Auditing scope and objectives Information system(IS audit objectives Study and evaluation of

Info iconThis preview shows pages 1–16. Sign up to view the full content.

View Full Document Right Arrow Icon
Auditing Computer Systems
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Agenda Auditing scope and objectives Information system (IS) audit objectives Study and evaluation of internal control in an AIS Computer audit software
Background image of page 2
Types of Internal Auditing Work What are the three different types of audits commonly performed? 1 Financial audit 2 Information system (IS) audit 3 Operational or management audit
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Types of Internal Auditing Work The financial audit examines the reliability and integrity of accounting records (both financial and operating information). The information systems (IS) audit reviews the general and application controls in an AIS to assess its compliance with internal control policies and procedures and its effectiveness in safeguarding assets.
Background image of page 4
Types of Internal Auditing Work The operational, or management, audit is concerned with the economical and efficient use of resources and the accomplishment of established goals and objectives.
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
An Overview of the Auditing Process All audits follow a similar sequence of activities and may be divided into four stages. 1 Audit planning 2 Collection of audit evidence 3 Evaluation of audit evidence 4 Communication of audit results
Background image of page 6
An Overview of the Auditing Process Audit Planning Establish scope and objectives Organize audit team Develop knowledge of business operations Review prior audit results Identify risk factors Prepare audit program
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Collection of Audit Evidence Observation of operating activities Review of documentation Discussion with employees and questionnaires Physical examination of assets Confirmation through third parties Reperformance of procedures Vouching of source documents Analytical review and sampling An Overview of the Auditing Process
Background image of page 8
An Overview of the Auditing Process Evaluation of Audit Evidence Assess quality of internal controls Assess reliability of information Assess operating performance Consider need for additional evidence Consider risk factors Consider materiality factors Document audit findings
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
An Overview of the Auditing Process Communication of Audit Results Formulate audit conclusions Develop recommendations for management Present audit results to management
Background image of page 10
Agenda Auditing scope and objectives Information system (IS) audit objectives Study and evaluation of internal control in an AIS Computer audit software
Background image of page 11

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
IS Audits Purpose of AIS audit: review and evaluate internal controls that protect system When performing IS audit, auditors ascertain that certain objectives met
Background image of page 12
Risk-Based Audit Approach provides auditors with clear understanding of errors and irregularities that can occur and related risks and exposures Provides basis for developing recommendations to management on how AIS control system should be improved
Background image of page 13

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Risk-Based Audit Four-step approach Determine threats facing AIS Identify control procedures that should be in place to minimize each threat Evaluate existing control procedures Determine weaknesses
Background image of page 14
Audit Objectives
Background image of page 15

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 16
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 10/25/2011 for the course AIS 141 taught by Professor Yanxiong during the Fall '10 term at CSU Sacramento.

Page1 / 74

IT auditing - Auditing Computer Systems Agenda Auditing scope and objectives Information system(IS audit objectives Study and evaluation of

This preview shows document pages 1 - 16. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online