SlideShare una empresa de Scribd logo

Information System Architecture and Audit Control Lecture 2

Descargar como PPT, PDF
Yasir Khan
Yasir Khan

This document discusses information system audit resource management and planning. It states that IS auditors must maintain their technical competence through ongoing training, as technology constantly changes. A detailed training plan should be developed based on an organization's technology and risks. Planning involves both short-term audits for the current year as well as long-term consideration of emerging risks, and future audit activities should be approved by senior management and the audit committee. Effective planning requires the auditor to understand the business, information systems, technologies, objectives, and risks to identify appropriate audit scope, objectives, and resources.

Educación
1 de 7
Information System Audit and Control Lecture No 2
IS Audit Resource Management • The IS technology is constantly changing. • The IS Auditors maintain their competency through updates of existing skills and obtaining trainings of new audit techniques. • The IS auditor should be technically sound and should maintain technical competence through continuing professional education.
IS Audit Resource Management (Cont’d) • A detailed staff training plan should be drawn based on technology and risk issues of an organization. • The trainings should be arranged at least semiannually. • The IS audit management provides necessary IT resources needed to perform IS audits of a highly specialized nature (e.g software scanners for network intrusion tests).
Audit Planning • Short term planning – Takes into account audit issues that will be covered during the year. • Long term planning – Takes into consideration risk-related issues which may affect the organization’s IT environment. • The planning of future audit activities should be reviewed by senior audit management and approved by audit committee.
Audit Planning (Con’d) • During audit planning, the IS auditor must have an understanding of the overall environment under review. – Various business practices and functions – Types of information systems – Supporting technology • The IS Auditor should: – Gain an understanding of business’s objectives – Information and processing requirements
Audit Planning (Con’d) – Identify policies, standards and guidelines – Perform risk analysis – Conduct IS control review – Set audit scope and audit objectives – Develop audit approach or audit strategy • Identifying available audit resources and assigning appropriate tasks.
Audit Planning (Con’d) – Identify policies, standards and guidelines – Perform risk analysis – Conduct IS control review – Set audit scope and audit objectives – Develop audit approach or audit strategy • Identifying available audit resources and assigning appropriate tasks.

Recomendados

3c 2 Information Systems Audit
3c 2 Information Systems Audit3c 2 Information Systems Audit
3c 2 Information Systems Audit
Rajeswaran Muthu Venkatachalam
 
Internal controls in an IT environment
Internal controls in an IT environment Internal controls in an IT environment
Internal controls in an IT environment
Chris Nicole Apat-Orcullo, CPA
 
Information System audit
Information System auditInformation System audit
Information System audit
Pratapchandra
 
Information System Architecture and Audit Control Lecture 1
Information System Architecture and Audit Control Lecture 1Information System Architecture and Audit Control Lecture 1
Information System Architecture and Audit Control Lecture 1
Yasir Khan
 
Control and audit of information System (hendri eka saputra)
Control and audit of information System (hendri eka saputra)Control and audit of information System (hendri eka saputra)
Control and audit of information System (hendri eka saputra)
Hendri Eka Saputra
 
008.itsecurity bcp v1
008.itsecurity bcp v1008.itsecurity bcp v1
008.itsecurity bcp v1
Mohammad Ashfaqur Rahman
 
CONTROL & AUDIT INFORMATION SYSTEM (HALL, 2015)
CONTROL & AUDIT INFORMATION SYSTEM (HALL, 2015)CONTROL & AUDIT INFORMATION SYSTEM (HALL, 2015)
CONTROL & AUDIT INFORMATION SYSTEM (HALL, 2015)
Muhammad Azmy
 
Information system control and audit
Information system control and auditInformation system control and audit
Information system control and audit
Astri Stiawaty
 

Recomendados

3c 2 Information Systems Audit
3c 2 Information Systems Audit3c 2 Information Systems Audit
3c 2 Information Systems Audit
Rajeswaran Muthu Venkatachalam
 
Internal controls in an IT environment
Internal controls in an IT environment Internal controls in an IT environment
Internal controls in an IT environment
Chris Nicole Apat-Orcullo, CPA
 
Information System audit
Information System auditInformation System audit
Information System audit
Pratapchandra
 
Information System Architecture and Audit Control Lecture 1
Information System Architecture and Audit Control Lecture 1Information System Architecture and Audit Control Lecture 1
Information System Architecture and Audit Control Lecture 1
Yasir Khan
 
Control and audit of information System (hendri eka saputra)
Control and audit of information System (hendri eka saputra)Control and audit of information System (hendri eka saputra)
Control and audit of information System (hendri eka saputra)
Hendri Eka Saputra
 
008.itsecurity bcp v1
008.itsecurity bcp v1008.itsecurity bcp v1
008.itsecurity bcp v1
Mohammad Ashfaqur Rahman
 
CONTROL & AUDIT INFORMATION SYSTEM (HALL, 2015)
CONTROL & AUDIT INFORMATION SYSTEM (HALL, 2015)CONTROL & AUDIT INFORMATION SYSTEM (HALL, 2015)
CONTROL & AUDIT INFORMATION SYSTEM (HALL, 2015)
Muhammad Azmy
 
Information system control and audit
Information system control and auditInformation system control and audit
Information system control and audit
Astri Stiawaty
 
Information systems audit and control
Information systems audit and controlInformation systems audit and control
Information systems audit and control
Kashif Rana ACCA
 
Information Systems Audit - Ron Weber chapter 1
Information Systems Audit - Ron Weber chapter 1Information Systems Audit - Ron Weber chapter 1
Information Systems Audit - Ron Weber chapter 1
Sreekanth Narendran
 
IT System & Security Audit
IT System & Security AuditIT System & Security Audit
IT System & Security Audit
Mufaddal Nullwala
 
Information Systems Control and Audit - Chapter 3 - Top Management Controls -...
Information Systems Control and Audit - Chapter 3 - Top Management Controls -...Information Systems Control and Audit - Chapter 3 - Top Management Controls -...
Information Systems Control and Audit - Chapter 3 - Top Management Controls -...
Sreekanth Narendran
 
Introduction to it auditing
Introduction to it auditingIntroduction to it auditing
Introduction to it auditing
Damilola Mosaku
 
Control and Audit Information System
Control and Audit Information SystemControl and Audit Information System
Control and Audit Information System
arif prasetyo
 
Internal Controls Over Information Systems
Internal Controls Over Information Systems Internal Controls Over Information Systems
Internal Controls Over Information Systems
Jeffrey Paulette
 
Information systems control and audit ~ Lecture # 2
Information systems control and audit ~ Lecture # 2Information systems control and audit ~ Lecture # 2
Information systems control and audit ~ Lecture # 2
FCA Vikram S Mathur
 
ITGC audit of ERPs
ITGC audit of ERPsITGC audit of ERPs
ITGC audit of ERPs
Jayesh Daga
 
Basics in IT Audit and Application Control Testing
Basics in IT Audit and Application Control Testing Basics in IT Audit and Application Control Testing
Basics in IT Audit and Application Control Testing
Dinesh O Bareja
 
Information System Audit and Control
Information System Audit and ControlInformation System Audit and Control
Information System Audit and Control
Asad Raza
 
IT General Controls Presentation at IIA Vadodara Audit Club
IT General Controls Presentation at IIA Vadodara Audit ClubIT General Controls Presentation at IIA Vadodara Audit Club
IT General Controls Presentation at IIA Vadodara Audit Club
Kaushal Trivedi
 
Chapter 4 : Auditing and the information technology environment
Chapter 4 : Auditing and the information technology environmentChapter 4 : Auditing and the information technology environment
Chapter 4 : Auditing and the information technology environment
KugendranMani
 
Auditing in Computerized Environment
Auditing in Computerized EnvironmentAuditing in Computerized Environment
Auditing in Computerized Environment
Dr. Sushil Bansode
 
Auditing SOX ITGC Compliance
Auditing SOX ITGC ComplianceAuditing SOX ITGC Compliance
Auditing SOX ITGC Compliance
seanpizzy
 
IT Control Objectives for SOX
IT Control Objectives for SOXIT Control Objectives for SOX
IT Control Objectives for SOX
Mahesh Patwardhan
 
IT General Controls
IT General ControlsIT General Controls
IT General Controls
Cicero Ray Rufino
 
Information Systems Control and Audit - Chapter 4 - Systems Development Manag...
Information Systems Control and Audit - Chapter 4 - Systems Development Manag...Information Systems Control and Audit - Chapter 4 - Systems Development Manag...
Information Systems Control and Audit - Chapter 4 - Systems Development Manag...
Sreekanth Narendran
 
Audit Sample Report
Audit Sample ReportAudit Sample Report
Audit Sample Report
Randy James
 
Conducting an Information Systems Audit
Conducting an Information Systems Audit Conducting an Information Systems Audit
Conducting an Information Systems Audit
Sreekanth Narendran
 
Tech Audit overview
Tech Audit overviewTech Audit overview
Tech Audit overview
edtech111
 
Information System and Control Audit ~ Lecture I
Information System and Control Audit ~ Lecture IInformation System and Control Audit ~ Lecture I
Information System and Control Audit ~ Lecture I
Kartik T. Vayeda & Co.
 

Más contenido relacionado

La actualidad más candente

Information systems audit and control
Information systems audit and controlInformation systems audit and control
Information systems audit and control
Kashif Rana ACCA
 

La actualidad más candente (20)

Information systems audit and control
Information systems audit and controlInformation systems audit and control
Information systems audit and control
 
Information Systems Audit - Ron Weber chapter 1
Information Systems Audit - Ron Weber chapter 1Information Systems Audit - Ron Weber chapter 1
Information Systems Audit - Ron Weber chapter 1
 
IT System & Security Audit
IT System & Security AuditIT System & Security Audit
IT System & Security Audit
 
Information Systems Control and Audit - Chapter 3 - Top Management Controls -...
Information Systems Control and Audit - Chapter 3 - Top Management Controls -...Information Systems Control and Audit - Chapter 3 - Top Management Controls -...
Information Systems Control and Audit - Chapter 3 - Top Management Controls -...
 
Introduction to it auditing
Introduction to it auditingIntroduction to it auditing
Introduction to it auditing
 
Control and Audit Information System
Control and Audit Information SystemControl and Audit Information System
Control and Audit Information System
 
Internal Controls Over Information Systems
Internal Controls Over Information Systems Internal Controls Over Information Systems
Internal Controls Over Information Systems
 
Information systems control and audit ~ Lecture # 2
Information systems control and audit ~ Lecture # 2Information systems control and audit ~ Lecture # 2
Information systems control and audit ~ Lecture # 2
 
ITGC audit of ERPs
ITGC audit of ERPsITGC audit of ERPs
ITGC audit of ERPs
 
Basics in IT Audit and Application Control Testing
Basics in IT Audit and Application Control Testing Basics in IT Audit and Application Control Testing
Basics in IT Audit and Application Control Testing
 
Information System Audit and Control
Information System Audit and ControlInformation System Audit and Control
Information System Audit and Control
 
IT General Controls Presentation at IIA Vadodara Audit Club
IT General Controls Presentation at IIA Vadodara Audit ClubIT General Controls Presentation at IIA Vadodara Audit Club
IT General Controls Presentation at IIA Vadodara Audit Club
 
Chapter 4 : Auditing and the information technology environment
Chapter 4 : Auditing and the information technology environmentChapter 4 : Auditing and the information technology environment
Chapter 4 : Auditing and the information technology environment
 
Auditing in Computerized Environment
Auditing in Computerized EnvironmentAuditing in Computerized Environment
Auditing in Computerized Environment
 
Auditing SOX ITGC Compliance
Auditing SOX ITGC ComplianceAuditing SOX ITGC Compliance
Auditing SOX ITGC Compliance
 
IT Control Objectives for SOX
IT Control Objectives for SOXIT Control Objectives for SOX
IT Control Objectives for SOX
 
IT General Controls
IT General ControlsIT General Controls
IT General Controls
 
Information Systems Control and Audit - Chapter 4 - Systems Development Manag...
Information Systems Control and Audit - Chapter 4 - Systems Development Manag...Information Systems Control and Audit - Chapter 4 - Systems Development Manag...
Information Systems Control and Audit - Chapter 4 - Systems Development Manag...
 
Audit Sample Report
Audit Sample ReportAudit Sample Report
Audit Sample Report
 
Conducting an Information Systems Audit
Conducting an Information Systems Audit Conducting an Information Systems Audit
Conducting an Information Systems Audit
 

Destacado

Compliance audit under the Information Technology Act, 2000
Compliance audit under the Information Technology Act, 2000Compliance audit under the Information Technology Act, 2000
Compliance audit under the Information Technology Act, 2000
Sagar Rahurkar
 
IT Audit methodologies
IT Audit methodologiesIT Audit methodologies
IT Audit methodologies
genetics
 
The Internal Audit Framework
The Internal Audit FrameworkThe Internal Audit Framework
The Internal Audit Framework
Ahmad Tariq Bhatti
 

Destacado (20)

Tech Audit overview
Tech Audit overviewTech Audit overview
Tech Audit overview
 
Information System and Control Audit ~ Lecture I
Information System and Control Audit ~ Lecture IInformation System and Control Audit ~ Lecture I
Information System and Control Audit ~ Lecture I
 
Information system and control audit – lecture i
Information system and control audit – lecture iInformation system and control audit – lecture i
Information system and control audit – lecture i
 
Audit rizkie hafizzah
Audit rizkie hafizzahAudit rizkie hafizzah
Audit rizkie hafizzah
 
Entity Level Controls And
Entity Level Controls AndEntity Level Controls And
Entity Level Controls And
 
Compliance audit under the Information Technology Act, 2000
Compliance audit under the Information Technology Act, 2000Compliance audit under the Information Technology Act, 2000
Compliance audit under the Information Technology Act, 2000
 
Security and Audit Report Sign-Off—Made Easy
Security and Audit Report Sign-Off—Made EasySecurity and Audit Report Sign-Off—Made Easy
Security and Audit Report Sign-Off—Made Easy
 
IT Audit methodologies
IT Audit methodologiesIT Audit methodologies
IT Audit methodologies
 
International Auditing Standards (ISA)
International Auditing Standards (ISA)International Auditing Standards (ISA)
International Auditing Standards (ISA)
 
5.4 it security audit (mauritius)
5.4 it security audit (mauritius)5.4 it security audit (mauritius)
5.4 it security audit (mauritius)
 
The information security audit
The information security auditThe information security audit
The information security audit
 
IT Audit For Non-IT Auditors
IT Audit For Non-IT AuditorsIT Audit For Non-IT Auditors
IT Audit For Non-IT Auditors
 
Internal Audit Report Writing Best Practice
Internal Audit Report Writing Best PracticeInternal Audit Report Writing Best Practice
Internal Audit Report Writing Best Practice
 
Audit Report
Audit ReportAudit Report
Audit Report
 
Audit report
Audit reportAudit report
Audit report
 
The Internal Audit Framework
The Internal Audit FrameworkThe Internal Audit Framework
The Internal Audit Framework
 
Audit Checklist for Information Systems
Audit Checklist for Information SystemsAudit Checklist for Information Systems
Audit Checklist for Information Systems
 
How to Effectively Audit your IT Infrastructure
How to Effectively Audit your IT InfrastructureHow to Effectively Audit your IT Infrastructure
How to Effectively Audit your IT Infrastructure
 
Checklist
ChecklistChecklist
Checklist
 
Internal audit report writing
Internal audit report writingInternal audit report writing
Internal audit report writing
 

Similar a Information System Architecture and Audit Control Lecture 2

Security Baselines and Risk Assessments
Security Baselines and Risk AssessmentsSecurity Baselines and Risk Assessments
Security Baselines and Risk Assessments
Priyank Hada
 

Similar a Information System Architecture and Audit Control Lecture 2 (20)

10 - Project Management
10 - Project Management10 - Project Management
10 - Project Management
 
CObIT
CObITCObIT
CObIT
 
Information system audit 2
Information system audit 2 Information system audit 2
Information system audit 2
 
It Audit
It AuditIt Audit
It Audit
 
3 focus areas for any organisation's IT & Security department
3 focus areas for any organisation's IT & Security department 3 focus areas for any organisation's IT & Security department
3 focus areas for any organisation's IT & Security department
 
IT Planning Methods.pptx
IT Planning Methods.pptxIT Planning Methods.pptx
IT Planning Methods.pptx
 
management system development and planning
management system development and planningmanagement system development and planning
management system development and planning
 
Shruti ppt
Shruti pptShruti ppt
Shruti ppt
 
Lecture 3 spm
Lecture 3 spmLecture 3 spm
Lecture 3 spm
 
papp01.pptx
papp01.pptxpapp01.pptx
papp01.pptx
 
PPT-UEU-Audit-Kendali-Sistem-Informasi-Pertemuan-4.ppt
PPT-UEU-Audit-Kendali-Sistem-Informasi-Pertemuan-4.pptPPT-UEU-Audit-Kendali-Sistem-Informasi-Pertemuan-4.ppt
PPT-UEU-Audit-Kendali-Sistem-Informasi-Pertemuan-4.ppt
 
Internal financial control - how ready are you - Webinar
Internal financial control - how ready are you - WebinarInternal financial control - how ready are you - Webinar
Internal financial control - how ready are you - Webinar
 
Hi600 m1 u1_part1_instslides
Hi600 m1 u1_part1_instslidesHi600 m1 u1_part1_instslides
Hi600 m1 u1_part1_instslides
 
Security Baselines and Risk Assessments
Security Baselines and Risk AssessmentsSecurity Baselines and Risk Assessments
Security Baselines and Risk Assessments
 
Mis chapter 8
Mis chapter 8Mis chapter 8
Mis chapter 8
 
HI600 Ch 1 Inst_slides
HI600 Ch 1 Inst_slidesHI600 Ch 1 Inst_slides
HI600 Ch 1 Inst_slides
 
ISA 3 COBIT
ISA 3 COBITISA 3 COBIT
ISA 3 COBIT
 
IT Admin
IT AdminIT Admin
IT Admin
 
It admin
It adminIt admin
It admin
 
UNIT V CONTROLLING.pptx
UNIT V CONTROLLING.pptxUNIT V CONTROLLING.pptx
UNIT V CONTROLLING.pptx
 

Más de Yasir Khan

Flynns classification
Flynns classificationFlynns classification
Flynns classification
Yasir Khan
 
Natural Language Processing
Natural Language ProcessingNatural Language Processing
Natural Language Processing
Yasir Khan
 

Más de Yasir Khan (20)

Lecture 6
Lecture 6Lecture 6
Lecture 6
 
Lecture 4
Lecture 4Lecture 4
Lecture 4
 
Lecture 3
Lecture 3Lecture 3
Lecture 3
 
Lecture 2
Lecture 2Lecture 2
Lecture 2
 
Lec#1
Lec#1Lec#1
Lec#1
 
Ch10 (1)
Ch10 (1)Ch10 (1)
Ch10 (1)
 
Ch09
Ch09Ch09
Ch09
 
Ch05
Ch05Ch05
Ch05
 
Snooping protocols 3
Snooping protocols 3Snooping protocols 3
Snooping protocols 3
 
Snooping 2
Snooping 2Snooping 2
Snooping 2
 
Introduction 1
Introduction 1Introduction 1
Introduction 1
 
Hpc sys
Hpc sysHpc sys
Hpc sys
 
Hpc 6 7
Hpc 6 7Hpc 6 7
Hpc 6 7
 
Hpc 4 5
Hpc 4 5Hpc 4 5
Hpc 4 5
 
Hpc 3
Hpc 3Hpc 3
Hpc 3
 
Hpc 2
Hpc 2Hpc 2
Hpc 2
 
Hpc 1
Hpc 1Hpc 1
Hpc 1
 
Flynns classification
Flynns classificationFlynns classification
Flynns classification
 
Dir based imp_5
Dir based imp_5Dir based imp_5
Dir based imp_5
 
Natural Language Processing
Natural Language ProcessingNatural Language Processing
Natural Language Processing
 

Último

The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
heathfieldcps1
 
Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptx
negromaestrong
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
heathfieldcps1
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
PECB
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
kauryashika82
 

Último (20)

Sociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning ExhibitSociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning Exhibit
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
Energy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural Resources
Energy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural ResourcesEnergy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural Resources
Energy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural Resources
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-IIFood Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan Fellows
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptx
 
Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptx
 
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
 
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
 
PROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docx
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
 
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesMixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
 

Information System Architecture and Audit Control Lecture 2

  • 1. Information System Audit and Control Lecture No 2
  • 2. IS Audit Resource Management • The IS technology is constantly changing. • The IS Auditors maintain their competency through updates of existing skills and obtaining trainings of new audit techniques. • The IS auditor should be technically sound and should maintain technical competence through continuing professional education.
  • 3. IS Audit Resource Management (Cont’d) • A detailed staff training plan should be drawn based on technology and risk issues of an organization. • The trainings should be arranged at least semiannually. • The IS audit management provides necessary IT resources needed to perform IS audits of a highly specialized nature (e.g software scanners for network intrusion tests).
  • 4. Audit Planning • Short term planning – Takes into account audit issues that will be covered during the year. • Long term planning – Takes into consideration risk-related issues which may affect the organization’s IT environment. • The planning of future audit activities should be reviewed by senior audit management and approved by audit committee.
  • 5. Audit Planning (Con’d) • During audit planning, the IS auditor must have an understanding of the overall environment under review. – Various business practices and functions – Types of information systems – Supporting technology • The IS Auditor should: – Gain an understanding of business’s objectives – Information and processing requirements
  • 6. Audit Planning (Con’d) – Identify policies, standards and guidelines – Perform risk analysis – Conduct IS control review – Set audit scope and audit objectives – Develop audit approach or audit strategy • Identifying available audit resources and assigning appropriate tasks.
  • 7. Audit Planning (Con’d) – Identify policies, standards and guidelines – Perform risk analysis – Conduct IS control review – Set audit scope and audit objectives – Develop audit approach or audit strategy • Identifying available audit resources and assigning appropriate tasks.