Presentation is loading. Please wait.

Presentation is loading. Please wait.

Overview of Systems Audit

Published byPhilippa Antonia Dennis Modified over 8 years ago

Similar presentations

Presentation on theme: "Overview of Systems Audit"— Presentation transcript:

1 Overview of Systems Audit
Chapter 1: Overview of Systems Audit

2 Information Systems Audit
Examination of various controls in information systems Design and working of controls Process, practices, and operations. The auditor forms an opinion whether information systems safeguards assets, maintains data integrity, and operates effectively and efficiently to achieve the agreed goals and objectives of the entity.

3 Information System Environment
Regulations IT Governance Policies Disaster Recovery Procedures Legal Issues Services Monitoring Documentation Hardware Internal Controls Software Audits Information

4 Legal Requirement of Information Systems Audit
Sarbanes Oxley Act 2002 Directions from various statutory and regulatory agencies Even financial audit requires testing of adequacy and efficiency of internal control before expressing an audit opinion.

5 Information System Assets
Information assets Software assets Physical assets Other technical equipment Services

6 Optimizing Computerization
Systems audit focuses on Standardization of hardware, operating systems, system software, and applications Whether information flow is smooth and it’s integrity is not compromised. Test of efficiency and search for emerging vulnerabilities. Risk assessment for security breaches that may arise from communication and networking infrastructure.

7 Optimizing Computerization
Systems audit focus (Cont’d) Risk assessment for security breaches that may occur in the auditee organisation. Assurance of migration and maintenance of data integrity. Availability of human resources vis-a-vis success and failure of information technology projects. Security maintenance for usage of plastic cards and e-commerce interface integrated in regular functioning of the auditee.

8 General Controls Organization and operation controls
Systems development and documentation controls Hardware and system software controls Access controls Data and procedural controls Business continuity control

9 Application Controls Input control Processing control Output control

10 Objective Based Control Classification
Directive controls Preventive controls Detective controls Corrective controls Recovery controls

11 Impact of Computers on Information
Changes in The way of Working Processing of Data Storage of Data Telecommunication Data Accessibility Security Methodology Maintenance of data Transaction Initiation Inputs Authorisation Movement of Documents Transaction Processing Complexity of Processing Information Storage Outputs Filing of Documents System of Back-up Audit Trails Procedure Manual Monitoring & Supervision Segregation of Duties

12 Impact of Computers on Auditing
Computerized audit trails Interwoven complex systems Transaction walkthroughs Entropy in complex systems Outsourced and distributed information

13 Information Systems Audit Coverage
Hardware security issues Software security issues IS Audit Requirements Conducting IS Audit Risk based IS Audit Auditing Disaster Recovery Plans Auditing E-commerce Environment Legal Framework Security Testing Information Security Grading (ISecGrade) Framework

Download ppt "Overview of Systems Audit"

Similar presentations

OPERATING EFFECTIVELY AT WESD. What is Internal Control? A process designed to provide reasonable assurance the organizations objectives are achieved.

OPERATING EFFECTIVELY AT WESD. What is Internal Control? A process designed to provide reasonable assurance the organizations objectives are achieved.
IT Web Application Audit Principles Presented by: James Ritchie, CISA, CISSP….

IT Web Application Audit Principles Presented by: James Ritchie, CISA, CISSP….
Information System Audit : © South-Asian Management Technologies Foundation Chapter 4: Information System Audit Requirements.

Information System Audit : © South-Asian Management Technologies Foundation Chapter 4: Information System Audit Requirements.
Chapter 10 Accounting Information Systems and Internal Controls

Chapter 10 Accounting Information Systems and Internal Controls
Control and Accounting Information Systems

Control and Accounting Information Systems
Information Technology Control Day IV Afternoon Sessions.

Information Technology Control Day IV Afternoon Sessions.
Auditing Computer-Based Information Systems

Auditing Computer-Based Information Systems
Internal Control.

Internal Control.
The Islamic University of Gaza

The Islamic University of Gaza
Learning Objectives LO1 Distinguish between management and auditor’s responsibilities regarding an auditee organization’s internal controls. LO2 Explain.

Learning Objectives LO1 Distinguish between management and auditor’s responsibilities regarding an auditee organization’s internal controls. LO2 Explain.
Audit Guidance Using the Federal Information System Controls Audit Manual (FISCAM) to Achieve Audit Objectives in Financial and Performance Audits Mickie.

Audit Guidance Using the Federal Information System Controls Audit Manual (FISCAM) to Achieve Audit Objectives in Financial and Performance Audits Mickie.
Security Controls – What Works

Security Controls – What Works
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
12 - 1 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder The Impact of Information Technology on the Audit Process Chapter 12.

©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder The Impact of Information Technology on the Audit Process Chapter 12.
Internal Control Concepts Knowledge. Best Practices for IT Governance IT Governance Structure of Relationship Audit Role in IT Governance.

Internal Control Concepts Knowledge. Best Practices for IT Governance IT Governance Structure of Relationship Audit Role in IT Governance.
MSIS 110: Introduction to Computers; Instructor: S. Mathiyalakan1 Systems Design, Implementation, Maintenance, and Review Chapter 13.

MSIS 110: Introduction to Computers; Instructor: S. Mathiyalakan1 Systems Design, Implementation, Maintenance, and Review Chapter 13.
IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESS

IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESS
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.

Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
Managing Information Systems Information Systems Security and Control Part 2 Dr. Stephania Loizidou Himona ACSC 345.

Managing Information Systems Information Systems Security and Control Part 2 Dr. Stephania Loizidou Himona ACSC 345.
Internal Control in a Financial Statement Audit

Internal Control in a Financial Statement Audit

Similar presentations

Ads by Google