Professional Documents
Culture Documents
Overview
Impact of IT on organizations
IT governance
IT auditing
Work of IT auditors
Financial and IT audit
IT collects transaction data
IT turns data into information
Computerized transaction systems increase
some risks and decrease others
3
Opportunities
Transmit
documents
electronically
to customers
and vendors
Risks
Potential failure
of electronic
communication
systems
4
managing
competencies computer users
good
decision
making
Opportunities for
preserving
Organizations
data
IT application
5
destruction computer
of self image abuse
high cost of
incorrect
decision
making
Risks for
cost of Organizations
data loss
IT application ? 6
The process for controlling organizations’
IT resources (including information and
communication systems and technology)
The use of IT
o to promote an organizations’ objectives
o to enable business processes and
o to manage and control IT related risks.
7
IT governance begins with setting IT objectives
and measures and compares performance
against them (Cobit)
Provide
Direction
”
resources efficiently.
9
Organizations
Improve Improve
safeguarding systems
of assets Improve Improve efficiency
data system
integrity effectiveness
10
Lecture 02-12 Examples on specific applications
Ensure IT governance by
o assessing risks and
o monitoring controls over those risks
11
..audit engagement
Evaluate controls over specific application
Provide assurance over specific processes
Provide third party assurance
12
Financial statements in accordance with
generally accepted accounting principles
(GAAP)
13
IT auditors may work on financial audit
engagement
IT auditors may work on every step of the
financial audit
Standards (such as SAS94) guide the work
of IT auditors on financial audit
IT audit work on financial audit engagement
is likely to increase as internal control
14
Figure 1.2 Role of IT auditors in financial audit
15
traditional computer
auditing science
Information
Technology
Auditing
information
systems behavioral
management science
16
College education - IS, computer science,
accounting
17
General personal skills - presentation,
interpersonal, teamwork, marketing
18
ISACA – CISA IIA – CIA
21