Scribd Logo
Upload

Welcome to Scribd!

  • 61 views

    Information Systems Audit

    Uploaded by

    yogin76
    The document discusses information systems auditing. An information systems audit is the process of collecting evidence to determine if an information system safeguards assets, maintains data integrity, achieves organizational goals effectively, and consumes resources efficiently. The purpose of an IT audit is to review and provide feedback on availability, confidentiality, integrity, effectiveness, efficiency, value for money, and return on investment. Areas that can be reviewed include physical/environmental systems, system administration, application software, network security, business continuity, and data integrity. When auditing software, auditors look at adherence to business rules, data input validations, access control, authorization, exception handling, and logging.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Information Systems Audit

    Uploaded by

    yogin76
    61 views8 pages
    The document discusses information systems auditing. An information systems audit is the process of collecting evidence to determine if an information system safeguards assets, maintains data integrity, achieves organizational goals effectively, and consumes resources efficiently. The purpose of an IT audit is to review and provide feedback on availability, confidentiality, integrity, effectiveness, efficiency, value for money, and return on investment. Areas that can be reviewed include physical/environmental systems, system administration, application software, network security, business continuity, and data integrity. When auditing software, auditors look at adherence to business rules, data input validations, access control, authorization, exception handling, and logging.

    Original Description:

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document discusses information systems auditing. An information systems audit is the process of collecting evidence to determine if an information system safeguards assets, maintains data integrity, achieves organizational goals effectively, and consumes resources efficiently. The purpose of an IT audit is to review and provide feedback on availability, confidentiality, integrity, effectiveness, efficiency, value for money, and return on investment. Areas that can be reviewed include physical/environmental systems, system administration, application software, network security, business continuity, and data integrity. When auditing software, auditors look at adherence to business rules, data input validations, access control, authorization, exception handling, and logging.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as ppt, pdf, or txt
    61 views8 pages

    Information Systems Audit

    Uploaded by

    yogin76
    The document discusses information systems auditing. An information systems audit is the process of collecting evidence to determine if an information system safeguards assets, maintains data integrity, achieves organizational goals effectively, and consumes resources efficiently. The purpose of an IT audit is to review and provide feedback on availability, confidentiality, integrity, effectiveness, efficiency, value for money, and return on investment. Areas that can be reviewed include physical/environmental systems, system administration, application software, network security, business continuity, and data integrity. When auditing software, auditors look at adherence to business rules, data input validations, access control, authorization, exception handling, and logging.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as ppt, pdf, or txt
    of 8

    Information Systems

    Auditing

    Source: http://www.isaca.org
    Information Systems Audit: Overview

     Definition of IS Audit
     Elements of IS Audit
     Application software audit

    What do we look for?


    Information Systems Audit:

    What is it?

    The process of collecting evidence to


    determine whether the Information
    System:
     safeguards assets
     maintains data integrity
     achieves organizational goals effectively
     consumes resources efficiently
    Information Systems Audit:

    Why is it needed?

    Purpose of IT audit is to review and provide feedback,


    assurances and suggestions about:

     Availability
     Confidentiality
     Integrity
     Effectiveness
     Efficiency
     Value for money
     Return on Investment
     Culture and people related issues
    Information Systems Audit:

    What can or should be reviewed?

     Physical and environmental


     System administration
     Application software
     Network security
     Business continuity
     Data integrity
    Information Systems Audit:

    How to approach the audit?

    1. Inventory the information systems in use and


    categorize them
    2. Determine which of the systems have critical
    impact on functions or assets
    3. Assess what risks affect these systems and
    severity of impact of the business
    4. Rank the systems based on the above assessment
    and establish audit priority, resources, schedule
    Information Systems Audit:

    What to look for when auditing software?

     Adherence to business rules in the


    flow and accuracy in processing
     Validations of various data inputs
     Logical access control and
    authorization
     Exception handling and logging
    Information Systems Audit

    Q&A

    You might also like