The global Information Technology (IT) community considers becoming a Certified Information Systems Auditor (CISA) a major accomplishment. To obtain the CISA designation information systems auditors, controls, or security professionals must pass a rigorous test demonstrating knowledge in a multitude of information systems audit process areas. Information Systems Audit and Control Association (ISACA) standards and guidelines, audit risk, and audit objectives are just a few knowledge requirements CISA candidates must master.
“IT Auditing: An Adaptive Process” provides a proven approach to IT audit planning, study, evaluation, testing, and reporting methods. Systemically, this book covers major steps in the IT audit process not chronicled in ISACA standards and guidelines. In terms of content, this workbook converts selected audit standards and guidelines into practical applications using detailed examples. This workbook also allows auditors to understand various steps and processes required to adequately initiate, document, and compile IT audit phases. Through this book, an auditor will acquire an appreciation for IT financial statement, government, and external auditing. Collectively, “IT Auditing: An Adaptive Process” can function as a study guide for CISA examination preparation as well as an audit reference manual.
Organization of Workbook
IT audit area mastery reflects professional experience and training. Regarding subject mastery, this book contains a detail preparation, documentation, and presentation process for IT audits; which can be translated, if practiced, into professional experience.
Chronologically, this book describes required audit steps performed during an audit area assignment.
Specifically, in Chapter 1, audit objectives, risk, and materiality from an IT auditor’s perspective are described, while simultaneously presenting other equivalent audit standards and guidelines. Furthermore, auditor opening conference communication is discussed at the chapter’s conclusion.
Chapter 2 continues the IT audit process by expanding discussion on legislative enactments effecting audit area study. This chapter also presents management’s control objective determination as well as studied controls evaluation. At the chapter’s end audit risk and testing reassessment is discussed.
Chapter 3 presents standard auditor testing for IT audit areas based on related control objectives. The types of audit testing are categorized and explained to demonstrate the testing diversity available to the IT auditor. This chapter concludes with a discussion concerning the evaluation of test results and the reassessment of audit area audit risk.
Lastly, Chapter 4 provides the steps required to report on an IT audit. A detailed examination of finding form analysis is discussed as well as draft report preparation. Furthermore, working paper documentation considerations are conveyed to assist in ensuring useful, sufficient, reliable, and relevant evidence. Initial audit report follow-up procedures are explained at the end of this chapter.
Each chapter contains a bibliography of material discussed within that chapter.
Throughout the workbook headings cross reference the bibliography such as 1.1.1 Audit Objectives3, 4, 5, 6 means that this specific section references items 3, 4, 5, and 6 of Chapter 1’s bibliography for supporting subject material.
IT Auditing: An Adaptive Process
Publication date: 20/11/2010
“IT Auditing: An Adaptive Process” is a self-contained workbook.
El vendedor asume toda la responsabilidad de esta entrada.