IT Governance, Risk, and Compliance

Oct 28 2011   8:30PM GMT

Auditing Information Assets Protection – Part III



Posted by: Robert Davis
Tags:
Administrative Control
Certified Information Systems Auditor
Certified Information Technology Professional
Certified Internal Auditor
Certified Internal Controls Auditor
Certified Public Accountant
External Control
IAP
Information Assets Protection
Information Security Governance
Internal Control
ISG
IT Audit

Usually, auditors with an ‘administrative control’ abstraction level agree that such controls might be examined for the purpose of recommending managerial improvements. However, they do not consider IT security auditable unit examinations beyond access controls necessary for the purpose of formulating an opinion on financial statements. Contrary to this ‘administrative control’ belief, when an IT security examination encompassing all aspects of IAP is performed as part of the financial statement audit, an IT security related assessment is a comprehensive effort to evaluate the controls over, as well as reliability and integrity of, reported financial data.

View Part I of the Auditing Information Assets Protection series here

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: