Posted by: Robert Davis
Administrative Control, Certified Information Systems Auditor, Certified Information Technology Professional, Certified Internal Auditor, Certified Internal Controls Auditor, Certified Public Accountant, External Control, IAP, Information Assets Protection, Information Security Governance, Internal Control, ISG, IT Audit
Primary drivers for IAP audit planning are verifying safeguarding existence, adequacy, and risk management. However, as with standard IT audits, a general control environment, information systems, and control procedures understanding should be obtained during engagement planning to comply with ISACA’s assurance standards and guidelines as well as other applicable attestation, audit, accounting, and IT standards. Neglecting adherence to standardized professional practices can result in unsupportable audit opinions.
“View Part I of the Auditing Information Assets Protection series here“