IT Governance, Risk, and Compliance

Jan 21 2010   10:04PM GMT

IT Audit Fieldwork: Generally Accepted Processes – Part III



Posted by: Robert Davis
Tags:
AA
AICPA
Applications
Assurance Service
Audit Assurance
CIA
CICA
CISA
Compliance Testing
Files
Information Technology
Infrastructure
ISACA
IT Audit
Program
Project Management
Risk Management
Study
Substantive Testing
The IIA

The second generally accepted standard of audit fieldwork requires the study and evaluation of controls. Potential for change in audit program procedures during the study and evaluation of controls due to the acquisition and/or integration of IT is immense. Specifically, general and application controls must be examined because of their effect on electronically encoded data. For instance, activities previously decentralized and performed by several clerical personnel may be centralized into one IT program, eliminating the control previously available through segregation of functions. Consequently, an individual having access to this program and related data files may be able to make undetected changes to the program and data files as part of an illegal act scheme.

View Part I of the IT Audit Fieldwork: Generally Accepted Processes series here

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: