IT Governance, Risk, and Compliance

Jan 28 2010   4:56PM GMT

IT Audit Fieldwork: Generally Accepted Processes – Part V

Robert Davis Robert Davis Profile: Robert Davis

Concepts and procedures involved in the auditor’s study and evaluation of controls for manual systems are also applicable when processing is performed by IT. Commonly, a primary objective of the control study and evaluation is to determine the extent designed controls meet defined criteria; while a secondary objective of the control study and evaluation is to determine the extent that the auditor can rely on the examined configuration for restricting subsequent audit procedures and to plan those subsequent audit procedures deemed necessary.

Basic control system procedures are applicable to all IT that process datum. However, the IT auditor must be able to distinguish controls at a detail level in order to properly evaluate the appropriateness of application. Study of the defined control system is followed by evaluation of the corresponding control system to determine the extent that the IT auditor can rely on deployed controls in utilizing, or designing, subsequent audit procedures.

View Part I of the IT Audit Fieldwork: Generally Accepted Processes series here

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: