Posted by: Robert Davis
AA, Applications, Assurance Service, Audit Assurance, CI, Compliance Testing, Configuration Item, Files, Information Asset, Information Technology, Infrastructure, IT, IT Audit, PM, Program, Project Management, Risk Management, Substantive Testing, Testing Techniques
There are a variety of techniques available to the IT auditor for compliance and substantive testing when performing assurance engagements. Selecting a technique appropriate for the assurance task at hand, however, can be difficult. Analytically, to provide the most suitable IT audit evidence, various classification schemes can be adopted to organize the diverse testing techniques. Through these taxonomies, the IT auditor can gain an understanding regarding which technique may be most appropriate for a given situation. Within this context, determining which elements of the IT architecture are to be examined is critical to the testing technique selection process. For instance, when combined with generally accepted IT naming conventions, IT assurance testing techniques can be applied to information assets such as files, programs, or configurations — depending on the particular audit objectives and accessible audit trails.