Home > IT Blogs > IT Governance, Risk, and Compliance/

IT Governance, Risk, and Compliance:

IT Audit

123456789
March 25, 2010  8:25 PM

IT Audit Follow-up: Assessing Recommendation Resolution – Part V



Posted by: Robert Davis
AICPA, American Institute of Certified Public Accountants, Assurance Service, Attestation, Audit Report, Evidence, Follow-up Procedures, IFAC, Information Systems Audit and Control Association, International Federation of Accountants, ISACA, IT Audit, Procedures, Project Management, The IIA, The IIC, The Institute for Internal Controls, The Institute of Internal Auditors

IT audit area follow-up takes into account the materiality of reported findings and the impact if corrective action is not taken. As particulars, follow-up nature, timing and extent are dependent on

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

March 22, 2010  6:29 PM

IT Audit Follow-up: Assessing Recommendation Resolution – Part IV



Posted by: Robert Davis
AA, Assurance Service, Attestation, Audit Assurance, Audit Opinion, CA, Certified Information Systems Auditor, Certified Information Technology Professional, Certified Internal Auditor, Certified Internal Controls Auditor, Certified Public Accountant, Chartered Accountant, CIA, CICA, CISA, CITP, CPA, Engagement Letter, Evidence, Finding Form, Follow-up Activities, Information Technology, IT Audit, Project Management, Reporting

Depending on the ambit and terms of the engagement,...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

March 18, 2010  5:33 PM

IT Audit Follow-up: Assessing Recommendation Resolution – Part III



Posted by: Robert Davis
AICPA, American Institute of Certified Public Accountants, Assurance Service, Attestation, Audit Report, CA, CIA, CICA, CISA, CITP, CPA, Evidence, Follow-up Procedures, IFAC, Information Systems Audit and Control Association, International Federation of Accountants, ISACA, IT Audit, Management Response, Project Management, The IIA, The IIC, The Institute for Internal Controls, The Institute of Internal Auditors

IT auditor follow-up activities has been defined "as a process by which they determine the adequacy, effectiveness and timeliness of actions taken by management on reported engagement observations and recommendations, including...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

March 15, 2010  4:40 PM

IT Audit Follow-up: Assessing Recommendation Resolution – Part II



Posted by: Robert Davis
AICPA, American Institute of Certified Public Accountants, Assurance Service, Attestation, Audit Report, Evidence, Follow-up Procedures, IFAC, Information Systems Audit and Control Association, International Federation of Accountants, ISACA, IT Audit, Procedures, Project Management, The IIA, The IIC, The Institute for Internal Controls, The Institute of Internal Auditors

If management’s proposed actions to implement or otherwise address reported recommendations have been discussed with, or provided to, an IT auditor;...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

March 11, 2010  7:41 PM

IT Audit Follow-up: Assessing Recommendation Resolution – Part I



Posted by: Robert Davis
AICPA, American Institute of Certified Public Accountants, Assurance Service, Attestation, Evidence, Follow-up Procedures, IFAC, Information Systems Audit and Control Association, International Federation of Accountants, ISACA, IT Audit, Procedures, Project Management, The IIA, The IIC, The Institute for Internal Controls, The Institute of Internal Auditors

While management is responsible for addressing assurance engagement findings and recommendations as well as tracking resolution status; audit is responsible for establishing policies, procedures, standards and rules for follow-up to determine whether

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

March 4, 2010  6:48 PM

IT Audit Reporting: Communicating Results – Part VII



Posted by: Robert Davis
AA, AICPA, Assurance Service, Attestation, Audit Assurance, Audit Charter, Audit Opinion, CA, Certified Information Systems Auditor, Certified Information Technology Professional, Certified Internal Auditor, Certified Public Accountant, Chartered Accountant, CIA, CICA, CISA, CITP, CPA, Engagement Letter, Evidence, IFAC, ISACA, IT, IT Audit, PM, Project Management, Reporting, The IIA, The IIC

Upon acknowledgement of final audit report delivery to identified recipients, the IT auditor should await responses from key audit area personnel, as stipulated in the entity’s

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

March 1, 2010  6:41 PM

IT Audit Reporting: Communicating Results – Part VI



Posted by: Robert Davis
AA, Assurance Service, Attestation, Audit Assurance, Audit Opinion, CA, Certified Information Systems Auditor, Certified Information Technology Professional, Certified Internal Auditor, Certified Internal Controls Auditor, Certified Public Accountant, Chartered Accountant, CIA, CICA, CISA, CITP, CPA, Engagement, Evidence, IFAC, Information Technology, ISACA, IT, IT Audit, PM, Project Management, Reporting, The IIA, The IIC

The final audit report should clearly identify ‘gaps’ in controls and the source of the vulnerabilities. Of the potential vulnerabilities documented in the audit report, it is importance to identify any significant, or material, risks. It must also include recommendations to...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

February 25, 2010  7:56 PM

IT Audit Reporting: Communicating Results – Part V



Posted by: Robert Davis
Assurance Service, Attestation, Audit Assurance, Audit Opinion, Engagement, Evidence, IT Audit, Project Management, Reporting

Once the draft audit report is generated, it must be reviewed by key IT managers as well as key business managers. To facilitate this essential audit activity, the IT auditor can contact selected key audit area personnel for scheduling a ‘

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

February 22, 2010  6:13 PM

IT Audit Reporting: Communicating Results – Part IV



Posted by: Robert Davis
AA, AICPA, Assurance Service, Attestation, Audit Assurance, Audit Opinion, CA, Certified Information Systems Auditor, Certified Information Technology Professional, Certified Internal Auditor, Certified Internal Controls Auditor, Certified Public Accountant, Chartered Accountant, CIA, CICA, CISA, CITP, CPA, Engagement, Evidence, Finding Form, IFAC, IS Audit, ISACA, IT Audit, PM, Project Management, Reporting, The IIA, The IIC

Generally, following audit area findings assessment completion and ensuring appropriate working papers retention, an IT auditor documents the draft audit report based on auditing standards and...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

February 18, 2010  7:33 PM

IT Audit Reporting: Communicating Results – Part III



Posted by: Robert Davis
AA, AICPA, Assurance Service, Attestation, Audit Assurance, Audit Opinion, CA, Certified Information Systems Auditor, Certified Information Technology Professional, Certified Internal Auditor, Certified Internal Controls Auditor, Certified Public Accountant, Chartered Accountant, CIA, CICA, CISA, CITP, CPA, Engagement, Evidence, IFAC, Information Technology, ISACA, IT, IT Audit, PM, Project Management, Reporting, The IIA

Through an IT auditor’s efforts, audit findings are facts generated which directly support and evidence conclusions as well as recommendations. Audit findings are also the product of all previously performed audit work...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

123456789