IT Governance, Risk, and Compliance

Oct 28 2011   8:30PM GMT

Auditing Information Assets Protection – Part III

Robert Davis Robert Davis Profile: Robert Davis

Usually, auditors with an ‘administrative control’ abstraction level agree that such controls might be examined for the purpose of recommending managerial improvements. However, they do not consider IT security auditable unit examinations beyond access controls necessary for the purpose of formulating an opinion on financial statements. Contrary to this ‘administrative control’ belief, when an IT security examination encompassing all aspects of IAP is performed as part of the financial statement audit, an IT security related assessment is a comprehensive effort to evaluate the controls over, as well as reliability and integrity of, reported financial data.

View Part I of the Auditing Information Assets Protection series here

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: