IT Governance, Risk, and Compliance

Jan 21 2010   10:04PM GMT

IT Audit Fieldwork: Generally Accepted Processes – Part III

Robert Davis Robert Davis Profile: Robert Davis

The second generally accepted standard of audit fieldwork requires the study and evaluation of controls. Potential for change in audit program procedures during the study and evaluation of controls due to the acquisition and/or integration of IT is immense. Specifically, general and application controls must be examined because of their effect on electronically encoded data. For instance, activities previously decentralized and performed by several clerical personnel may be centralized into one IT program, eliminating the control previously available through segregation of functions. Consequently, an individual having access to this program and related data files may be able to make undetected changes to the program and data files as part of an illegal act scheme.

View Part I of the IT Audit Fieldwork: Generally Accepted Processes series here

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: