Please enable JavaScript.
Coggle requires JavaScript to display documents.
Audit steps, objectives and types (Types of Audit (Compliance audits…
Audit steps, objectives and types
Project management techniques for managing and administering audit
projects include the following basic steps:
Steps
-
Audit tasks across timeline optimizing resource use realistic estimate of time requirements with proper consideration given to auditee.
-
Monitor project activity
Actual progress vs. Planned audit steps
To ensure challenges managed proactively
and scope completed within time and budget.
Audit objectives
focus on substantiating that internal controls exist to minimize business risk and that they function as expected
-
confidentiality, integrity, reliability and availability of information and IT resources
-
Audit management may give an IS auditor a general control objective to review and evaluate when performing an audit.
Types of Audit
Compliance audits
Specific regulatory or industry standards
e.g Payment Card Industry Data Security Standard (PCI DSS) audits Health
Insurance Portability and Accountability Act (HIPAA)
-
-
-
-
IS Audits
collects and evaluates evidence to determine whether the information systems and related resources adequately
-
provide relevant and reliable
information,
maintain data and
system integrity and availability,
-
internal controls that provide reasonable assurance that business, operational and control objectives will be met and that undesired events will be prevented, or detected and corrected, in a timely manner.
-
Forensic audits
specialized in discovering, disclosing and following up on fraud and crimes
-
IS Audit Objectives
A key element in planning an IS audit is to translate basic and wide-ranging
audit objectives into specific IS audit objectives
One of the primary purposes of an IS audit is to identify control objectives and the related controls that address the objective.
-
-
Audit general steps
The process of auditing includes ,
-
formulating audit objectives,
identifying audit criteria,
performing audit procedures,
reviewing and evaluating evidence,
forming audit conclusions and opinions,
-
-
Audit management must ensure the availability of adequate audit resources and a schedule for performing the audits and, t.
in the case of internal IS audit, for follow-up reviews on the status of corrective actions taken by management