Please enable JavaScript.
Coggle requires JavaScript to display documents.
2.6.1 (Audit Phases (Perform preaudit planning (Once the subject,…
2.6.1
Audit Phases
Determine audit subject.
Identify the area to be audited (e.g., business function, system, physical location)
Define audit objective.
Identify the PURPOSE of the audit. For example, an objective might be to determine whether program source code changes occur in a well-defined and controlled environment.
Set audit scope
Identify the specific systems, function or unit of the organization to be included in the review.
For example, in the previous example (program changes), the scope statement might limit the review to a single application, system or a limited period of time.
This step is very important because the IS auditor will need to understand the IT environment and its components to identify the resources that will be required to conduct a comprehensive evaluation.
A clear scope will help the IS auditor define a set of testing points that is relevant to the audit and further determine the technical skills and resources necessary to evaluate different technologies and their components.
-
-