System Audit
BIT 2318 Information System Audit Outline:
1) Introduction to IT audit, purpose Types of IT audits, history of IT audit, major events that have prompted the use of and been solved using IT audit techniques. IT Audit process outline; process and phases. Planning the audit, materiality, risk assessment. 2) Effective information system audit. Evaluation of controls, types and tests of controls. Audit sampling, sampling methods, sample evaluation. 3) Audit automation and system testing: Computer assisted audit techniques. Traditional vs modern audit tools, Specialized audit software benefits and functions. Applications of CAATs. 4) Production of audit programmes. Evidence, Issuing reports, types of reports, followup activities, assessing the audit, preserving evidence. 5) Role of audit in systems development. 6) Computer forensics: definition, the forensic process, information ferensics and its applications. 7) COBIT: Control Objectives for Information and related Technology, definition, release history, cobit framework, COBIT structure, other standards. 8) ISACA: Definition, history, current status, publications.
9) CSA and ITGI. .
DEFINATION:
An information technology audit, or information systems audit, is an examination of the controls within an Information technology (IT) infrastructure. An IT audit is the process of collecting and evaluating evidence of an organization 's information systems, practices, and operations. The evaluation of obtained evidence determines if the information systems are safeguarding assets, maintaining data integrity, and operating effectively and efficiently to achieve the organization 's goals or objectives. These reviews may be performed in conjunction with a financial statement audit, internal audit, or other form of attestation engagement.
PURPOSE OF IT AUDITS:
An IT audit should not be confused with a financial statement audit. While there may be some
1) Introduction to IT audit, purpose Types of IT audits, history of IT audit, major events that have prompted the use of and been solved using IT audit techniques. IT Audit process outline; process and phases. Planning the audit, materiality, risk assessment. 2) Effective information system audit. Evaluation of controls, types and tests of controls. Audit sampling, sampling methods, sample evaluation. 3) Audit automation and system testing: Computer assisted audit techniques. Traditional vs modern audit tools, Specialized audit software benefits and functions. Applications of CAATs. 4) Production of audit programmes. Evidence, Issuing reports, types of reports, followup activities, assessing the audit, preserving evidence. 5) Role of audit in systems development. 6) Computer forensics: definition, the forensic process, information ferensics and its applications. 7) COBIT: Control Objectives for Information and related Technology, definition, release history, cobit framework, COBIT structure, other standards. 8) ISACA: Definition, history, current status, publications.
9) CSA and ITGI. .
DEFINATION:
An information technology audit, or information systems audit, is an examination of the controls within an Information technology (IT) infrastructure. An IT audit is the process of collecting and evaluating evidence of an organization 's information systems, practices, and operations. The evaluation of obtained evidence determines if the information systems are safeguarding assets, maintaining data integrity, and operating effectively and efficiently to achieve the organization 's goals or objectives. These reviews may be performed in conjunction with a financial statement audit, internal audit, or other form of attestation engagement.
PURPOSE OF IT AUDITS:
An IT audit should not be confused with a financial statement audit. While there may be some