Page 21 - Auditinf Electronic System
P. 21

No difference exists between IT auditing and general auditing
 Phases. IT auditingis typically a subset of the overall audit; the portion that invol
 ves computer technology is the subset. It is integrated in every phase and lead to
 widening the scope of auditor attention to IT related matters, as Follows:

 Phase 1: regarding accepting the audit client:

        The auditor Must have It Skilled Staff member to assign to the audit
 engagement before accepting the client. Not Just Accounting Skills only.

        Professional IT certifications are widely spread and pursued as:
        Certified Information Systems Auditor (CISA): from The Information
 Systems Audit and Control Association (ISACA) help develop your knowledge for
 conducting IT audits
        Certified IT Auditor (CIA): The Institute of Internal Auditors (IIA) offers
 the CIA certification. This certification helps develop your knowledge for
 conducting internal audits.
        GIAC Systems and Network Auditor Certification (GSNA): Global
 Information Assurance Certification (GIAC) offers the GIAC Systems and Network
 Auditor Certification. This certification validates knowledge of risk assessment
 techniques, auditing and reporting

 Phase 2 regarding audit planning and designing audit approach:
     1) understanding client control environment:
        Auditor must understand his client Its environment and its related
        complications whether:
       ▪ it`s infrastructure
       ▪ IT Implication on the client industry as banking sector applying internet
          banking.

     2) assessment of internal control and control risk assessment:
       ▪ IT has increased Systems security breaches hence increased internal
           control risk
       ▪ Auditor must Widen the scope of risk assessment procedures, to assess
           internal control risk related to It and effectives of IT controls applied to
           face this risk.

                                                           22

                                                                             21

‫جميع الحقوق محفوظة ـ الإعتداء على حق المؤلف بالنسخ أو الطباعة يعرض فاعله للمسائلة القانونية‬
   16   17   18   19   20   21   22   23   24   25   26