GAAS (In traditional audit)               GAAS (In electronic audit)

    3. When the auditor determines that
       disclosures are not reasonably adequate,
       the auditor must so state in the auditor's
       report.

    4. The auditor must either express an
       opinion regarding the financial
       statements, taken as a whole, or state
       that an opinion cannot be expressed, in
       the auditor's report. When the auditor
       cannot express an overall opinion, the
       auditor should state the reasons therefor
       in the auditor's report. In all cases where
       an auditor's name is associated with
       financial statements, the auditor should
       clearly indicate the character of the
       auditor's work, if any, and the degree of
       responsibility the auditor is taking, in the
       auditor's report.

    First: General standards:

       The same like traditional audit there are 3 general standards should be satisfied
    in continuous audit.

    1) Adequate technical training and proficiency:

       The auditor must have the proper qualifications and enough experience perform
       the audit. in case of IT audit, the auditor should be well trained and has
       professional experience (at least for 2 years) on the usage of IT in accounting
       and auditing.

    2) Independence:
       The auditor must maintain independence in mental attitude in all matters relating
       to the audit. This means that, it is NOT allowed to perform IT audit and IT
       consultancy services relating the design and the security of real time
       information systems. But it is allowed to provide continuous audit &cyber
       security risk management.

32                                                             33
    ‫جميع الحقوق محفوظة ـ الإعتداء على حق المؤلف بالنسخ أو الطباعة يعرض فاعله للمسائلة القانونية‬