1 / 22

IT AUDITS

IT AUDITS. IT audits: pemeriksaan terhadap proses atau data yang melekat dengan teknologi informasi. Berkaitan dengan internal, external, dan fraud audits Jangkauan pemeriksaan IT semakin meningkat

goggin
Télécharger la présentation

IT AUDITS

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. IT AUDITS • IT audits:pemeriksaan terhadap proses atau data yang melekat dengan teknologi informasi. • Berkaitan dengan internal, external, dan fraud audits • Jangkauan pemeriksaan IT semakin meningkat • Teknik Audit Berbantuan Komputer (TABK)  CAATTs (Computer Assisted Audit Tools and Techniques)  audit through computer • IT governance as part of corporate governance • Sertifikasi  CISA (Certified Information Systems Auditor) • Standar, pedoman dan sertifikasi dikelola oleh: ISACA (Information Systems Audit and Control Association)

  2. Audit Around The Computer • Seperti audit manual • Hanya memeriksa input dan output saja, tanpa pemeriksaan lebih dalam terhadap penggunaan program. Jika input dan output benar  dianggap benar • Dilakukan jika sebagian besar pengolahan data masih manual dan penggunaan komputer hanya ut beberapa bagian saja

  3. Audit With The Computer • Selain input dan output juga diperiksa proses pada komputer, dapat digunakan file-file transaksi yang berkaitan

  4. Audit Through The Computer • Melaksanakan pekerjaan audit dengan bantuan komputer

  5. IT AUDITS IT audits (Hall, 2005): • Focus on the computer-based aspects of an organization’s information system • Assess the proper implementation, operation, and control of computer resources

  6. Information System Auditing(Weber,1999) “IS Auditing is the process of collecting and evaluating evidence to determine whether a computer system safeguards assets, maintains data integrity, allows organizational goals to be achieved effectively, and uses resources efficiently”

  7. The Work of an IT Auditor • Evaluating controls over specific applications • Providing assurance over specific processes • Providing third-party assurance • Penetration testing • Supporting the financial audit • Searching for IT-based fraud (Hunton, 2004)

  8. What is an IT Audit? … most accounting transactions to be in electronic form without any paper documentation because electronic storage is more efficient. … These technologies greatly change the nature of audits, which have so long relied on paper documents.

  9. IT Audit? • Proses pengumpulan dan evaluasi fakta/bukti untuk menentukan apakah sistem (terkomputerisasi): • Menjaga aset • Memelihara integritas data • Memampukan komunikasi & akses informasi • Mencapai tujuan operasional secara efektif • Mengkonsumsi sumber daya secara efisien

  10. Issues in IS Auditing • Why we are concerned about control and audit of computer systems • Nature & types of management and application controls and their relative strengths and limitations • Types of evidence collection techniques available • Types of evidence evaluation techniques available • How to do an IS audit and how to manage its

  11. Need for Control & Audit of Computer Systems

  12. OBJECTIVES OF IS AUDITING Improved asset safeguarding Improved system effectiveness Improved system efficiency IS Auditing Improved data integrity

  13. Changes to Evidence Collection • New internal control technology needed • Greater number and diversity of internal controls • Internal controls are more critical • New evidence collection technologies needed • Greater number and diversity of evidence collection techniques

  14. Changes to Evidence Evaluation • Computer errors tend to be deterministic rather than stochastic  computer – always executes incorrectly • Overall evaluation of the evidence collected is more difficult to undertake

  15. Effects of Other Disciplines on IS Auditing Traditional Auditing Computer Science Behavioral Science IS AUDITING IS/IT Security Management IS Management

  16. CISA Examination Content Areas

  17. Impact IT on Audit Profession • Education programs needed • Quality publications needed in IT area • IT Chapter needed • New methods and fresh approaches required • Auditing in real time

  18. Audit Planning Phase Review of Organization’s Policies, Practices & structure Review General and Application controls Plan test of controls and Substantive Testing Procedures Phases of an IS audit Test of Controls Phase Substantive Testing Phase Perform Tests of Controls Perform Substantive Tests Evaluate Test Results Evaluate results and Issue Auditor’s report Determine degree of Reliance on controls Audit Report

  19. THE IT ENVIRONMENT • Selalu diperlukan sistem pengendalian internal yang efektif  pemanfaatan teknologi informasi. • Lingkungan dengan IT menciptakan ‘kerumitan’ baru dari sistem ‘kertas’ sebelumnya: • Data digital menjadi utama • pentingnya akses dan hubungan dalam jaringan • Meningkatnya cara kecurangan atau kejahatan baru yang mungkin sulit dideteksi. (baik manajemen ataupun dari pihak luar)

  20. THE IT ENVIRONMENT • Audit planning • Tests of controls • Substantive tests • CAATT (Computer Assisted Audit Tools and Techniques)

  21. INTERNAL CONTROL • is … policies, practices, procedures … designed to … • safeguard assets • ensure accuracy and reliability • promote efficiency • measure compliance with policies

More Related