1 / 34

Seminar Information Systems IT auditing

Seminar Information Systems IT auditing. Conducted by Prof. dr K.M. van Hee A.Kisjes RA/RE semester 1 2008. Topics. Principles of auditing Principles and techniques of IT auditing Computer science methods for IT auditing IT auditing for specific business processes

pheideman
Télécharger la présentation

Seminar Information Systems IT auditing

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Seminar Information Systems IT auditing Conducted by Prof. dr K.M. van Hee A.Kisjes RA/RE semester 1 2008 Dept of Mathematics and Computer Science

  2. Topics • Principles of auditing • Principles and techniques of IT auditing • Computer science methods for IT auditing • IT auditing for specific business processes • Principles of IT governance • Principles of IT risk management • Security aspects of auditing Dept of Mathematics and Computer Science

  3. Activities • It is mandatory to follow the lectures!!! • Study of literature • Lectures by: • Organizers • External experts • Student presentations (2 x) • Model of a generic business process and its control issues • Essay about On Line Auditing or • Design of an On Line Auditing Tool • Multiple choice test for IT auditing concepts Dept of Mathematics and Computer Science

  4. Lectures overview (1-5) • Concepts (1)……………………………..KvH • Concepts (2)……………………………..KvH • General auditing principles……..………AK • IT auditing techniques…………………..AK • CS techniques for IT auditing…………..KvH Dept of Mathematics and Computer Science

  5. Lectures overview (6-10) • Stud. pres: Revenue cycle • Stud. pres: Expenditure cycle • ITgovernance……………………….....T.Thiadens • Stud. pres: Production cycle • Stud. pres: HR and Payroll cycle Dept of Mathematics and Computer Science

  6. Lectures overview (11-15) • Security aspects……………………S.Etalle • IT auditing in practice………………M.Verdonck • Stud. pres: essay or design • Stud. pres: essay or design • Stud. pres: essay or design Dept of Mathematics and Computer Science

  7. Lecture 1 General auditing principles

  8. Dept of Mathematics and Computer Science

  9. Dept of Mathematics and Computer Science

  10. 5 components of Assurance Dept of Mathematics and Computer Science

  11. Actors in an assurance engagement Dept of Mathematics and Computer Science

  12. Levels of Assurance: Examination or Reviewrefers to the degree to which the subject matter has been examined or reviewed. There are two levels of assurance: Dept of Mathematics and Computer Science

  13. Assurance and Attestation Risk Dept of Mathematics and Computer Science

  14. Assertions and representations Dept of Mathematics and Computer Science

  15. Professionals standards and quality review Dept of Mathematics and Computer Science

  16. (IT) Assurance Roadmap IT Assurance plans Detailed scope and objectives Assurance conclusion Dept of Mathematics and Computer Science

  17. IT Assurance execution roadmap Dept of Mathematics and Computer Science

  18. IT Assurance Activities Dept of Mathematics and Computer Science

  19. Relation to other assurance stages Dept of Mathematics and Computer Science

  20. Types of IT Assurance Dept of Mathematics and Computer Science

  21. Scoping: Enterprise Architecture for IT Dept of Mathematics and Computer Science

  22. Business and IT Goals as Drivers for IT Assurance Planning Dept of Mathematics and Computer Science

  23. Top 5 Business Issues (july 2008) Dept of Mathematics and Computer Science

  24. General Standards Dept of Mathematics and Computer Science

  25. General standards. Suitable criteria include: Dept of Mathematics and Computer Science

  26. General Standards: Selection of Criteria Criteria—In addition to suitability and availability, the selection of IT assurance criteria should also consider their source, in terms of their use and thepotential audience. For example, when dealing with government regulations, criteria based on assertions developed from the legislation and regulations that apply to thesubject matter may be most appropriate. In other cases, industry or trade association criteria may be relevant. The IT audit and assurance professional must consider theselection of criteria carefully and be able to justify the selection. Listed in order of consideration are possible sources: Dept of Mathematics and Computer Science

  27. General StandardsCurrent ISACA IS Auditing Standards include the following general standards: • S2 Independence • S3 Professional Ethics and Standards • S4 Competence • S6 Performance of Audit Work Dept of Mathematics and Computer Science

  28. General StandardsCurrent ISACA IS Auditing Standards include the following general standards: • S2 Independence • S3 Professional Ethics and Standards • S4 Competence • S6 Performance of Audit Work Dept of Mathematics and Computer Science

  29. Performance Standards • Performance standards establish baseline expectations in the conduct of IT assurance engagements. • While these standards apply to assurance professionals performing any assurance assignment, compliance is particularly important when the IT audit and assurance professional is acting in an audit capacity. Accordingly, the performance standards focus on the IT audit and assurance professional’s attention to • the design of the assurance work, • the conduct of the assurance, • the evidence required, and • the development of assurance and audit findings and conclusions. Dept of Mathematics and Computer Science

  30. Performance Standards Performance standards include: Dept of Mathematics and Computer Science

  31. Performance StandardsCurrent ISACA IS Auditing Standards include the following performance standards: • S1 Audit Charter • S5 Planning • S9 Irregularities and Illegal Acts • S10 IT Governance • S11 Use of Risk Assessment in Audit Planning • S12 Audit Materiality • S13 Using the Work of Other Experts • S14 Audit Evidence • S15 IT Controls • S16 E-commerce Dept of Mathematics and Computer Science

  32. Reporting standards: based on users needs Dept of Mathematics and Computer Science

  33. Reporting StandardsCurrent ISACA IS Auditing Standards include the following reporting standards: • S7 Reporting • S8 Follow-up Activities Dept of Mathematics and Computer Science

  34. Auditing ERP Systems Dept of Mathematics and Computer Science

More Related