//
you're reading...
Information Security, IT & TECHNOLOGY

‘Creating Audit Programs’ White Paper Introduces Template Redesign


ISACA-Logo

With the release of its white paper Information Systems Auditing Tools and Techniques:  Creating Audit Programs, ISACA describes the basic steps to create an audit program. This white paper is part of a series created to deliver practical guidance on how to perform an audit engagement—from planning to reporting and closing—that is consistent with ISACA Auditing Standards (ITAF) as well as those issued by the Public Company Accounting Oversight Board (PCAOB), the Institute of Internal Auditors (IIA), and the American Institute of Certified Public Accountants (AICPA).

Information systems (IS) audits help enterprises ensure effective, efficient, secure and reliable operation of information technology. Audits can also help confirm compliance with numerous legal and administrative regulations, and help management determine if the business is functioning well and meeting challenges. Most importantly, audits assure stakeholders of the organization’s financial, operational and ethical well-being. All of these outcomes are supported by IS audits, especially the information and related technology and systems that most businesses and public institutions rely upon for a competitive advantage.

An important component of the audit plan is the audit program. Audit programs are commonly used to document the specific procedures and steps of testing and verifying control effectiveness. The audit program’s quality has significant impact on the consistency and quality of the audit results, so it is imperative that IS auditors understand how to develop comprehensive audit programs.

The many benefits of an effective audit depend on proper and thorough planning of the audit engagement. To make this happen, the auditor and the area being audited must understand and accept the scope and objective of the audit. Once the purpose is defined, the next step is to create an audit plan that captures the agreed scope, objectives and procedures required to get the relevant, reliable and sufficient evidence to draw and support audit conclusions and opinions.

To demonstrate the process described in the white paper, ISACA has released a sample audit and assurance program developed using a five-step process to gather the necessary information to define the audit subject, objective, scope and audit methodology. The sample audit program for a virtual private network can be customized to create a specific audit and assurance program tailored to your unique needs.

The documents are intended for IT audit professionals who are either new to the profession preparing to the Certified Information Systems Auditor (CISA) or simply want to brush up on their skills.

To learn more see the white paper here.

Eva Sweet, Technical Research Manager, ISACA

[ISACA Now Blog]

About @PhilipHungCao

@PhilipHungCao, CISM, CCSP, CCSK, CASP, CIW-WSP, GICSP, PCNSE, ACSP, CCDA, DCSE, JNCIA, MCTS, MCSA, VCP5-DCV, VCP6-NV, ZCNT is a #TekF@rmer. He has 16 years' experience in ICT/Cybersecurity industry in various sectors & positions.

Discussion

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Web Stats

  • 117,099 hits
@PhilipHungCao

@PhilipHungCao

@PhilipHungCao, CISM, CCSP, CCSK, CASP, CIW-WSP, GICSP, PCNSE, ACSP, CCDA, DCSE, JNCIA, MCTS, MCSA, VCP5-DCV, VCP6-NV, ZCNT is a #TekF@rmer. He has 16 years' experience in ICT/Cybersecurity industry in various sectors & positions.

Personal Links

View Full Profile →

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 2,158 other followers

Twitter Updates

Archives

April 2016
M T W T F S S
« Mar   May »
 123
45678910
11121314151617
18192021222324
252627282930  
%d bloggers like this: