Information Systems Auditing Tools & Techniques: Creating Audit Programs
Audits are important tools for organizations. A thoroughly conducted audit program can assure organizational stakeholders of the financial, operational and ethical well-being of an organization. It should confirm the effectiveness of current operations and on-going compliance with administrative or legal regulations. Or it can reveal the need for change or urgent action.
Information system (IS) audits support all of these outcomes, focusing on the information and related technology and systems that organizations depend on for competitive advantages.
However, an audit’s results are only as good as the effort that went into planning and preparing the audit engagement. The scope and objective of the audit must be clearly understood, so the purpose is clearly defined. From there, an audit plan must be created that incorporates the scope and purpose, that defines the procedures for obtaining evidence, and that supports the eventual audit conclusions and opinions.
To help address these issues and ensure the best possible outcomes for your audit programs, ISACA has created the FREE White Paper, Information Systems Auditing: Tools and Techniques— Creating Audit Programs. It outlines the basic steps necessary to develop comprehensive audit programs that clearly and consistently document the procedures used to test controls and gather supporting data.
Related Items:
Sample Audit and Assurance Program in 5 Steps—Virtual Private Network
Infographic—Audit Plan Activities: Step-By-Step