Week 02 – Information Technology and IT Audit
Week 02 – Information Technology and IT Audit
Now that we have a general idea of the role and necessity of the audit function, we will turn our attention to the IS Auditor (I use ‘IT’ and ‘IS’ interchangeably for the following reasons: 1) habit. I’ve always used the term ‘Information Technology.’ Old habits are hard to change; 2) ‘IS’ or Information Systems is the term ISACA likes to use. I’ll try to stick to ‘IS’ as best as I can. Just be aware…)
This week we will spend time discussing the role of IS in the enterprise, then we will do a deeper dive into its many services (but not too deep…).
Readings:
Articles:
- “What Every IT Auditor Should Know About Scoping an IT Audit” by Tommie Singleton.
- “Due Professional Care” by Fredrick Gallegos
Standards and Guidelines:
- GS 1001 Charter / GG 2001 Audit Charter
- GS 1002 Organizational Independence / GG 2002 Organizational Independence
- GS 1003 Professional Independence / GG 2003 Professional Independence
- GS 1005 Due Professional Care / GG 2005 Due Professional Care
Note: GS – General Standard; GG – General Guideline; PS – Performance Standard; PG – Performance Guideline; RS – Reporting Standard; RG – Reporting Guideline
CISA Review Manual:
- 1.2 Management of the IS Audit Function
Additional Resources:
Please bring to class.