Adaptive IT Audit System

Auditors have a general requirement to provide management and business process owners with assurance and advice regarding designed and deployed controls in an entity to render reasonable assurance that relevant control objectives are being met identify where there are significant weaknesses in those controls, substantiate the risk that may be associated with such weaknesses; and proffer corrective actions for detected control weaknesses. Various institutions enable the design and operation of clear policies and good practices to control information and related technologies. Considering the suggested information controls, firmly basing the information technology (IT) audit system on control objectives removes subjectivity from the audit conclusion, replacing it with authoritative criteria. Generally accepted assurance standards, guidelines, and procedures permit preparing audit plans that address the entity’s control framework and control objectives. They should be used con... Read more

Auditors have a general requirement to provide management and business process owners with assurance and advice regarding designed and deployed controls in an entity to render reasonable assurance that relevant control objectives are being met identify where there are significant weaknesses in those controls, substantiate the risk that may be associated with such weaknesses; and proffer corrective actions for detected control weaknesses. Various institutions enable the design and operation of clear policies and good practices to control information and related technologies. Considering the suggested information controls, firmly basing the information technology (IT) audit system on control objectives removes subjectivity from the audit conclusion, replacing it with authoritative criteria. Generally accepted assurance standards, guidelines, and procedures permit preparing audit plans that address the entity’s control framework and control objectives. They should be used considering the control framework and objectives and developed into specific audit programs. However, commonly, they are neither exhaustive nor definitive. Thus, all generally accepted assurance standards, guidelines, and procedures may not apply and require tailoring to the specific environment. Individual audit objectives and practices vary considerably from entity to entity. There are many practitioner types in audit-related activities, such as external auditors, internal auditors, self-assessment evaluators, quality reviewers, and security assessors. For this reason, the audit process must be adaptive in utilization and high-level in structure. <,p> Why Should You Attend: This seminar facilitates an understanding of IT auditing standards and guidelines associated with performing IT assurance services and accepted areas of risk for most organizations through exposure to The Davis Adaptive IT Auditing System. The Adaptive IT Audit System seminar presents guidance following the general structure of planning, studying, testing, reporting, and follow-up. This structure can be applied broadly or narrowly defined IT audits. IT audit area mastery reflects professional experience and training. Regarding subject knowledge, this seminar contains a detailed preparation, documentation, and presentation system for IT audits, which can be translated, if practiced, into an exceptional professional experience. An adaptive IT audit system enables the auditor to examine specific IT audit areas against strategic, tactical, and operational control objectives, thus assuring management where controls are sufficient or advising management where audited areas need improvement. Areas Covered:: Building the IT Audit Project Plan Finalizing the IT Audit Project Plan Studying the IT Audit Area’s Controls Evaluating the IT Audit Area Controls IT Audit Test Preparation Evaluation of the IT Audit Tests Review of the IT Audit Findings Who will Benefit: Information Technology Auditors Financial Auditors Operational Auditors Control Assessors IT Professionals Information Security Professionals Risk Management Professionals Financial Officers