What are four areas which would be covered in an audit of IT governance?
GTAG 17 provides guidance on auditing IT governance under five main headings:
- Organization and Governance Structures.
- Executive Leadership and Support.
- Strategic and Operational Planning.
- Service Delivery and Measurement.
- IT Organization and Risk Management.
What are the auditing theories?
Audit theories provide a framework for auditing, uncovers the laws that govern the audit process and the relationship between different parties of a firm, forming the basis of the role of audit. There are many theories which may explain demand for audit services in modern societies.
What is an IT audit process?
An IT audit is the examination and evaluation of an organization’s information technology infrastructure, policies and operations. Information technology audits determine whether IT controls protect corporate assets, ensure data integrity and are aligned with the business’s overall goals.
What are the main concepts underlying auditing theory?
The basic principles of auditing are confidentiality, integrity, objectivity, and independence, skills and competence, work performed by others, documentation, planning, audit evidence, accounting system and internal control, and audit reporting.
Is audit a framework?
The Audit framework serves two basic functions: It identifies both good practice and where practice needs to improve through a systematic approach to sampling files; and. It provides senior management with assurance as to the quality of our work.
Why are the theories of auditing so important?
However, three of these theories are considered important in accounting, auditing and management. According to contingency theory, an organization must categorize specific aspects of an accounting system which is associated with certain defined circumstances and demonstrate an appropriate matching (Otley, 1980).
What do you need to know about an IT audit?
An IT audit can be defined as any audit that encompasses review and evaluation of automated information processing systems, related non-automated processes and the interfaces among them. Planning an IT audit involves two major steps: gathering information and planning, and then gaining an understanding of the existing internal control structure.
How does the practice of auditing take place?
The practice of auditing auditors agree on an attest engagement in which they “issue or does issue an examination, a review, or an agreed-upon procedures report on subject matter or an assertion about subject matter that is the responsibility of another party (e.g., management)” (Whittington & Pany, 2004, p. 2).
What are the different types of financial audits?
However, here are three types of audits: (a) audits of financial statements, (b) compliance audits, and (c) operational audits. Financial audits determine if the statements were prepared according with GAAP.