Defining and Planning the Scope of an IT Audit

May 27, 2010 09:23 by nirav

IT Audit is the process of collecting and evaluating evidence to determine whether a computer system has been designed to maintain data integrity, safeguard assets, allows organisational goals to be achieved effectively, and uses resources efficiently. The most crucial aspect of conducting an IT audit is to well define the scope and objective of what would be covered as part of this audit. Scope would mean what the organization would like to include such as time period and departments. Objectives are what the organization is trying to achieve. Example: Comply with legal requirements etc.

An audit’s primary objective is to examine key controls and ensure that:

Systems are in place departmentally and across the organization

Information in the systems are reliable and integrity has not been compromised

Compliance exists with policies, procedures, laws, and regulations.

Assets are safeguarded and verify the existence of those assets.

Operations or processes are consistent with established management goals and objectives.

Employees in the organization are enabled to successfully perform their duties, discharge their responsibilities and pertinent information concerning their activities is being reviewed.

While deciding on the scope of the audit, care should be taken to clearly define the objective that is sought to be met by this audit. Also for every control one must take into account the amount of risk if that particular activity is not executed or that particular control has been breached. Scope of audit could be just to meet to company procedures or it may be to comply with legal requirements. Also the coverage of the audit, for example entire organization or just one department should also be specified. If the audit is done as per part of a client requirement they may also have a say in deciding the locations or organizational activities that are to be included in the audit. In that case the scope and depth of the audit should be designed to meet the client information security needs. If appropriate even the auditee can be included in deciding the scope of the audit. The key here is to stay within the scope decided and not to wander from it.

The organization would also need to ensure that the resources committed to the audit are sufficient to meet the decided scope and objective. The primary audit objectives are to review the original data and processes to determine the level of procedural compliance, review the procedures themselves, and produce an audit report on the accuracy of the data and level of compliance. This usually is important in a range of different industries since stakeholders would want to know need to know how much they can rely on reports coming in from various processes and the level of risk in different areas of the operation. The risk of audit error is an important audit objective. This just implies that the auditor came to a wrong conclusion or could not detect a non conformance. For example, if the purpose of the audit was to identify the rate of compliance with legal requirements, and the auditor confirmed compliance was found, the audit risk is the chance that this is not the case and that the auditor missed it. Other objectives of audit are to assist management in the pursuit of return on investment. This is achieved through economic, efficient and effective use of resources.

Audit also would be conducted by people who are not from the process being reviewed. Hence the organization may have a separate internal audit team or get help from external auditors to conduct the audit. However this needs to be planned in advance.

Conclusion:

Defining the scope of audit helps organization prepare a blue print of the desired action. The audits can get completed in time. Allocation of work gets better as well as the reporting too. It also provides confidence to the process owners about the working of various departments. It helps in the prevention and detection of errors. A well scoped and planned audit also provides an independent opinion of the auditor about business condition.

Be the first to rate this post

Currently 0/5 Stars.
1
2
3
4
5

Cost of Governance Risk and ComplianceGovernance, Risk, and Compliance Management: An Operational ApproachSecuring the Clouds

Comments

June 3. 2010 22:54

I am an accounts student and i learned a lot from your blog.I am working in audit department and hope to learn more from you on this topic.

catering business plan

June 13. 2010 18:42

thanks for this good information !

annonces emploi

June 17. 2010 08:31

You may have noticed in my spell descriptions that the spells do not work instantly. That is because there is really no such thing as instant spells

Spells That are Real

July 16. 2010 03:47

nice way to present infrmation this, your blog is very easy for the user to read

penusi david

July 16. 2010 06:34

Hey man, was just browsing through the internet looking for some information and came across your blog. I am impressed by the information that you have on this blog. It shows how well you understand this subject. Bookmarked this page, will come back for more. You, my friend, ROCK!!!

hgh

July 16. 2010 14:36

hgh

July 27. 2010 15:41

This is amazing!!

Bad Faith Insurance Claims

August 7. 2010 11:56

Visiting your Blog today. Thanks for the update you have nicely covered this topic. keep it up

workplace accidents videos

August 15. 2010 08:09

this site is really great.. nice layout

vigrx

September 25. 2010 14:12

Destle.com provide you online psychic reading experts, online consultants love and relationship experts, live health experts, Medical consultants, online consultants for your finance, computers, numerology, and marriage problem we given you immediate help

Online Love And Romance Experts

September 25. 2010 14:12

This is a great blog! Very informative

SEO agency

November 28. 2010 07:36

The Zune concentrates on being a Portable Media Player. Not a web browser. Not a game machine. Maybe in the future it'll do even better in those areas, but for now it's a fantastic way to organize and listen to your music and videos, and is without peer in that regard. The iPod's strengths are its web browsing and apps. If those sound more compelling, perhaps it is your best choice.

Tyson F. Gautreaux

December 12. 2010 04:38

To fill the hour-that is happiness.

Virginia payday loans

January 15. 2011 00:55

I love this blog

Payday Loans Online

January 16. 2011 05:07

Write simply writes essays based on your description. Fill order essay from with topic and details of your essay, one of our professional writers will immediately get to work and begin researching your topic. We write original and non-plagiarized essays.

quality essays

January 19. 2011 00:11

Great blog, keeping me from working

Payday Loans Online

January 19. 2011 04:51

Interesting post :)

Payday Advance

January 23. 2011 12:09

Thanks,have a good time in diablo 2!

diablo 2 cd key

January 25. 2011 17:52

What a super blog!

Charlie

March 13. 2011 08:08

We provide osteopathy, Chiropractic, acupuncture, massage and nutrition services in the North Ryde, Lane Cove, Macquarie Park and Ryde areas of Sydney, NSW.

pregnancy massage

March 16. 2011 05:24

nd Ryde areas of Sydney, NSW.

thomas sabo

March 18. 2011 13:08

A payday loan is a small, short-term loan that is intended to cover a borrower's expenses until his or her next payday. The loans are also sometimes referred to as cash advances, though that term can also refer to cash provided against a prearranged line of credit such as a credit card. <a href="http://www.paydayloanguy.com";>Payday Loan Guy</a>

William Barentine

March 21. 2011 10:33

thank you for this.. by the way, your layout is great.

vigrx plus

March 24. 2011 16:31

Its been nice to go through your post.
It has given me much knowledge & so many valuable information.

I'm feeling very nice to be here. so enjoyable...!

travel marketing

March 25. 2011 19:20

Wow! Great post. Thanks again...

poland flower

March 25. 2011 19:21

This website is pretty cool!

mothers day flowers delivery Japan

March 30. 2011 20:12

That is a great post, indeed!
I liked very much to go through it...

travel marketing

April 20. 2011 02:48

This blog is really Cool! You can visit my site for the upcoming fight of Pacquiao vs Mosley. http://pacquiao-vs-mosley-live-stream-fight.blogspot.com/2011/03/pacquaio-vs-mosley-live-streaming.html

pacquiao vs mosley

May 6. 2011 02:56

pacquiao vs mosley

May 8. 2011 10:57

your blog is very informative.... i love reading it!

pacquiao vs mosley

May 19. 2011 23:10

What a great ability of writing this post contains. Its been a true pleasure to go through your post. Keep up this good working.

mspa B-130

May 28. 2011 10:09

The largest selection of violin strings on the internet. Great prices, world class service.

Dominant Violin Strings

June 9. 2011 19:00

A look into the world of heating through Infrared Heaters. Infrared heaters have numerous uses and are much more efficient than the common immobile heaters.

infrared quartz heaters

June 16. 2011 04:52

nice way to present infrmation this, your blog is very easy for the user to read

Pandora Bracelets

July 1. 2011 08:23

I really like your blog and there are some interesting points made. There are so many sites out there which are badly presented that it's a pleasant suprise to find a good one.

alkalizer water

August 6. 2011 14:44

Save 20% now on all horse saddles storewide. Featuring the most popular brands and styles from Abetta, Fabtron, Big Horn, TexTan, American Saddlery, Saddlesmith of Texas and more!

extra large dog doors

August 8. 2011 07:48

Save 20% now on all horse saddles storewide. Featuring the most popular brands and styles from Abetta, Fabtron, Big Horn, TexTan, American Saddlery, Saddlesmith of Texas and more!

best pitching machine

August 11. 2011 17:47

Patioheaterz.com offers information on selecting a Patio Heater, including Outdoor and Electric Patio Heaters and Patio Heating.

best propane patio heater

August 15. 2011 08:36

However this needs to be planned in advance.

apb cash

August 16. 2011 22:37

We write original and non-plagiarized essays.

buy dragon nest gold

August 20. 2011 08:40

Based in Lexington, KY, Trifecta designs clean and intuitive web presences, develop web-based applications specific to your needs, and effectively market the results. So get noticed— get started today.

SEO Lexington ky

September 8. 2011 01:53

This is a great post. I think there is many thing to learn from this post. So i request all for visiting the site.

anonymous proxy

September 12. 2011 15:52

Now i'm and so pleased to obtain determined your site. I need your subject matter who have utilized here. Stunning employment.
<a

good online casino

September 17. 2011 06:13

ATV Part Center is a full-service, online Atv parts catalog tailored to the needs of any Polaris ATV or Polaris Ranger owner.

ATV Parts

September 19. 2011 21:21

Scope of audit could be just to meet to company procedures or it may be to comply with legal requirements. Also the coverage of the audit, for example entire organization or just one department should also be specified.

CPA-traffic

September 23. 2011 10:24

The most crucial aspect of conducting an IT audit is to well define the scope and objective of what would be covered as part of this audit.

viral marketing forums

October 31. 2011 18:00

This is the homepage for Chapelboro.com - the community portal for the Chapel Hill, Carrboro, Hillsborough, and Orange County community.

Chapel Hill Photos

October 31. 2011 18:34

Johnson & Repasky's experience in the area of petroleum marketing law and litigation is unmatched in the state of Kentucky, and extends regionally.

Petroleum Litigation

November 1. 2011 00:54

Trover Solutions is the premier provider of healthcare recoveries and insurance subrogation in the U.S.

http://www.troversolutions.com/

November 1. 2011 01:39

Things to do in Lexington KY, including lexington event calendars, event photos, movie times, keeneland, uk sports, and so much more.

ford lexington ky

November 3. 2011 03:10

Searching for Toyota south motors in Lexington ky? Then visit topsinlex.com, one of the best Toyota Lexington ky classified website. You will get all the information about Toyota Lexington.

toyota lexington ky

November 13. 2011 21:09

This is getting a bit more subjective, but I much prefer the Zune Marketplace. The interface is colorful, has more flair, and some cool features like 'Mixview' that let you quickly see related albums, songs, or other users related to what you're listening to. Clicking on one of those will center on that item, and another set of "neighbors" will come into view, allowing you to navigate around exploring by similar artists, songs, or users. Speaking of users, the Zune "Social" is also great fun, letting you find others with shared tastes and becoming friends with them. You then can listen to a playlist created based on an amalgamation of what all your friends are listening to, which is also enjoyable. Those concerned with privacy will be relieved to know you can prevent the public from seeing your personal listening habits if you so choose.

Sulfate Shampoo

November 14. 2011 19:48

Sorry for the huge review, but I'm really loving the new Zune, and hope this, as well as the excellent reviews some other people have written, will help you decide if it's the right choice for you.

Sulfate Free Shampoo

December 18. 2011 12:58

Hi, I found your post really helpful. It helped me all the way in completing my assignment, I am also giving a reference link of your blog in my case study. Thanks for posting such informative content. Keep posting.

Sharjah hotel apartmentsjah

Add comment

Name*
E-mail* (Will show your Gravatar icon)
Website
Country

Comment*

Live preview

February 5. 2012 11:05

Defining and Planning the Scope of an IT Audit

Related posts

Comments

Add comment

Live preview

Search

Tags

Categories

Blogroll

Disclaimer