IT Governance, Risk, and Compliance

IT Audit Reporting: Communicating Results – Part I

February 11, 2010, 11:05 am

IT audit area reporting conveys an opinion concerning control adequacy based on planning, studying, testing and evaluating material or significant auditable units. Whether an IT auditor is engaged in...

View Article

IT Audit Reporting: Communicating Results – Part II

February 15, 2010, 11:18 am

The process utilized to ascertain ‘the degree of correspondence’ between assertions, or direct subject matter, and established criteria for IT audits is similar to that employed for manual audits; yet,...

View Article

IT Audit Reporting: Communicating Results – Part III

February 18, 2010, 11:33 am

Through an IT auditor’s efforts, audit findings are facts generated which directly support and evidence conclusions as well as recommendations. Audit findings are also the product of all previously...

View Article

IT Audit Reporting: Communicating Results – Part IV

February 22, 2010, 10:13 am

Generally, following audit area findings assessment completion and ensuring appropriate working papers retention, an IT auditor documents the draft audit report based on auditing standards and...

View Article

IT Audit Reporting: Communicating Results – Part V

February 25, 2010, 11:56 am

Once the draft audit report is generated, it must be reviewed by key IT managers as well as key business managers. To facilitate this essential audit activity, the IT auditor can contact selected key...

View Article

IT Audit Reporting: Communicating Results – Part VI

March 1, 2010, 10:41 am

The final audit report should clearly identify ‘gaps’ in controls and the source of the vulnerabilities. Of the potential vulnerabilities documented in the audit report, it is importance to identify...

View Article

IT Audit Reporting: Communicating Results – Part VII

March 4, 2010, 10:48 am

Upon acknowledgement of final audit report delivery to identified recipients, the IT auditor should await responses from key audit area personnel, as stipulated in the entity’s audit charter or...

View Article

IT Audit Reporting: Communicating Results – Part VIII

March 8, 2010, 1:40 pm

IT auditors, like all auditors, are responsible for ‘communicating results to interested individuals.’ Interested individuals can include other members of the audit team, who must integrate the IT...

View Article

IT Audit Follow-up: Assessing Recommendation Resolution – Part IV

March 22, 2010, 11:29 am

Depending on the ambit and terms of the engagement, external IT auditors may rely on an entity’s internal IT audit function to follow-up on their agreed-upon recommendations. Hence, a follow-up process...

View Article