IT Auditing - Principles and Practices (2nd Edition)

Overview:

There exists apparent financial auditor (FA) and IT auditor responsibility overlaps. One reason this interrelationship exists is because, when planning audits, the FA and IT auditor evaluate manual as well as automated processing.

However, there is a distinguishing feature that is obvious. As most of the professional audit community is aware, an FA fundamentally focuses on financial transactions, whereas, the IT auditor places emphasis on system processing. In addition, the FA's assessment is mandated by assertions presented in financial statements. Though concerned about the same claims, the IT auditor has other reasons for performing an IT audit. Therefore, the rhetorical question is: What other reasons are there for conducting an audit? The answer: an IT auditor can direct attention towards management's assertions concerning a particular subject matter or related subject matter. Additionally, an IT auditor may focus attention to the direct subject matter. These declarations or direct subject matters do not necessarily involve financial statements.

"IT Auditing: Principles and Practices (2nd Edition)" highlights assurance assessment oversight considerations for information and related technology. Systemically, this webinar covers accepted criteria for examining information systems deployed in specific audit areas. In terms of assurance practice content, this webinar will address fiduciary responsibilities for sound IT governance, IT risk management, and IT compliance using detailed examples. In this webinar, we can discuss the suitability of using accepted information criteria to determine appropriate entity-wide IT due diligence.

Considering, as computing power has advanced, entities have become increasingly dependent on technology to carry out their operational requirements and to collect, process, maintain and report essential data. To ensure maximum value delivery from audit area assessments; oversight committee members need an evaluation methodology that enables confidence in the work performed by IT auditors. The principles outlined in this session reflect best industry practices as well as managerial experience and covered in three overarching themes: government, entity, and audit convergences. Regarding this matter, we will examine IT audit reporting and follow-up processes to enable enhancement of audit committee risk assessments. At the end of this session, the speaker will handle your specific questions and address any challenges you have/had in IT auditing process.

IT Auditing: Principles and Practices (2nd Edition) furnishes a proven approach to IT audit planning, study, evaluation, testing, and reporting methods. Systemically, this webinar covers major steps in the IT audit process not chronicled in ISACA standards and guidelines. In terms of content, this webinar converts selected audit standards and guidelines into practical applications using detailed examples. This webinar also allows auditors to understand various steps and processes required to initiate, document and compile IT audit phases. Through this webinar, a student of governance, risk and compliance will acquire an appreciation for IT financial statement, government, and external auditing. Collectively, this webinar presents foundational knowledge for enabling appropriate consideration of the role information system auditors play in supporting an organization's competitive advantages.

Why should you Attend:As computing power has advanced, entities have become increasingly dependent on technology to carry out their operational requirements and to collect, process, maintain, and report essential data. This reliance on electronically encoded data and on the policies that affect managerial decisions are a primary concern of audit professionals. Consequently, Information Technology (IT) auditors examine the adequacy of controls in information systems and related operations to assure effectiveness and efficiency in business processes. In addition, among other assurance services, IT auditors evaluate the reliability of computer-generated data supporting financial statements and analyze specific programs and their processing results.

In 2012, events were posted by various news outlets such as Fox News, the Wall Street Journal, Forbes and Yahoo.com concerning Knight Capital's financial debacle. These reputable news organizations presented solemn allegations regarding managerial due diligence during system development lifecycles. Specifically, the cost to an already troubled firm was estimated $440,000,000.00 USD. An amount no financial-based institution can classify as immaterial.

Undoubtedly, an individual or group authorized activation of this critical new application. Nonetheless, it appears adequate precautions, such as application processing testing, were not performed either prior to deployment, during implementation or after installation by the project team. Thus, the question regarding the circumstances that produced this extraordinary financial loss is: Did management assign an IT auditor to the software project team?

Areas Covered in the Session:

• Implementing effective oversight of the IT audit function.
• Principles and practices for performing IT audits.
• Sound strategic and tactical IT risk considerations.
• Three tiers of enterprise governance are examined in terms of their:
  • Content
  • Meaning
  • Implementation factors
  • Responsibilities

• Audit Committee Members
• Risk Management Managers
• External Auditors
• Internal Auditors
• Chief Executive Officers
• Chief Information Officers
• Compliance Managers
• Chief Information Security Officers