Beruflich Dokumente
Kultur Dokumente
Development of Standards,
Guidelines and Procedures
1.
BACKGROUND
PLANNING
2.1
Assessing Materiality
2.1.1 The assessment of what is
material is a matter of professional
judgment and includes consideration
of the effect on the organisation as a
whole of errors, omissions,
irregularities and illegal acts which
may arise as a result of control
weaknesses in the area being audited.
Page 2 of 2 Materiality Concepts For Auditing Information Systems Guideline Version I-1.0
3.
REPORTING
3.1
Identifying Reportable
Issues
3.1.1 In determining the findings,
conclusions and recommendations to
be reported, the IS Auditor should
consider both the materiality of any
errors found and the potential
materiality of errors which could arise
as a result of control weaknesses.
3.1.2 Where the audit is used by
management to obtain a statement of
assurance regarding IS controls, an
unqualified opinion on the adequacy of
controls should mean that the controls
in place are in accordance with
generally accepted control practices to
meet the control objectives, devoid of
any material control weakness.
3.1.3 A control weakness should be
considered material, and therefore
reportable, if the absence of the
control results in failure to provide
reasonable assurance that the control
objective will be met. If the audit work
identifies material control weaknesses,
the IS Auditor should consider issuing
a qualified or adverse opinion on the
audit objective.
3.1.4 Depending on the objectives of
the audit, the IS Auditor should
consider reporting to management
weaknesses which are not material,
particularly when the costs of
strengthening the controls are low.
4.
EFFECTIVE DATE