Beruflich Dokumente
Kultur Dokumente
SYSTEM
PRESENTATION
ON
AUDIT AND IT AUDIT
BY
KAPIL KR. BANSAL-11BSP1424
MOHIT MITTAL-11BSP1813
AUDIT
Audits are performed to ascertain thevalidity
andreliabilityof information; also to provide
anassessmentof a system'sinternal control.
The goal of an audit is to express an opinion
of the person / organization / system (etc.) in
question, under evaluation based on work
done on a test basis.
CONTINUE
The general definition of an audit is an
evaluation of a person, organization,
system, process, enterprise, project or
product. The term most commonly
refers to audits in accounting, but
similar concepts also exist in project
management, quality management,
water management, and energy
conservation.
HISTORICAL BACKGROUND
The
Financial audit
Continue
Financial audit:
Address questions of accounting, recording, and
reporting of financial transactions. Reviewing the
adequacy of internal controls also falls within the
scope of financial audits.
DIFFERENT
CATEGORIZATION OF AUDIT
Statutory
Audit
Privates Audit
Internal Audit
Management Audit
IT Audit
Statutory Audit
A legally required review of the accuracy of a company's or
government's financial records. The purpose of a statutory audit to
determine whether an organization is providing a fair and accurate
representation of its financial position by examining information
such as bank balances, bookkeeping records and financial
transactions
For Example,
a state law may require all municipalities to submit to an annual
statutory audit examining all accounts and financial transactions
and to make the results of the audit available to the public. The
purpose of such an audit is to hold the government accountable
for how it is spending taxpayers' money.
Private Audit
When the audit is not a statutory requirement , but is
conducted at the desire of owners , such an audit is
private audit . The audit is conducted primarily for their
own interest. At times the private audit may become a
requirement under tax laws , if the turnover exceeds a
specified limit.
Internal Audit
The examination, monitoring and analysis of
activities related to a company's operation,
including its business structure, employee
behavior and information systems.
Internal audit found to play the following roles
Check weather existing controls are effective and
adequate.
Management Audit
Analysis and assessment of
competencies and capabilities of a
company's management in order to
evaluate their effectiveness, especially
with regard to the strategic objectives
and policies of the business. The
objective ofa management audit is not to
appraise individual executive
performance, but to evaluate the
management team in relation to their
competition.
Audit process
ADVANTAGES OF AUDIT
Companies
Directors
Assurance
that
statutory
responsibilities
concerning accounts have been carried out.
Availability of expert advise.
The letter of weakness.
To
Shareholders
Assurance that accounts show a true and fair
view and comply with statutory requirements
Other Organization with publish accounts
Assurance that accounts are reliable
In addition they provide reliable accounts
to regulatory bodies such as the companies
Registry, the stock exchange etc.
OBJECTIVE OF AUDITING
Primary Objective:
To produce a report by the auditor of his
opinion of the truth and fairness of
financial statements so that any person
reading and using them can belief in
them.
Secondary Objective:
To detect Error and Fraud
To prevent Errors and fraud by the
deterrent and moral effects of Audit
Completeness
Ownership
Accuracy
Valuation
Classification
Disclosure
Limitation of Audit
Audit Evidence
Audit evidenceisevidenceobtained during a
financial auditand recorded in theaudit working papers.
Continued
INFORMATION
TECHNOLOGY AUDIT
21
WHAT IS IT AUDIT
CONTINUE
HISTORY OF IT AUDIT
PURPOSE OF IT AUDIT
An
IT
audit
is
different
from
a
financial statement audit. While a financial audit's
purpose is to evaluate whether an organization is
adhering tostandard accounting practices, the
purposes of an IT audit are to evaluate the
system's internal control design and effectiveness.
This includes, but is not limited to, efficiency and
security protocols, development processes, and IT
governance or oversight.
. One of the most important role of the IT Audit is
to audit over the critical system in order to
support the Financial audit or to support the
specific regulations announced e.g. SOX
PURPOSE OF IT AUDIT
Integrated information technology audit
compliance,
Quality assurance,
Business continuity,
Disaster recovery,
IT governance,
Fraud, risk, and forensics resources for
information technology auditors, internal
auditors, application auditors, compliance,
information
security
and
forensics
professionals.
ROLE OF IT AUDIT
The IT audit aims to evaluate the following:
IT Audit process
The audit process is generally a ten-step procedure:
1. Notification & Request for
2. Planning
3. Opening Meeting
4. Fieldwork
5. Communication
6. Draft Report
7. Management Responses
8. Closing Meeting
9. Report Distribution
10. Follow-up
Preliminary Information
TYPES OF IT AUDIT
Technological innovation process audit
Innovative comparison audit
Technological position audit
five categories of audits:
1. Systems and Applications
2. Systems Development:
3. Management of IT and Enterprise
Architecture:
4. Client/Server, Telecommunications,
Intranets, and Extranets
5. Information Processing Facilities:
FUNCTIONS IS TO BE CHECKED
Systems and Applications: An audit to verify that systems
and applications are appropriate, are efficient, and are
adequately controlled to ensure valid, reliable, timely, and
secure input, processing, and output at all levels of a
system's activity.
Information Processing Facilities: An audit to verify that
the processing facility is controlled to ensure timely,
accurate, and efficient processing of applications under
normal and potentially disruptive conditions.
Systems Development: An audit to verify that the systems
under development meet the objectives of the organization,
and to ensure that the systems are developed in accordance
with generally accepted standards forsystems development.
.
CONTINUE
Ease of Use
Security
The capstone of Technology Audit is the Audit Findings Report
which includes gap analysis, recommendations pertaining
to technology upgrade / downgrade, training requirements
and plan of action. Technology Audit recommendation sets
the direction for organizations to optimize Return of
Investment on IT.
IT Audit Role
35
36
37
38
THANK
YOU
ALL