100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Previously searched by you
Previously searched by you
logo
Summary ISACA : Information Systems Auditing: Tools and Techniques Creating Audit Programs R189,76   Add to cart
Quickly navigate to
Preview
  2.  
  3. ISACA
  4.  
  5. ISACA

Summary

Summary ISACA : Information Systems Auditing: Tools and Techniques Creating Audit Programs
 2 views  0 purchase
  • Course
  • ISACA
  • Institution
  • ISACA

TABLE OF CONTENTS Introduction...................................................................................................................................................................3 Purpose of This Publication..............................................................................

[Show more]

Preview 3 out of 18  pages

Document information

  • January 3, 2024
  • 18
  • 2023/2024
  • Summary

Subjects

  • isaca information systems auditing tools and te

Written for

  • ISACA
All documents for this subject (34)

Seller

avatar-seller
THEEXCELLENCELIBRARY

Reviews received

Content preview

Information
Systems Auditing:
Tools and Techniques
Creating Audit Programs



Abstract
Information systems audits can provide a multitude of benefits to an enterprise by ensuring the effective, efficient, secure and reliable
operation of the information systems so critical to organizational success. The effectiveness of the audit depends, in large part, on the
quality of the audit program.

,Information Systems Auditing: Tools and Techniques—Creating Audit Programs Table of Contents




TABLE OF CONTENTS
Introduction...................................................................................................................................................................3
Purpose of This Publication.........................................................................................................................................3
Audience......................................................................................................................................................................3
Scope and Approach....................................................................................................................................................3
Terminology..................................................................................................................................................................4

The Audit Process..........................................................................................................................................................5

Audit and Assurance Programs.....................................................................................................................................8
Objectives of Developing Audit and Assurance Programs..........................................................................................8
Minimum Skills to Develop an Audit and Assurance Program................................................................................... 9
Steps to Develop an Audit and Assurance Program.................................................................................................... 9

Appendix A—List of Resources...................................................................................................................................16
ISACA Resources......................................................................................................................................................16
Additional Resources..................................................................................................................................................16




©2016 Information Systems Audit and Control Association, Inc. (ISACA). All rights reserved. 2

, Information Systems Auditing: Tools and Techniques—Creating Audit Programs Introduction




INTRODUCTION
Organizations undertake audits for many reasons. An audit can help the enterprise ensure effective operations and
attest to its compliance with administrative and legal regulations. It can confirm for management that the business
is functioning well and is prepared to meet potential challenges. Perhaps most important, it can assure stakeholders
of the financial, operational and ethical well-being of the organization. Information systems (IS) audits support all
those outcomes, with a special focus on the information and related systems upon which most businesses and public
institutions depend for competitive advantage.

Achievement of the many benefits that can accrue to an effective audit depends on proper and thorough planning of
the audit engagement. The scope and the objective of the audit must be understood and accepted by both the auditor
and the area being audited. Once the purpose for the audit is clearly defined, the audit plan can be created, which
will encapsulate the agreed scope, objectives and procedures needed to obtain evidence that is relevant, reliable and
sufficient to draw and support audit conclusions and opinions.

An important component of the audit plan is the audit program, also known as work program. The audit program
is commonly used to document the specific procedures and steps that will be used to test and verify control
effectiveness. The quality of the audit program has a significant impact on the consistency and quality of the audit
results, so it is imperative that IS auditors understand how to develop comprehensive audit programs.

Purpose of This Publication
The purpose of this publication is to provide a basic understanding of the steps necessary to develop comprehensive
audit programs that clearly and consistently document the procedures that will be used to test controls and gather
supporting data. This guide is also intended to help audit/assurance professionals develop audit programs that
comply with generally accepted audit standards, especially those issued by ISACA,1 the Public Company Accounting
Oversight Board (PCAOB),2 the Institute of Internal Auditors (IIA),3 and the American Institute of Certified Public
Accountants (AICPA).4

This publication is not intended to provide technical guidance on how to audit specific technologies.

Audience
This guide is intended primarily for IS and non-IS audit/assurance professionals who need to gain an understanding
about the process to develop audit programs for IS audit engagements. This guide is also beneficial for
audit/assurance professionals who wish to enhance their skills in developing IS audit programs.

Scope and Approach
This publication is intended to provide practical guidance to develop audit programs from the ground up. The guide
has been organized into three main areas:
• Audit process overview
• Steps to develop an audit program
• List of resources

In addition, other audit program resources are available from ISACA at www.isaca.org/creating-audit-programs,
including a Sample Audit Program document and an Infographic—Step-by-Step Audit Plan Activities.
1
ISACA, ITAFTM: A Professional Practices Framework for IS Audit/Assurance, 3rd Edition, USA, 2014,
www.isaca.org/Knowledge-Center/ITAF-IS-Assurance-Audit-/Pages/default.aspx
2
PCAOB, General Audit Standards, AS 2101: Audit Planning, USA, 2015, http://pcaobus.org/Standards/Auditing/Pages/AS2101.aspx
3
The IIA, International Standards for the Professional Practice of Internal Auditing (Standards), USA, revised 2012,
https://na.theiia.org/standards-guidance/Public%20Documents/IPPF%202013%20English.pdf
4
AICPA, Due Professional Care in the Performance of Work, AU-C Section 300, Planning an Audit, USA, 2015,
www.aicpa.org/Research/Standards/AuditAttest/DownloadableDocuments/AU-C-00300.pdf

©2016 Information Systems Audit and Control Association, Inc. (ISACA). All rights reserved. 3

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through EFT, credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying this summary from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller THEEXCELLENCELIBRARY. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy this summary for R189,76. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

81849 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy summaries for 14 years now

Start selling
R189,76
  • (0)
  Buy now