tailieunhanh - Integrated Audit

• History and background of IT Audit • Try to address the gap that exists between financial audit and information technology audit • What is involved in IT general controls and automated application controls • Discuss an approach that will aide in the identification and testing of IT controls • Roles and responsibilities for IT and financial auditors | RSM McGIadrey Integrated Audit IT and Finance - Are We Talking the Same Language Presented by Hussain T. Hasan CISM CISSP Managing Director Technology Risk Management Services TRMS RSM MbGladrey Inc. is a member firm of RSM International - an affiliation of separate and independent legal entities. RSMMcGIadrey Session Goals History and background of IT Audit Try to address the gap that exists between financial audit and information technology audit What is involved in IT general controls and automated application controls Discuss an approach that will aide in the identification and testing of IT controls Roles and responsibilities for IT and financial auditors 1 RSMMcGIadrey History of IT Audits First use of a computerized accounting system - 1954 by GE Use of computer accounting systems became more prevalent in mid-60s and early 70s AICPA and the Big 8 formalize EDP auditing with the release of the book Auditing EDP -1968 Electronic Data Processing Auditors Association EDPAA formed -late 1960s First edition of control objectives was published now known as CoBiT -1977 EDPAA changes name to ISACA Information Systems Audit and Control Association -1994 3 RSMMcGIadrey Major Events Impacting IT Auditing Equity Funding Corporation of America fraud 1964 -1973 AT T infrastructure failure -1998 September 11th terrorist attacks - 2001 Enron and Arthur Andersen - 2002 4 2 RSMMcdadrey LlM J Why is IT Auditing a Challenge Unlike the certification of financial statements there is no universally accepted principle or standard for IT audit The concept of compliance to best practice Rapid change in IT is at times too rapid for best practices to fully develop or be recognized as such IT audit has become a separate discipline over time RSMMcGIadrey Today s Business Process Environment 24 7 requirement becoming more common Focus on early error detection More highly automated - reducing reliance on manual controls Integrated with complex and highly efficient IT