The Key Points To Note Regarding IT Auditing

By Daniel Roberts


Auditing is basically a thorough review and evaluation of books of accounts. All companies either private or public keep some sorts of financial records. The records are supposed to be prepared by the company accountant. It is not the work of the auditor to maintain proper books of accounts but the company accountant. IT auditing is basically an audit of a company IT systems, operations, management and related processes.

The audit may actually be conducted in connection with some financial regularity selective audits. Since the operations of almost all organizations are computerized, there is need to review as well as evaluate information technology controls within the course of audit. Due to technological advancement and the need to simplify the accounting work, many organizations chose to use computerized packages.

There are two types of auditors, internal auditor and external auditor. Internal auditors are hired by the management of a company. Their main purpose is to conduct internal audits with the aim of strengthening internal control systems. They are put on salary just like any other employee. Their reports are not presented to the shareholders but rather the management.

There are several objectives pertaining to information technology audit. The objectives include the following. Evaluating data reliability from IT systems which could be having some impact on financial statements of organizations is one of the objectives. The other objective is ascertaining the level and extent of compliance with existing applicable laws, standards and policies with regards to information technology.

The risk assessment decisions made here by auditors will assist companies make cost benefit analysis basically of control to all the known risks. When gathering the information to use for your auditing process, auditors will be required to identify the following five items. Identify and understand knowledge of business and also industry.

First and foremost, it is vital for an auditor to ensure that their firm has adequate resources to finish the IT audit. Auditors should consider the amount of work to be done and match the work with the available manpower. Auditors are recommended not to solicit for work as it is against the working code of conduct. Auditors should uphold professionalism of highest degree at all times.

IT audits are very important since they provide assurance to companies that information systems are properly protected. The audit will also provide reasonable assurance to the users of IT systems that the information they get from the system is reliable. The system should also be managed properly to achieve the organizational intended benefits.

It has been proven that many users are using IT without basically understanding how to operate a computer. A computer may in some instances repeat the same error over and over again causing a lot of damage to the end results. The audits can also be used to assist organizations reduce or minimize risk of tampering with data and loss of data

To avoid and also prevent any future financial fiascos like the Enron and WorldCom it is necessary to conduct IT audits every financial year. There are quite a number of benefits associated with IT audits. But the most important one is the detection of errors.




About the Author: