Reading

Course Schedule

Course Modules

Review and Practice

Exam Preparation

Resources

Module 7: Information technology auditing

Overview

Modules 1 to 6 outline a conceptual framework and methodology for flexibly planning the design of an internal

audit. This module describes the distinguishing features of auditing in an IT environment, showing you how to

adapt the auditing processes to IT auditing. Specifically, Module 7 looks at the impact of IT on internal auditing

and the changing field of IT auditing. You are introduced to two frameworks that assist with the evaluation of

IT controls. You learn how such controls are used in computer communications and networking, as well as

end-user environments. The module concludes with a look at the challenges of auditing in this environment

where emerging technology is a constant.

The pervasive use of technology in organizations today implies that, for an internal auditor, understanding the

impact of information technology on internal auditing, risk, and control is essential. This module provides this

important background information, which is a prerequisite to the modules that follow.

In Modules 8, 9, and 10, you apply what you have learned to specific audit engagement situations. You

consider how to plan and perform internal audits of the following functions: marketing, purchasing, production,

human resources, treasury, and strategic planning. You also learn how internal auditing differs in the private,

not-for-profit, and government sectors.

Test your knowledge

Begin your work on this module with a set of Test-your-knowledge questions designed to help you gauge the

depth of study required.

Learning objectives

7.1

How IT affects the internal audit process

Explain the concerns for internal auditors around IT auditing. (Level 2)

7.2

IT auditing

Discuss how IT auditing has developed in response to the specialized skills required to audit IT systems.

(Level 1)

7.3

Risk in an IT...