Submitted by: Submitted by john5
Views: 478
Words: 126709
Pages: 507
Category: Business and Industry
Date Submitted: 09/10/2012 09:54 AM
Course Schedule
Course Modules
Review and Practice
Exam Preparation
Resources
Module 7: Information technology auditing
Overview
Modules 1 to 6 outline a conceptual framework and methodology for flexibly planning the design of an internal
audit. This module describes the distinguishing features of auditing in an IT environment, showing you how to
adapt the auditing processes to IT auditing. Specifically, Module 7 looks at the impact of IT on internal auditing
and the changing field of IT auditing. You are introduced to two frameworks that assist with the evaluation of
IT controls. You learn how such controls are used in computer communications and networking, as well as
end-user environments. The module concludes with a look at the challenges of auditing in this environment
where emerging technology is a constant.
The pervasive use of technology in organizations today implies that, for an internal auditor, understanding the
impact of information technology on internal auditing, risk, and control is essential. This module provides this
important background information, which is a prerequisite to the modules that follow.
In Modules 8, 9, and 10, you apply what you have learned to specific audit engagement situations. You
consider how to plan and perform internal audits of the following functions: marketing, purchasing, production,
human resources, treasury, and strategic planning. You also learn how internal auditing differs in the private,
not-for-profit, and government sectors.
Test your knowledge
Begin your work on this module with a set of Test-your-knowledge questions designed to help you gauge the
depth of study required.
Learning objectives
7.1
How IT affects the internal audit process
Explain the concerns for internal auditors around IT auditing. (Level 2)
7.2
IT auditing
Discuss how IT auditing has developed in response to the specialized skills required to audit IT systems.
(Level 1)
7.3
Risk in an IT...