Chapter 12

Information Technology Auditing

INTRODUCTION

THE AUDIT FUNCTION

Internal versus External Auditing

Information Technology Auditing

Evaluating the Effectiveness of Information Systems Controls

THE INFORMATION TECHNOLOGY AUDITOR’S TOOLKIT

Auditing Software

People Skills

AUDITING COMPUTERIZED ACCOUNTING INFORMATION SYSTEMS

Testing Computer Programs

Validating Computer Programs

Review of Systems Software

Validating Users and Access Privileges

Continuous Auditing

INFORMATION TECHNOLOGY AUDITING TODAY

Information Technology Governance

Auditing for Fraud—Statement on Auditing Standards No. 99

The Sarbanes-Oxley Act of 2002

Auditing Standard No. 5 (AS5)

Third-Party and Information Systems Reliability Assurances

AIS AT WORK—FUTURE OF INFORMATION TECHNOLOGY AUDITING

SUMMARY

KEY TERMS YOU SHOULD KNOW

TEST YOURSELF

DISCUSSION QUESTIONS

PROBLEMS

CASE ANALYSES

Basic Requirements (Systems Reliability Assurance)

Tiffany Martin, CPA (Information Technology Audit Skills)

Consolidated Company (Audit Program for Access Controls)

READINGS AND OTHER RESOURCES

ANSWERS TO TEST YOURSELF

After reading this chapter, you will:

1. Know how external auditing differs from internal auditing.

2. Understand the information technology audit process and types of careers in information technology auditing.

3. Understand the software and people skills needed by information technology auditors.

4. Know how to determine the effectiveness of internal controls over specific information systems.

5. Be familiar ...

Get Core Concepts of Accounting Information Systems, 12th Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial