Online Courses
IS Auditing, Controls and Assurance
Online Courses
IS Auditing, Controls and Assurance
  • Information Systems Auditing, Controls and Assurance
  • Introduction to Information Systems (IS) Auditing
    • Risk in Information Systems (IS)
    • Risk Management Process
    • Identify Internal Controls
    • Quiz
  • General IS Audit Procedures
    • Understant the audit areas/subjects
    • Compliance Testing and Substantive Testing
    • Practice Quiz
    • Evidence
    • ISACA Outlines Five Steps to Planning an Effective IS Audit Program
    • Quiz
  • Business Application Development and the Roles of IS Auditors
    • What is business application development process / Systems Development Life Cycle (SDLC)?
      • SDLC Models
    • Feasibility and Requirements
    • Design and Selection
    • Development and Configuration
    • Configuration - Input/Output Controls
    • Implementation
    • Post-Implementation Review
    • Risks Associate with Application Development
    • Role of IS Auditor in SDLC
    • Quiz
  • IS Maintenance and Control
    • IS Maintenance Practices
    • Change Management
    • Documentation
    • Emergency Changes
    • IS Controls
    • Quiz
Powered by GitBook
On this page
  • Complience testing
  • Substantive testing
  1. General IS Audit Procedures

Compliance Testing and Substantive Testing

Determine whether employees follow policies and procedures of senior management and laws and regulations from regulators.

Complience testing

Compliance testing is the process of determining whether employees and organizations follow the policies and procedures set by senior management or the laws and regulations imposed by regulators. It ensures that the necessary controls are in place to prevent any misconduct or non-compliance.

In compliance testing, a sample of changes or actions is taken to assess whether they have been approved and comply with the established procedures. If any non-compliance is found, further investigation is conducted through substantive testing to determine the extent and nature of the issue.

The importance of compliance testing lies in ensuring that organizations adhere to the necessary controls and regulations to prevent any misconduct or fraudulent activities. It helps to identify weaknesses in internal controls and implement corrective measures to mitigate risks.

Substantive testing

Substantive testing, on the other hand, involves a detailed analysis of specific areas to identify any anomalies or irregularities. It is performed when compliance testing reveals a failure or when there is a lack of controls in place. Substantive testing helps to uncover the root cause of the issue and provides a deeper understanding of the problem.

Overall, compliance testing and substantive testing work hand in hand to ensure that organizations operate in accordance with the established policies and procedures, and to identify and address any potential risks or non-compliance issues.

PreviousUnderstant the audit areas/subjectsNextPractice Quiz

Last updated 9 months ago