Online Courses
IS Auditing, Controls and Assurance
Online Courses
IS Auditing, Controls and Assurance
  • Information Systems Auditing, Controls and Assurance
  • Introduction to Information Systems (IS) Auditing
    • Risk in Information Systems (IS)
    • Risk Management Process
    • Identify Internal Controls
    • Quiz
  • General IS Audit Procedures
    • Understant the audit areas/subjects
    • Compliance Testing and Substantive Testing
    • Practice Quiz
    • Evidence
    • ISACA Outlines Five Steps to Planning an Effective IS Audit Program
    • Quiz
  • Business Application Development and the Roles of IS Auditors
    • What is business application development process / Systems Development Life Cycle (SDLC)?
      • SDLC Models
    • Feasibility and Requirements
    • Design and Selection
    • Development and Configuration
    • Configuration - Input/Output Controls
    • Implementation
    • Post-Implementation Review
    • Risks Associate with Application Development
    • Role of IS Auditor in SDLC
    • Quiz
  • IS Maintenance and Control
    • IS Maintenance Practices
    • Change Management
    • Documentation
    • Emergency Changes
    • IS Controls
    • Quiz
Powered by GitBook
On this page
  1. General IS Audit Procedures

Practice Quiz

Question

This is the audit procedure set by Company A's IS auditor.

As a practice, would you look into the audit procedure, summarizing what Prof. Dias discussed regarding the audit procedure (Video 2.3), and comment what aspects are missing from the audit procedure?

You will receive the feedback upon submitting your answer.

The audit procedure by Company A’s IS auditor:

  • Created an audit plan and schedule

  • Elaborated on plan's details

  • Preliminary review

  • On-site evaluation of the area

  • Conducted the company's risk analysis

  • Verified it with extensive substantive tests

  • Cross-checked by comprehensive compliance tests

Solution

  • Must collect information about the company and the industry first

  • Compliance tests do not validate substantive tests

  • Missing verification of existing control appropriateness

  • Missing audit report writing and presentation

PreviousCompliance Testing and Substantive TestingNextEvidence

Last updated 8 months ago