Pertemuan 3-4 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.

Slides:



Advertisements
Similar presentations
Chapter 7: Key Process Areas for Level 2: Repeatable - Arvind Kabir Yateesh.
Advertisements

More CMM Part Two : Details.
1  AGA-DC and GWSPCA 6 th ANNUAL CONFERENCE OMB Circular A-123, Appendix A Internal Control Over Financial Reporting Innovative Approaches Jerome A. Vaiana.
Auditing Concepts.
1 Pertemuan 13 eBusiness, AIS, Financial Statement and Accounting Professionals Matakuliah: F0662/ Web Based Accounting Tahun: 2005 Versi: 1/0.
Auditing Computer Systems
Information Systems Audit Program. Benefit Audit programs are necessary to perform an effective and efficient audit. Audit programs are essentially checklists.
1 INTERNAL CONTROLS A PRACTICAL GUIDE TO HELP ENSURE FINANCIAL INTEGRITY.
The Islamic University of Gaza
Database Administration Chapter FOSTER School of Business Acctg. 420.
Pertemuan 5-6 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
1 Pertemuan 6 Internal Control System Matakuliah:A0274/Pengelolaan Fungsi Audit Sistem Informasi Tahun: 2005 Versi: 1/1.
Pertemuan 16 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
Pertemuan 25 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
Internal Control Concepts A Guide for Deans, Directors, and Department Chairs.
Internal Control Pertemuan 05 s.d 06 Matakuliah: F0712 / Lab Sistem Informasi Akuntansi Tahun: 2007.
Pertemuan 7-8 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
Pertemuan 20 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
AUDITING INFORMATION TECHNOLOGY USING COMPUTER ASSISTED AUDIT TOOLS AND TECHNIQUES.
1 Pertemuan 10 Department Organization Matakuliah:A0274/Pengelolaan Fungsi Audit Sistem Informasi Tahun: 2005 Versi: 1/1.
1 Pertemuan 9 Department Organization Matakuliah:A0274/Pengelolaan Fungsi Audit Sistem Informasi Tahun: 2005 Versi: 1/1.
Course Technology Chapter 3: Project Integration Management.
Pertemuan Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
Office of Inspector General (OIG) Internal Audit
D. Keane June Internal Quality Audits (4.14) -ISO Requirements for Internal Audits -The Audit Process -Templates for Meeting Requirements.
ISO 9000 Certification ISO 9001 and ISO
Session 6: Data Integrity and Inspection of e-Clinical Computerized Systems May 15, 2011 | Beijing, China Kim Nitahara Principal Consultant and CEO META.
Network security policy: best practices
Database Administration Chapter 16. Need for Databases  Data is used by different people, in different departments, for different reasons  Interpretation.
Database Auditing Models Dr. Gabriel. 2 Auditing Overview Audit examines: documentation that reflects (from business or individuals); actions, practices,
Chapter 7 Database Auditing Models
Auditing Systems Development, Acquisition and Maintenance
Elements of Internal Controls Preventing Fraud, Waste, and Abuse in Urban and Rural Transit Systems.
REVIEW AND QUALITY CONTROL
Internal Auditing and Outsourcing
Copyright Course Technology 1999
The Islamic University of Gaza
UNM and Health System Internal Audit Departments Internal Audit Department Orientation Manu Patel, Internal Audit Director Purvi Mody, Executive Director,
David N. Wozei Systems Administrator, IT Auditor.
Internal Control in a Financial Statement Audit
1.  Describe an overall framework for project integration management ◦ RelatIion to the other project management knowledge areas and the project life.
Evaluation of Internal Control System
1 CIP Cyber Security – Personnel & Training Steve Garn CIP Compliance Workshop Baltimore, MD August 19-20, 2009 © ReliabilityFirst Corporation.
Auditing Information Systems (AIS)
Database Administration
BACKNEXT Georgia State University --- Expenditure Review Executive Summary -- Online Training Online Training for Georgia State University Expenditure.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 7 Database Auditing Models.
Evaluation of Internal Control System. Learning Objective 1 Contrast management’s need for internal control with the auditor’s need to consider internal.
Copyright © 2007 Pearson Education Canada 1 Chapter 1: The Demand for Auditing and Assurance Services.
1 Chapter Nine Conducting the IT Audit Lecture Outline Audit Standards IT Audit Life Cycle Four Main Types of IT Audits Using COBIT to Perform an Audit.
Pertemuan 26 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved.McGraw-Hill/Irwin.
McGraw-Hill/Irwin © 2003 The McGraw-Hill Companies, Inc., All Rights Reserved. 6-1 Chapter 6 CHAPTER 6 INTERNAL CONTROL IN A FINANCIAL STATEMENT AUDIT.
 Definition of a quality Audit  Types of audit  Qualifications of quality auditors  The audit process.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin 6-1 Chapter Six Internal Control in a Financial Statement Audit.
Copyright © 2007 Pearson Education Canada 23-1 Chapter 23: Using Advanced Skills.
AUDIT OF INTERNAL CONTROL Day V Sessions I & II. Session Overview Periodical audit of existence of internal control in order to examine its effectiveness.
Chapter 8 Auditing in an E-commerce Environment
Copyright © 2007 Pearson Education Canada 9-1 Chapter 9: Internal Controls and Control Risk.
WESTERN PA CHAPTER OF THE AMERICAN PAYROLL ASSOCIATION – NOVEMBER 4, 2015 Risk Management for Payroll.
Pertemuan 14 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Internal Audit Section. Authorized in Section , Florida Statutes Section , Florida Statutes (F.S.), authorizes the Inspector General to review.
Lecture 5 Control and AIS Copyright © 2012 Pearson Education 7-1.
Welcome. Contents: 1.Organization’s Policies & Procedure 2.Internal Controls 3.Manager’s Financial Role 4.Procurement Process 5.Monthly Financial Report.
McGraw-Hill/Irwin © The McGraw-Hill Companies 2010 Internal Control in a Financial Statement Audit Chapter Six.
Modern Auditing: Assurance Services and the Integrity of Financial Reporting, 8th Edition William C. Boynton California Polytechnic State University at.
Auditing Concepts.
The Demand for Audit and Other Assurance Services
Internal Control Internal control is the process designed and affected by owners, management, and other personnel. It is implemented to address business.
Presentation transcript:

Pertemuan 3-4 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007

Bina Nusantara AUDIT AND REVIEW ITS ROLE IN INFORMATION TECHNOLOGY

Bina Nusantara 10’S REASON TO START OF IT AUDITING 1. Auditing around the computer was becoming unsatisfactory for the purpose of data reliance. 2. Reliance on controls was becoming highly questionable. 3. Financial institutions were losing money due to creative programming. 4. Payroll databases could not be relied on for accuracy due to sophisticated programmers 5. The security of data could no longer be enforced effectively

Bina Nusantara 10’S REASON TO START OF IT AUDITING 6. Advancements occurred in technology. 7. Internal Networks were being accessed by employees’ desktop computers. 8. Personal computers became accessible for office and home use. 9. Large Amounts of data required advanced software programs to audit them, known as CAATs (Computer Assisted Audit Technique). 10. The tremendous growth of corporate hackers, either internal or external, warranted the need for IT auditors.

Bina Nusantara THE NEED FOR THE IT AUDIT FUNCTION The increased reliance on computers to perform daily transactions and with the higher risks associated with new technology, management needs assurance that the controls governing its computer operations are adequate. IT Governance is the process by which an enterprise’s IT is directed and controlled.

Bina Nusantara AUDITING CONCERNS An adequate audit trail so that transactions can be traced forward and backward through the system. The documentation and existence of controls over the accounting for all data (e.g. transactions) entered into the system and controls to ensure the integrity of those transactions throughout the computerized segment of the system. Handling exceptions to and rejections from, the computer system Unit and integrated testing, with controls in place to determine whether the systems perform as stated. Controls over changes to the computer system to determine whether the proper authorization has been given and documented

Bina Nusantara AUDITING CONCERNS Authorization procedures for system overrides and documentation of those processes Determining whether organization and government policies and procedures are adhered to in system implementation Training user personnel in the operation of the system Developing detailed evaluation criteria so that it is possible to determine whether the implemented system has met predertemined specifications Adequate controls between internconnected computer systems

Bina Nusantara AUDITING CONCERNS Adequate security procedures to protect the user’s data Backup and recovery procedures for the operation of the system and assurance of business continuity Ensuring technology provided by different vendors (i.e., operational platforms) is compatible and controlled Adequately designed and controlled databases to ensure that common definitions of data are used throughout the organization, that redundancy is eliminated or controlled, and data existing in multiple databases is updated concurrently

Bina Nusantara REVIEWERS OF IS IT Auditor has level of knowledge, skills, and abilities to do a quality job and provide a quality assessment. How utilize the IT auditor to assist in providing objective, value added contributions to their work?

Bina Nusantara WHAT ARE THE POLICIES AND PROCEDURES OF MANAGEMENT Policies and procedures are only as good as the management structure which formed them and enforces the action taken. The IT auditor should examine the corporate structure of the policies and procedures set by management. The auditor should then verify that the policies and procedures follow audit standards.

Bina Nusantara WHAT ARE THE POLICIES AND PROCEDURES OF MANAGEMENT Each function in organization, including internal audit and IT, needs complete, well documented polices and procedures to describe the scope of the function of its activities and the interrelationships with other departments. As policies, and procedures are developed and organized into a standards manual, they should be tied directly to the goals and objectives of the organzation.

Bina Nusantara AUDITOR STANDARDS American Institute of Certified Public Accountants (AICPA) Institute of Internal Auditor (IIA) Internal Federation of Accountants (IFAC) Information Systems Audit and Control Association (ISACA) Ikatan Akuntan Indonesia (IAI) Ikatan Audit Sistem Informasi Indonesia (IASII)

Bina Nusantara Skills Related to IT Auditing Performance of general controls Preparation of application assessments Transfer control protocol/Internet protocol (TCP/IP) Asynchronous transfer method (ATM) Electronic funds transfer (EFT) Database management systems (DBMS) Business continuity planning Disaster recovery planning System under change Audit integration services Information security services

Bina Nusantara Auditor Independence The audit report and opinion must be free of any bias or influence if the integrity of the audit process is to be valued and recognized for its contribution to the organization’s goals and objectives.

Bina Nusantara The Role of the IT Auditor Counselor Partner of Senior Management Internal Audit Function External Audit

Bina Nusantara The Organization’ Responsibility in Developing IT Audit Skills Preaudit Checklist : – Who are members of the audit team, and what are their roles and assignments? – What are the credentials and experience of the assigned audit team? – What orientation or training can you provide them to be comfortable within the environment? – Communicate with your managers and staff in the areas to be audited – If an area was audited before, review the prior report to see the issues raised and recommended made. Get an update of corrections or changes made as a result of prior audit work and give your staff and the audit department credit

Bina Nusantara The Organization’ Responsibility in Developing IT Audit Skills Audit Cheklist: – Purpose of the audit? – Scope and objectives? – Who are the audit staff assigned ? (Ask to be notified if any staff are changed) – Timeframe for work to be performed? – Use of computer time/access to system/logs/training needed – Access to IT management and staff? – Communicate (1) and (2) to all IT staff affected – Set weekly or biweekly meetings with audit manager/audit team to discuss audit progress and issues – Before the audit is finished, request close out conference from audit group – Request a copy of audit report

Bina Nusantara The Organization’ Responsibility in Developing IT Audit Skills Post audit checklist: – When the audit report is issued, pull your team together and discuss the report; if you follow the steps above there should be no surprise. If there are, there was a communication breakdown somewhere. – If you disagree with the report or portions of the report, do so in writing with supporting evidence. Remember, the auditor has supporting evidence for their reports, and this exits in their working papers. For those area your agree, indicate what corrective actions your team plans to take. – Have your team provide a status report to you on a 3- to 6-month cycle with a copy to go to internal audit. This shows you value their work.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.