Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Performance Auditing  In IT Environment  Evidence Gathering & Analysis Techniques  Computer Assisted Techniques  Use of IDEA.

Published byDennis Mosley Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Performance Auditing  In IT Environment  Evidence Gathering & Analysis Techniques  Computer Assisted Techniques  Use of IDEA."— Presentation transcript:

1 1 Performance Auditing  In IT Environment  Evidence Gathering & Analysis Techniques  Computer Assisted Techniques  Use of IDEA

2 2  In the last 10 days, We discussed all aspects relating to Performance Auditing starting with strategic planning and selection of subjects to reporting process, follow up procedures, quality assurance and critical issues.  Today we will discuss briefly some of the important aspects of conducting Performance Audit in IT environment, and evidence gathering/ analysis techniques and some of the important CAATs.  There will be 4 sessions covering the areas listed in next slide.

3 3 Performance Auditing in IT Environment Topic coverage for the day XI  Introduction  Planning & Resourcing  Performance Auditing involving IT System Development  Performance Auditing involving operational IT Systems  Performance Aspect of Auditing in IT Environment  Evidence gathering techniques  Computer Assisted Auditing Techniques  Specilised and support audit techniques/software  Internet  Reporting

4 4 In the first session we will cover  Introduction- Performance Auditing in IT Env.  Performance Auditing Planning & Resourcing  Performance Auditing involving IT System Development  Performance Auditing involving operational IT Systems  Performance Aspect of Auditing in IT Environment

5 5 Performance Auditing -Introduction  IT-increasingly used for public sector programme planning, execution, monitoring  Sharing or integration of information between entities raises issues such as the risk of security breaches & unauthorised manipulation of information  Auditors to develop strategy & technique to provide assurance to stakeholders about value for money from the use of the IT, Security of the systems, existence of proper process controls and completeness and accuracy of the output

6 6  IT- has to be efficient  IT- should be cost effective, provide range of additional services, including programme performance information, with greater efficiency, security and control than are available in manual system  IT- has risk of major systemic error having greater impact on entity performance than would be possible in manual systems. Performance Auditing- Introduction Contd…

7 7  Understand the entities IT system & its significance to the performance audit objective  Identify the extent of IT systems auditing required to achieve the performance audit objective (eg audit of system development, Audit of environment and applications controls) and employ specialist IT auditors to undertake the task  Develop and use appropriate CAATs to facilitate audit Performance Auditing -Introduction Contd…

8 8  Performance auditing in IT Environment should – Identify any deficiencies in IT Controls & resulting effect on efficiency, economy and effectiveness of the performance of the entity – Examine IT system development and maintenance practice of the entity and compared to industry better practices Performance Auditing- Introduction Contd…

9 9 – Compare the IT strategic planning, risk management and project management practices of the entity with industry better practice and in relation to corporate governance framework of the entity – Determine whether system output meets entity quality and service delivery parameters and – Assess whether the IT systems enhance the economy, efficiency and effectiveness of the entities programme management, in particular in relation to programme planning, execution, monitoring and feedback Performance Auditing -Introduction Contd…

10 10 Session Coverage-Performance Auditing in IT Environment  Introduction  Planning & Resourcing  Performance Auditing involving IT System Development  Performance Auditing involving operational IT Systems  Performance Aspect of Auditing in IT Environment

11 11 Performance Auditing  Planning  Resourcing

12 12 Planning  Planning to frame audit objectives with reference to the objectives of the entity in adopting/introducing IT systems and should include audit concerns relating to security, controls and value for money  Planning to identify the IT systems, computer systems and software packages being used by the entity  Planning to identify major potential risks and exposures of system in the entity

13 13 Performance Auditing  Planning  Resourcing

14 14 Resourcing  Performance Auditing in IT environment requires specialist skills  Appropriate trained persons in IT with audit & accountancy skills  Think of services of technical consultant for more specialised technical areas  Personnel needs extensive training to remain abreast of technological developments and IT Audit techniques

15 15 Session Coverage-Performance Auditing in IT Environment  Introduction  Planning & Resourcing  Performance Auditing involving IT System Development  Performance Auditing involving operational IT Systems  Performance Aspect of Auditing in IT Environment

16 16 Performance Auditing involving IT system development  Determine if the entity Has appropriate executive approvals for the development of the system, i.e. that IT management fits within the corporate governance of the entity Has appropriate project management processes in place to manage the project Has met required targets of time, cost, system function and value for money Uses an appropriate system development methodology, and Has processes in place, including the involvement of Internal Audit, to ensure that the new system including all the necessary controls and audit trails, and is likely to meet the requirements of the entity and its stakeholder  COBIT Acquisition & Implementation Domain, Monitoring domain

17 17 Session Coverage-Performance Auditing in IT Environment  Introduction  Planning & Resourcing  Performance Auditing involving IT System Development  Performance Auditing involving operational IT Systems  Performance Aspect of Auditing in IT Environment

18 18 Performance Auditing involving Operational IT System  Concerns auditor would be expected to consider :- Strategic and operational management of IT within the entity (IT included in overall corporate governance IT project management includes compliance with legislative & other local laws – Compliance Testing Risk management practice of entity in respect of IT- No 100% risk avoidance- acceptable risk level IT system design, development & maintenance controls- SDLC Phases- Feasibility, Requirement, Design & Code, Implementation ( acceptance testing) Compliance with standards including external standards- Compliance Testing

19 19 Performance Auditing involving Operational IT System  Concerns auditor would be expected to consider :- Application controls Processing controls, including audit trails Business continuity arrangements Data integrity including sampling of data (possibly using CAATS) Access controls and the physical & logical security of networks and computers, including Internet firewalls Controls to safeguard against illegal software Performance management & measurement Other issues that arise during the audit

20 20  In making assessment auditor may Review files and other documents relevant to the development and operation of the IT systemsReview files and other documents relevant to the development and operation of the IT systems Use appropriate software packages to test the central and networked computing systems controlsUse appropriate software packages to test the central and networked computing systems controls Test a sample of transactions ( including the use of CAATs) to validate the systems and relevant controls; andTest a sample of transactions ( including the use of CAATs) to validate the systems and relevant controls; and Interview key staff membersInterview key staff members Performance Auditing involving Operational IT System

21 21 Session Coverage-Performance Auditing in IT Environment  Introduction  Planning & Resourcing  Performance Auditing involving IT System Development  Performance Auditing involving operational IT Systems  Performance Aspect of Auditing in IT Environment

22 22 Performance aspects of auditing in an IT environment  Auditor may also examine :- Whether the IT system has enhanced the efficiency with which the entity manages its programmes/ activities and whether the conversion to an IT system has any beneficial results for the stakeholders in the entity

23 23 Performance aspects of auditing in an IT environment  Auditor may also Asses:- If IT system have facilitated improved programme managementIf IT system have facilitated improved programme management IT to support objective of entity & is integrated part of its operationsIT to support objective of entity & is integrated part of its operations Whether required highly qualified staff is deployed or notWhether required highly qualified staff is deployed or not IT contribution to operations is measured in operational efficiency termsIT contribution to operations is measured in operational efficiency terms

24 24  Auditor may also Asses:- The gains of IT may not be realised without appropriate organisational changes; andThe gains of IT may not be realised without appropriate organisational changes; and Normal value for money measures may be more difficult to applyNormal value for money measures may be more difficult to apply Return on investmentReturn on investment Whether the IT environment has contributed to transparency, accountability and good governanceWhether the IT environment has contributed to transparency, accountability and good governance Performance aspects of auditing in an IT environment

25 25 In this session we discussed  Introduction- Performance Auditing in IT Env.  Performance Auditing Planning & Resourcing  Performance Auditing involving IT System Development  Performance Auditing involving operational IT Systems  Performance Aspect of Auditing in IT Environment

Download ppt "1 Performance Auditing  In IT Environment  Evidence Gathering & Analysis Techniques  Computer Assisted Techniques  Use of IDEA."

Similar presentations

An Introduction to professional services. The professional services The professional services support businesses of all sizes across the economy, providing.

An Introduction to professional services. The professional services The professional services support businesses of all sizes across the economy, providing.
Audit of Autonomous District Councils (in an IT environment using FAAM)

Audit of Autonomous District Councils (in an IT environment using FAAM)
Auditing, Assurance and Governance in Local Government

Auditing, Assurance and Governance in Local Government
Development of internal control: methodology and responsibility

Development of internal control: methodology and responsibility
COBIT - II.

COBIT - II.
The Islamic University of Gaza

The Islamic University of Gaza
Audit Guidance Using the Federal Information System Controls Audit Manual (FISCAM) to Achieve Audit Objectives in Financial and Performance Audits Mickie.

Audit Guidance Using the Federal Information System Controls Audit Manual (FISCAM) to Achieve Audit Objectives in Financial and Performance Audits Mickie.
McGraw-Hill/Irwin © 2003 The McGraw-Hill Companies, Inc., All Rights Reserved. 7-1 Chapter 7 CHAPTER 7 THE EFFECT OF INFORMATION TECHNOLOGY ON THE AUDIT.

McGraw-Hill/Irwin © 2003 The McGraw-Hill Companies, Inc., All Rights Reserved. 7-1 Chapter 7 CHAPTER 7 THE EFFECT OF INFORMATION TECHNOLOGY ON THE AUDIT.
Security Controls – What Works

Security Controls – What Works
By Collin Smith http://techinitiatives.blogspot.com COBIT Introduction By Collin Smith http://techinitiatives.blogspot.com.

By Collin Smith COBIT Introduction By Collin Smith
Internal Control Concepts Knowledge. Best Practices for IT Governance IT Governance Structure of Relationship Audit Role in IT Governance.

Internal Control Concepts Knowledge. Best Practices for IT Governance IT Governance Structure of Relationship Audit Role in IT Governance.
Viewpoint Consulting – Committed to your success.

Viewpoint Consulting – Committed to your success.
IS Audit Function Knowledge

IS Audit Function Knowledge
Computer Assisted Audit Techniques

Computer Assisted Audit Techniques
Pertemuan 7-8 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.

Pertemuan 7-8 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
AUDITING INFORMATION TECHNOLOGY USING COMPUTER ASSISTED AUDIT TOOLS AND TECHNIQUES.

AUDITING INFORMATION TECHNOLOGY USING COMPUTER ASSISTED AUDIT TOOLS AND TECHNIQUES.
1 Pertemuan 9 Department Organization Matakuliah:A0274/Pengelolaan Fungsi Audit Sistem Informasi Tahun: 2005 Versi: 1/1.

1 Pertemuan 9 Department Organization Matakuliah:A0274/Pengelolaan Fungsi Audit Sistem Informasi Tahun: 2005 Versi: 1/1.
Pertemuan 11-12 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.

Pertemuan Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
Quality evaluation and improvement for Internal Audit

Quality evaluation and improvement for Internal Audit
The Information Systems Audit Process

The Information Systems Audit Process

Similar presentations

Ads by Google