2. V.Jawahar B.Com(Hons); FCA; Grad.CWA; ISA CISA; CISSP; CISM

3. Introduction Developing an Audit Plan is one of the weakest links in the IT audit process Assessing risks in every domain of business should be the starting point for every audit. Don’t let others dictate what should be audited. To develop and audit plan, it is vital to do a company wide risk assessment.

4. Heightened expectations from management – high level of service and low cost. Gain an understanding of the IT environment

5. IT Audit Plan Development Process Understand the Business Define IT Universe Perform Risk Assessment Formulate Audit Plan

6. Understand the Business Organizational Uniqueness Operating Environment & structure • IT support model Degree of system and geographic centralization Types of technologies deployed Degree of customization Policies and standards Degree of Regulation and Compliance Degree of outsourcing Degree of operational standardization

7. Level of Reliance on Technology

8. Defining IT Universe Examining the Business Model Role of Supporting Technologies Annual Business Plans Centralised and Decentralised IT Functions IT Support Processes Regulatory Compliances Audit Subject Areas

9. Business Applications Assessing Risks

10. Performing Risk Assessment Risk Assessment Process Ranking Risk Leading IT Governance Frameworks

11. Formalising IT Audit Plan Audit Plan Context Stakeholders Requests Audit Frequency Audit Plan Principles The IT Plan Content Integration of the IT Audit Plans Validating the Audit plan The Dynamic Nature of the IT Audit Plan Communicating, Gaining Executive Support, and Obtaining Plan Approval

12. Thank You