Internal auditors looking to get more involved in information systems audits have a new resource to help guide the process, courtesy of ISACA, a global association of professionals focused on IS audit and control.
A new ISACA white paper titled Information Systems Auditing Tools and Techniques: Creating Audit Programs outlines five steps auditors should take to effectively plan an information system audit. The five steps include determining the audit subject, defining the audit objective, setting the audit scope, performing pre-audit planning, and determining procedures and steps for gathering data. The paper provides detailed descriptions of how to carry out each step.
