IT Audit & Assurance
Information System - IS auditing is the method to examine the effectiveness of the technical and procedural controls to minimize risks towards computer applications, networks and systems.
IT Audit Process
- Audit Planning
- Study & Test Controls
- Audit Report
- Follow UP
IT Audit Methodology
- IT Audit should be conducted regularly (e.g. once per year).
- An audit checklist should be made for each security level/OS for simplicity.
- The auditor should be independent of the administration and be objective.
- The audit should checkĀ Guidelines, Policies, Users, Management, IT Security managers, Administrators, andĀ IT Resources.