Tuesday, August 26, 2008
Tuesday, August 5, 2008
Importance of follow up IT Audit
Follow up IT Audit is very important, sometimes even more important than main IT Audit. Let us briefly discuss what is follow up IT Audit and How this is useful ?
What is follow up IT Audit?
IT Audit which is done after main audit to review the steps taken by Management as suggested/recommended in Main IT Audit. IT Auditors checks whether the critical/major findings as suggested in Main audit is complied 1. Suitably 2. Adequately 3. As recommended or as per the best practice.
Who does the follow up IT Audit?
Not always necessary but this is generally done by same team of IT Auditor which conducts the main IT Audit.
What is the purpose of Follow up IT Audit?
1. It reviews whether the management has taken suitable and adequate steps to comply the necessary remarks which were not rectified during main audit.
2. Whether all the necessary rectification were made
3. If recommended measures were not taken then why?
4. What is the reason for pending compliance. Should all the suggested remarks should be rectified and complied?
It depends on:
1. Management appetite for taking risk
2. Cost benefit ratio Whether IT Auditor should submit the report of follow up audit? Yes this should be as per ISACA Standard and guidelines.
What is follow up IT Audit?
IT Audit which is done after main audit to review the steps taken by Management as suggested/recommended in Main IT Audit. IT Auditors checks whether the critical/major findings as suggested in Main audit is complied 1. Suitably 2. Adequately 3. As recommended or as per the best practice.
Who does the follow up IT Audit?
Not always necessary but this is generally done by same team of IT Auditor which conducts the main IT Audit.
What is the purpose of Follow up IT Audit?
1. It reviews whether the management has taken suitable and adequate steps to comply the necessary remarks which were not rectified during main audit.
2. Whether all the necessary rectification were made
3. If recommended measures were not taken then why?
4. What is the reason for pending compliance. Should all the suggested remarks should be rectified and complied?
It depends on:
1. Management appetite for taking risk
2. Cost benefit ratio Whether IT Auditor should submit the report of follow up audit? Yes this should be as per ISACA Standard and guidelines.
Subscribe to:
Posts (Atom)
