Scribd
Upload
8 views5 pages

The Value of Information Systems Security Control and Audit in Internal Audit Work

This presentation emphasizes the integration of information systems security, control, and audit into internal audit practices, highlighting its relevance and practical applications. It addresses challenges such as limited system access and IT resistance, while proposing strategies like early IT engagement and continuous learning. The importance of understanding IT general controls and fostering collaboration with IT departments is also underscored.

Uploaded by

wilber
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
8 views5 pages

The Value of Information Systems Security Control and Audit in Internal Audit Work

This presentation emphasizes the integration of information systems security, control, and audit into internal audit practices, highlighting its relevance and practical applications. It addresses challenges such as limited system access and IT resistance, while proposing strategies like early IT engagement and continuous learning. The importance of understanding IT general controls and fostering collaboration with IT departments is also underscored.

Uploaded by

wilber
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 5

The Value of

Information Systems
Security, Control, and
Audit in Internal Audit
Work
A Master’s-Level Perspective

This presentation explores the critical importance of integrating


information systems security, control, and audit expertise into
modern internal audit practices. We will discuss its relevance,
practical applications, associated challenges, and strategies for
moving forward.
by Wilbur
Why It Matters
Systems Drive Processes
Financial, operational, and compliance functions increasingly rely
on complex IT systems.

Security & Controls


Auditors must understand access controls, security risks, and
system configurations for assurance.

Cyber Threat Exposure


Growing risks from cyber threats and data integrity issues
necessitate specialized audit focus.

Bridging the Gap


It helps connect IT teams with audit functions, fostering better
understanding.
Practical Application in Audit Wor
Improved ITGC Understanding
Enhanced evaluation of IT general controls including access, change, and backup

Evaluate System Logs


Ability to analyze system logs and audit trails for deeper insights.

Better IT Collaboration
Fosters stronger collaboration with IT departments during audit engagements.

System-Based Evidence
Utilize electronic transaction records and ERP logs in fraud investigations.
Challenges in Applying
Knowledge
Limited System Access
Difficulty accessing some IT systems, especially outsourced or cloud services.

IT Resistance
Resistance from IT teams who may perceive audit as interference.

Rapid Tech Evolution


Keeping current with the fast pace of technological changes.

Poor Documentation
Lack of formal documentation or inadequate audit logs in some systems.
Addressing the
Challenges: Way
Forward
Engage IT Early
Involve IT teams during the initial audit planning phase.

Continuous Learning
Pursue ongoing education like CISA prep and IT risk trainings.

Advocate for Controls


Promote role-based access control and comprehensive
system documentation.

Leverage External Experts


Collaborate with external specialists for highly
specialized reviews.

You might also like