Introduction
Learning Outcomes
Information Systems (IS) play a vital role in organizations by providing a foundation for the management of data, automation of business processes, support for decision-making, and facilitation of communication and collaboration. Auditing Information Systems is crucial for organizations as it helps to ensure the integrity, availability, and confidentiality of sensitive information and supports the effective management of risks, compliance with legal and regulatory requirements, and the alignment of IS with the overall business strategy.
This open textbook serves as your companion as you explore the field of auditing IS as a part of your degree program. The textbook covers the latest IS auditing standards and ethical principles and uses case studies to illustrate their application. It covers critical topics such as IT governance, risk management, IS controls frameworks and standards, and planning and conducting IS audits. The textbook also examines general and application controls and newer technologies such as cloud computing, blockchain, IoT, and AI. It also covers the IS audit findings and report writing. The textbook is designed to help you navigate the complexities of IS auditing and manage risks effectively.
Learning Outcomes
By the end of this textbook, you should be able to:
- Evaluate adherence to IS auditing standards and ethical principles using cases.
- Outline stakeholder responsibilities for IS governance in an organization.
- Explain how IS auditors use risk assessment and materiality to plan and execute an IS audit.
- Outline the steps in using a control framework to assess IS control in an organization.
- Evaluate general and application controls of all classifications (preventive, detective, compensating, corrective, etc.).
- Prepare audit programs for various IS audits using relevant audit practices and techniques.
- Recognize the effectiveness of data analytics and computer-assisted audit techniques in IS audits.
- Outline the auditor’s role in systems development and disaster recovery planning.
- Outline the career opportunities as an IS Auditor.