Log in Subscribe

Learning the Work of a great IT Auditor

Broch Bigum
· 2 min read
Learning the Work of a great IT Auditor

In purchase to fully understand the particular nature of a good IT auditor?  https://barnes-ballard.thoughtlanes.net/the-way-to-protect-your-web-site-from-hackers , it is best that a person understand fundamental regarding IT auditing i actually. e.: --

Exactly what is IT Review?
What is the scope of an IT Examine?
Why perform THAT audit?
UX/UI Design Strategy

What is THAT Audit?

IT sama dengan Technology (system/process/method) to be able to produce the info required by the customers.

Information = Data that has already been processed to accommodate the user requirements

Exam = assurance and even consulting activities

THAT Audit is simply another branch of audit. It truly is generally an assurance plus consulting activities built to add value and even improve the THIS operations.

Interesting sites upon it Audit that will you can consider: -

[http://www.theiia.org/itaudit/]

http://www.isaca.org/

What is the scope of the THIS Audit?

According to FFIEC Information TechnologyExamination Handbook, the typical opportunity of an THIS audit: -

Managing
Procedures
Development as well as Purchase
Information Safety
Business Continuity Setting up


According to COBIT, the particular scope of an IT audit addresses the followings: :

Plan & Put together (PO)
Acquire and Implement (AI)
Offer & Support (DS)
Monitor & Evaluate (ME)

Whether you are employing FFIEC, COBIT or any other method, the most essential thing is to understand your THIS environment and exactly how the support the organisation business.

Why perform IT audit?

The objective of an IT audit is to assess the adequacy of the controls in place to be able to safeguard the informative assets.

Quite simply, to be able to review the stage of IT hazards, controls and direct exposure. My simple picture is: :

THAT Risk? IT Control = IT Direct exposure

Therefore, an THAT auditor has to examine the level regarding IT risks and even controls that exist in order to evaluate if there is definitely any exposure inside the organisation.

THAT Risks

There are usually many strategies to sort out the IT risks.

One of the particular methods is: :

Infrastructure Risk
Supply Danger
Integrity Threat
Access Risk
Significance Risk