Chapter 13. Other Contemporary Information Systems Auditing Challenges

The body of knowledge that encompasses information systems (IS) auditing is enormous. First, IS auditors must understand how computers work, what risks they present, and how they can best be controlled. The number and types of computers, operating systems, database management systems, and applications, each with its own unique idiosyncrasies, is staggering and continually increasing. Information systems auditors must keep current on these new technologies. Also included in the IS auditing body of knowledge are laws and regulations pertaining to the countries and industries in which organizations do business. Information systems auditors must also be fluent in traditional auditing methodologies, which have evolved from the auditing branch of the accounting profession. Knowledge of accounting principles is also extremely beneficial when examining expenditures for computer equipment and services and how they are recorded on the financial statements. A detailed understanding of business operations and high-level management issues such as strategic planning and forecasting is essential for IS auditors to communicate IS control and security issues with executives and board members. Depending on each auditor's area of specialty, additional bodies of knowledge may be encompassed. Finally, auditors must be able to apply this knowledge and information by effectively communicating in written and verbal form.

Delving into ...

Get Auditing Information Systems, Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.