O'Reilly logo

Understanding and Conducting Information Systems Auditing + Website by Arif Ahmed, Veena Hingarh

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter Six

Risk-Based Systems Audit

THIS CHAPTER INTRODUCES THE concept of a risk-based information systems audit. Under the situation of resource constraint, an information systems auditor may be required to selectively review some functions of the auditee. In fact, even when there is no paucity of resources, the auditor may need to achieve optimal use of the resources deployed. Upon completing this chapter, we should be able to prioritize various functions in terms of their risk criticality and design the audit program so that we can focus more on the critical areas.

CONDUCTING A RISK-BASED INFORMATION SYSTEMS AUDIT

A risk-based information systems audit includes, in addition to testing of logic and transaction, an evaluation of risk engrained in management systems and control procedures established in various operations. Under a risk-based information systems audit, the focus shifts from exhaustive testing to a system guided by risk identification, prioritization of audit objects based on identified risks, and allocation of audit resources in line with risk assessment. Thus, the criteria for selecting an audit object shifts from the functionality of such an object to the risk associated with its failure. An information systems audit under a risk-based approach results in greater assurance that the entity is adequately geared to face the risks its information systems is exposed to.

A risk-based information systems audit consists of the following five steps:

1. Profiling of ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required