Information Systems Audit & Assurance
What is an Information Systems Audit ?
An Information Systems (IS) audit is a thorough examination of an entity’s information systems, information technology infrastructures, management, operations and connected processes. This assessment can be executive together with a financial statements audit. As business operations and processes of most (if not all) entities are highly digitalised, it is definitely vital for entities to assess its information systems controls. An Information Systems Audit is essential in providing assurance that the your organisation’s information systems and IT infrastructures are effectively safeguarded, and delivering reliable information to employees & other stakeholders of the organisation.
Objectives of AKATI Consulting’s Information Systems Audit
(a) To provide assurance that data and information generated from your organisation’s information systems have an impact on the financial statements and ensures a smooth financial reporting process.
(b) To provide assurance that your organisation’s Information Systems and Information Technology security policies, standards and procedures are sufficient, effective and efficient in meeting the vision and mission of your organisation.
(c) To provide assurance that any unauthorised infiltration breaches into your information systems are timely recognized and remediated.
(d) To provide assurance that the information systems of your organisations comply with the applicable laws, policies and relevant Information Technology and Information System standards.
(e) To provide assurance that emerging or “budding” cybersecurity risks are steadfastly recognized, correctly evaluated and adequately handled.
What is the difference between Information Systems Audit and Penetration Test?
General Audit Steps
(a) Identify the systems and the controls to be audited
(b) Set audit scope according to the controls
(c) Determine the possible tests to be performed for each control depending on the nature of the system
(d) Acquire the data
(e) Test the controls against regulations and applicable industry standards
(f) Identify the vulnerabilities, inconsistencies and lack of compliance to standards
(g) Prepare audit report
Information Systems Audit Targets (not limited to)
(a) Application Systems Audit
(b) Operation Systems Audit
(c) Database Systems Audit
(d) Communication & Network Infrastructure Audit
(e) IS Management & IT Governance Audit
Speak to us today on your Information Systems Audit requirements.
Return to Governance, Risk and Advisory