In this chapter we learned that

  • The real mission of the internal audit department is to help improve the state of internal controls at the company.

  • Internal auditors are not truly independent, but they should be objective.

  • It is important to find ways to accomplish the department's mission outside formal audits. Early involvement, informal audits, knowledge sharing, and self-assessments are four important tools in this regard.

  • Building and maintaining good relationships with the IT organization are critical elements of the IT audit team's success.

  • The most effective IT audit teams ensure that every layer of the stack is covered, not just the application layer.

  • Successful IT audit teams generally will consist of a combination of career auditors and IT professionals.

  • It is critical to develop methods for maintaining the technical expertise of the IT audit team.

  • A healthy relationship should be developed with external IT auditors.


If you'ue interested in more information on the overall management of the audit function, an excellent resource is 'Managing the Audit Function: A Corporate Audit Department Procedures Guide' by Michael P. Cangemi and Tommie Singleton.

IT Auditing. Using Controls to Protect Information Assets
It Auditing: Using Controls to Protect Information Assets [IT AUDITING -OS N/D]
Year: 2004
Pages: 159 © 2008-2017.
If you may any questions please contact us: