IT Audit Process/Execution (Planning)

Question 1

Objective/Purpose

Answer 1

What is the audit about?

Question 2

Select a Framework

Answer 2

COSO, COBIT

Question 3

Audit request/PBC List

Answer 3

To obtain evidence based on control of scope

Question 4

Audit program/ Template

Answer 4

If audit program never been created, pull from management directives to see which controls should be in place.

Question 5

Kick off Meetinging

Answer 5

Sit w/ audit team to go over walkthrough of controls that I intend to test, and to introduce the audit team to discuss framework, timeline any other questions.

Question 6

Internal Kickoff Meeting

Answer 6

Delegate responsibilities within internal team.

Question 7

Risk and Control Matrix (RCM)

Answer 7

Which contains risk associated control program used to text controls?

Question 8

Walkthrough

Answer 8

It’s a conversation via face to face, email or by phone

To discuss about a request using sample of evidence provided to determine of controls are designed appropriately.

Question 9

Test of controls

Answer 9

Select multiple sample and test the sample to determine whether controls work correctly.

Question 10

What does validation mean

Answer 10

It’s a control gap. Goes from potential issue to validated issue if no evidence is provided.

Question 11

What is a milestone

Answer 11

It’s a list of noted control gaps