IT Audit Process/Execution (Planning) Flashcards
Objective/Purpose
What is the audit about
Select a Framework
COSO, COBIT
Audit request/PBC List
To obtain evidence based on control of scope
Audit program/ Template
If audit program never been created, pull from management directives to see which controls should be in place.
Kick off Meetinging
Sit w/ audit team to go over walkthrough of controls that I intend to test, and to introduce the audit team to discuss framework, timeline any other questions.
Internal Kickoff Meeting
Delegate responsibilities within internal team.
Risk and Control Matrix (RCM)
Which contains risk associated control program used to text controls
Walkthrough
It’s a conversation via face to face, email or by phone
To discuss about a request using sample of evidence provided to determine of controls are designed appropriately.
Test of controls
Select multiple sample and test the sample to determine whether controls work correctly.
What does validation mean
It’s a control gap. Goes from potential issue to validated issue if no evidence is provided.
What is a milestone
It’s a list of noted control gaps