Trusted by +2 million users,
1000+ happy students everyday
Showing pages 1 to 3 of 8 pages
ContentsIntroduction............................................................................................................................... 21.0 System Auditing................................................................................................................... 22.0 Information System Auditor ................................................................................................ 32.1 Internal Audit ................................................................................................................... 32.2 Steps in conducting an IS audit: ....................................................................................... 33.0 Importance of audit in the organization. .............................................................................. 43.1 When should IT risks and controls be assessed?.............................................................. 44.0 Types of audits ..................................................................................................................... 55.0 Information gathering .......................................................................................................... 65.1 Method of gathering audit information ............................................................................ 66.0 Frequency of Doing an Information Systems Audit ............................................................ 76.1 When to perform a special audit? ..................................................................................... 8
IntroductionNowadays many organisations irrespective to their size or scope of operation, have realisethe importance of using information technology to be able to cope with the current globalscenario. An audit can help an enterprise ensure effective operations and demonstrate to itscompliance with administrative and legal regulations. It can confirm for management that thebusiness is functioning well and is prepared to meet potential challenges. Most importantly,itcanassurestakeholdersofthefinancial,operationalandethicalwell-beingoftheorganisation.Information systems (IS) audits support all those outcomes, with a special focus on theinformation and related systems upon which most businesses and public institutions dependfor competitive advantage.Vital Pharmacy, found in Plentynun, existed since 1998, is a renowned pharmacy in Mauritius.Vital Pharmacyproduces a broad range of medicines and products.DuetonumerousbenefitsofInformationtechnology,VitalPharmacyisinvestingininformation systems to ensure their IT systems are reliable, secure and invulnerable tocomputer attacks.AtVital Pharmacy, the pharmacy manager gets access to the database only due to securityissues. There are 2 administrators who are allowed to log in the system and view the stock ofmedicines and the record of transactions.1.0 System AuditingSystem Auditing is the process of collecting and evaluating evidence to determine whether acomputer system:Safeguard assets,Maintains data integrity,Allows organizational goals to be achieved effectively,And uses resources efficientlyLikewise,Vital Pharmacyopts for an information system auditing to improve performance ofits organisation.Due to endless information and data,Vital Pharmacyneeds technology to work, requirecomplex software and computerized equipment to develop their activity in an optimised andefficient manner. That prevailing presence of software and technology, leads the need forsystem auditing.The main objective of systems auditing is to validate the integrity of the information and datastored in the databases of the information systems and the processing ofVital Pharmacy.
2.0 Information System AuditorAn information system auditor analyses and interprets many different types of computer orinformation systems within an organisation. They may develop, examine and evaluate acompany’s information systems, internal controls and management procedures to make surerecords are accurate and information controls are in place.At vital pharmacy, the auditorreview risks relating to IT systems and processes. Theorganisation has anInternal Auditorwho analyses business processes, procedures andactivities with the goal of highlighting any problems and recommending solutions.2.1 Internal AuditInternal Audit is an important tool for monitoring and managing quality, performance andbusiness systems. It also includes an objective assessment of gathered audit evidenceagainst criteria. Internal audits are adapted according to changing demands and can offer amore comprehensive approach compared to the traditional method of inspecting.Vital Pharmacyhave to do a lot of collaboration with other companies such as suppliers andcontractors. Raw materials are often manufactured or supplied by others and development,manufacturingandlaboratoryanalysiscanbeoutsourcedtosavecostsQualityandcompliance audits e.g. contract laboratories, contract manufacturers and suppliers are doneto ensure the safety of the raw materials used in production, safety of the product andaccuracy of analysing methods, which the company is responsible for.2.2 Steps in conducting an IS audit:1. Previewing the environment2. Understanding the Information Systems3. Identifying the Audit Risks4. Identifying Audit Evidence5. Identify Key Control Points6. Identify Control Weaknesses7. Verifying integrity of computer files8. Conduct Audit Tests9. Concluding the Audit
desklib-logo
You’re reading a preview
Preview Documents

To View Complete Document

Click the button to download
Subscribe to our plans

Download This Document