Escolar Documentos
Profissional Documentos
Cultura Documentos
Information Technology
Information technology audits determine whether IT controls protect corporate assets, ensure data
integrity and are aligned with the business's overall goals. IT auditors examine not only physical security
controls, but also overall business and financial controls that involve information technology systems.
Because operations at modern companies are increasingly computerized, IT audits are used to ensure
information-related controls and processes are working properly. The primary objectives of an IT audit
include:
Evaluate the systems and processes in place that secure company data.
Determine risks to a company's information assets, and help identify methods to minimize those
risks.
Ensure information management processes are in compliance with IT-specific laws, policies and
standards.
Objectives of an IT audit
Most often, IT audit objectives concentrate on substantiating that the internal controls exist and are
functioning as expected to minimize business risk. These audit objectives include assuring compliance with
legal and regulatory requirements, as well as the confidentiality, integrity, and availability (CIA no not the
federal agency, but information security) of information systems and data.
F. Fraud Audit
Introduction to fraud
Fraud encompasses a variety of irregularities and illegal acts characterized by intentional deception. The elements of
fraud are:
Supervision
Separation of duties
Management approval
System controls
Pressure can be imposed due to:
Rationalization occurs when the individual develops a justification for the fraudulent activities. The rationalization
varies by case and individual. Some examples include:
o
I really need this money and Ill put it back when I get my paycheck. In many cases they replace the
money only to take more later and not repay it. I just cant afford to lose everything my home, car,
everything. Besides, the company owes me.