Information Systems Auditing: The IS Audit Reporting Process
4.5/5
()
About this ebook
IS audit area reporting mastery reflects professional experience and training. Regarding subject mastery, this booklet presents finding form analysis, draft report writing and presentation; which can be translated, if practiced, into professional experience. Chronologically, this monograph describes required audit steps performed during an audit area assignment.
Robert E. Davis
Dr. Robert E. Davis obtained a Bachelor of Business Administration in Accounting and Business Law, a Master of Business Administration in Management Information Systems, and a Doctor of Business Administration in Information Systems Management from Temple, West Chester, and Walden University; respectively. In addition, during his twenty years of involvement in education, Dr. Davis acquired Postgraduate and Professional Technical licenses in Computer Science and Computer Systems Technology. Dr. Davis also obtained the Certified Information Systems Auditor (CISA) certificate — after passing the 1988 Information Systems Audit and Control Association’s rigorous three hundred and fifty multiple-choice questions examination; and was conferred the Certified Internal Controls Auditor (CICA) certificate by the Institute for Internal Controls.Since starting his career as an information systems (IS) auditor, Dr. Davis has provided data security consulting and IS auditing services to the United States Securities and Exchange Commission, United States Enrichment Corporation, Raytheon Company, United States Interstate Commerce Commission, Dow Jones & Company and Fidelity/First Fidelity (Wells Fargo) corporations as well as other organizations; in staff through management positions.Prior to engaging in the practice of IS auditing and information security consulting; Dr. Davis (as a corporate employee) provided inventory as well as general accounting services to Philip Morris, USA and general accounting services to Philadelphia National Bank (Wells Fargo). Furthermore, he has prior experience as a freelance writer of IT audit and information security training material.Dr. Davis has authored articles addressing IT issues for ITAudit magazine, ISACA Journal, and IT Governance, LTD as well as peer reviewed Carnegie Mellon University's technical report "Comparing eSCM-SP v2 and COBIT" and five chapters of Bloomsbury Publishing's "Effective Auditing for Corporates".In regards to training individuals in the information systems audit process, he has provided instruction to the Data Processing Management Association, ISACA-Philadelphia Chapter CISA Review Course participants, 3rd Annual Securasia Congress delegates, the Delaware Valley Chapter of the Information Systems Security Association and an Internet CISA study group. Additionally, Dr. Davis has presented webinars for Compliance4all, Compliance IQ, Compliance Online, and Online Compliance Panel registrants. Dr, Davis also is a former ISACA-Philadelphia Chapter Board of Directors’ member as well as Chairman of College Relations and the inaugural CISA in Residence at Temple University.Dr. Davis received recognition as an accomplished, energetic auditor, author, and speaker with a sound mix of experience and skills in monitoring and evaluating controls. Based on his accomplishments, he has been featured in Temple University's Fox School of Business and Management Alumni Newsletter as well as The Institute for Internal Controls e-newsletter. Furthermore, he is the first and inaugural Temple University CISA in Residence and a Temple University Master of Science in IT Auditing and Cyber-Security Advisory Councilmen. Lastly, he accepted invitations to join Delta Mu Delta International Honor Society, the Golden Key International Honour Society, the Thomson Reuters' Expert Witness List, the IT Governance LTD expert panel, as well as the International Association of IT Governance Standards honorary membership group.
Related to Information Systems Auditing
Titles in the series (5)
Information Systems Auditing: The IS Audit Planning Process Rating: 4 out of 5 stars4/5Information Systems Auditing: The IS Audit Study and Evaluation of Controls Process Rating: 3 out of 5 stars3/5Information Systems Auditing: The IS Audit Testing Process Rating: 1 out of 5 stars1/5Information Systems Auditing: The IS Audit Reporting Process Rating: 5 out of 5 stars5/5Information Systems Auditing: The IS Audit Follow-up Process Rating: 2 out of 5 stars2/5
Related ebooks
Information Systems Auditing: The IS Audit Follow-up Process Rating: 2 out of 5 stars2/5Information Systems Auditing: The IS Audit Planning Process Rating: 4 out of 5 stars4/5IS Auditor - Process of Auditing: Information Systems Auditor, #1 Rating: 0 out of 5 stars0 ratingsInformation Systems Auditing: The IS Audit Study and Evaluation of Controls Process Rating: 3 out of 5 stars3/5Information Systems Auditing: The IS Audit Testing Process Rating: 1 out of 5 stars1/5Auditing Information Systems: Enhancing Performance of the Enterprise Rating: 0 out of 5 stars0 ratingsAudit Function A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsAuditing Essentials Rating: 3 out of 5 stars3/5Financial Audit A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsCertified Internal Control Auditors A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsFrequently Asked Questions in International Standards on Auditing Rating: 1 out of 5 stars1/5Audit and Assurance Essentials: For Professional Accountancy Exams Rating: 0 out of 5 stars0 ratingsHow to Audit the Process-Based QMS Rating: 5 out of 5 stars5/5Forensic Accounting A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsThe Executive’S Guide to Internal Auditing Rating: 0 out of 5 stars0 ratingsIT Audit A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsFinancial audit Complete Self-Assessment Guide Rating: 4 out of 5 stars4/5Separation Of Duties A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsRisk-Based Internal Audit Rating: 5 out of 5 stars5/5Auditing and Reporting A Complete Guide Rating: 0 out of 5 stars0 ratingsFundamentals of Information Security Risk Management Auditing: An introduction for managers and auditors Rating: 5 out of 5 stars5/5Audit Process A Complete Guide - 2019 Edition Rating: 0 out of 5 stars0 ratingsThe Basics of IT Audit: Purposes, Processes, and Practical Information Rating: 4 out of 5 stars4/5Auditing Information Systems and Controls: The Only Thing Worse Than No Control Is the Illusion of Control Rating: 0 out of 5 stars0 ratingsRemote Audit: From Planning to Implementation Rating: 4 out of 5 stars4/5A Step By Step Guide: How to Perform Risk Based Internal Auditing for Internal Audit Beginners Rating: 4 out of 5 stars4/5Mastering Internal Audit Fundamentals A Step-by-Step Approach Rating: 4 out of 5 stars4/5CISA A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratings
Certification Guides For You
Microsoft Office 365 for Business Rating: 4 out of 5 stars4/5CompTIA Security+ Get Certified Get Ahead: SY0-701 Study Guide Rating: 5 out of 5 stars5/5Coding All-in-One For Dummies Rating: 4 out of 5 stars4/5CompTIA Security+ Certification Practice Exams, Fourth Edition (Exam SY0-601) Rating: 5 out of 5 stars5/5(ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide Rating: 3 out of 5 stars3/5Coding For Dummies Rating: 5 out of 5 stars5/5Understanding Cisco Networking Technologies, Volume 1: Exam 200-301 Rating: 0 out of 5 stars0 ratingsHacking : Guide to Computer Hacking and Penetration Testing Rating: 5 out of 5 stars5/5MC Microsoft Certified Azure Data Fundamentals Study Guide: Exam DP-900 Rating: 0 out of 5 stars0 ratingsPHR and SPHR Professional in Human Resources Certification Complete Study Guide: 2018 Exams Rating: 0 out of 5 stars0 ratingsCompTIA Security+ Study Guide: Exam SY0-601 Rating: 5 out of 5 stars5/5AWS Certified Cloud Practitioner: Study Guide with Practice Questions and Labs Rating: 5 out of 5 stars5/5CompTIA A+ Certification All-in-One For Dummies Rating: 3 out of 5 stars3/5Mike Meyers' CompTIA A+ Certification Passport, Seventh Edition (Exams 220-1001 & 220-1002) Rating: 2 out of 5 stars2/5CompTIA A+ Complete Review Guide: Core 1 Exam 220-1101 and Core 2 Exam 220-1102 Rating: 5 out of 5 stars5/5CompTIA Network+ Review Guide: Exam N10-008 Rating: 0 out of 5 stars0 ratingsAWS Certified Cloud Practitioner All-in-One Exam Guide (Exam CLF-C01) Rating: 5 out of 5 stars5/5CompTIA A+ CertMike: Prepare. Practice. Pass the Test! Get Certified!: Core 1 Exam 220-1101 Rating: 0 out of 5 stars0 ratingsCompTIA A+ Complete Study Guide: Exam Core 1 220-1001 and Exam Core 2 220-1002 Rating: 4 out of 5 stars4/5Mike Meyers' CompTIA A+ Certification Passport, Sixth Edition (Exams 220-901 & 220-902) Rating: 4 out of 5 stars4/5Mike Meyers CompTIA Security+ Certification Passport, Sixth Edition (Exam SY0-601) Rating: 5 out of 5 stars5/5CompTIA Network+ Practice Tests: Exam N10-008 Rating: 0 out of 5 stars0 ratingsSecurity + Study Guide and DVD Training System Rating: 4 out of 5 stars4/5CCNA Certification Study Guide, Volume 2: Exam 200-301 Rating: 0 out of 5 stars0 ratingsCompTIA Network+ Certification Guide (Exam N10-008): Unleash your full potential as a Network Administrator (English Edition) Rating: 0 out of 5 stars0 ratingsPHR and SPHR Professional in Human Resources Certification Complete Review Guide: 2018 Exams Rating: 0 out of 5 stars0 ratingsPHR and SPHR Professional in Human Resources Certification Complete Practice Tests: 2018 Exams Rating: 4 out of 5 stars4/5
Reviews for Information Systems Auditing
3 ratings0 reviews
Book preview
Information Systems Auditing - Robert E. Davis
Information Systems Auditing
The IS Audit Reporting Process
Robert E. Davis, MBA, CISA, CICA
Published by Robert E. Davis at Smashwords
Copyright 2009 Robert E. Davis, MBA, CISA, CICA. All rights reserved.
Smashwords Edition, License Notes
This ebook is licensed for your personal enjoyment only. This ebook may not be re-sold or given away to other people. If you would like to share this book with another person, please purchase an additional copy for each recipient. If you’re reading this book and did not purchase it, or it was not purchased for your use only, then please return to Smashwords.com and purchase your own copy. Thank you for respecting the hard work of this author.
Preface
The global Information Technology (IT) community considers becoming a Certified Information Systems Auditor (CISA) a major accomplishment. To obtain the CISA designation information systems auditors, controls, or security professionals must pass a rigorous test demonstrating knowledge in a multitude of information systems audit process areas. Information Systems Audit and Control Association (ISACA) standards and guidelines, audit risk, and audit reporting are just a few knowledge requirements CISA candidates must master.
Objectives
Information Systems Auditing: The IS Audit Reporting Process is part of an electronic booklets series providing comprehensive IS audit planning, study, evaluation, testing, and reporting methods. Systemically, the series covers major steps in the IS audit processes not chronicled in ISACA standards and guidelines. In terms of content, these monographs convert selected audit standards into practical applications using detailed examples. These monographs also allow auditors to understand various steps and processes required to adequately initiate, document, and compile IT audit phases. Through these study assistants, a CISA student will acquire an appreciation for IT financial statement, government, and external auditing. Collectively, these monographs function as study guides for CISA examination preparation as well as audit reference manuals.
IS audit area reporting mastery reflects professional experience and training. Regarding subject mastery, this booklet presents finding form analysis, draft report writing and presentation; which can be translated, if practiced, into professional experience. Chronologically, this monograph describes required audit steps performed during an audit area assignment. Specifically, audit report opinions are described from an ISA’s perspective, while simultaneously presenting other equivalent audit standards and guidelines. Furthermore, audit report distribution is discussed at this monograph’s conclusion.
Related Material
To enhance certification candidate preparation, Boson Software offers practice tests traversing the ISACA CISA examination domains. These practice tests are excellent knowledge diagnostic and test simulation tools, furnishing a variety of question formats for the purchaser. Lastly, the practice tests are customizable, therefore, allowing selected CISA domain study.
Table of Contents
Introduction
1.0 Assessing Audit Findings
1.1 Audit Report Materiality
1.2 Assessing Risk
1.3 Cost-Benefit Analysis
2.0 Working Papers Retention
2.1 Audit Evidence
3.0 Draft Audit Report
3.1 Subsequent Events
3.2 Draft Report Distribution
4.0 Conduct Closing Conference
4.1 Client Responses
5.0 Final Audit Report
5.1 Final Report Distribution
Appendix A
Appendix B
Appendix C
Appendix D
Appendix E
Acronyms
Glossary
Bibliography
Biography
Introduction¹, ², ³, ⁴, ⁵, ⁶
Information