1.Define Audit Trail?
AN AUDIT TRAIL CAN BE DEFINED AS THE PRESENCE OF DOCUMENTATION THAT ALLOWS A TRANSACTION TO BE TRACED THROUGH ALL STAGES OF ITS INFORMATION PROCESSING.
- Paper or 'electronic' trail that gives a step by step documented history of a transaction.
- It enables an examiner to trace the financial data from general ledger to the source document (invoice, receipt, voucher, etc.).
- A record showing who has accessed a computer system and what operations he or she has performed during a given period of time.
- Audit trails are useful both for maintaining security and for recovering lost transactions.
- Most accounting systems and database management systems include an audit trail component.
- In addition, there are separate audit trail software products that enable network administrators to monitor use of network resources.
- In accounting, an audit trail is the sequence of paperwork that validates or invalidates accounting entries.
- In computing, the term is also used for an electronic or paper log used to track computer activity.
- For example, a corporate employee might have access to a section of a network in a corporation such as billing but be unauthorized to access all other sections.
- If that employee attempts to access an unauthorized section by typing in passwords, this improper activity is recorded in the audit trail.
- Audit trails are used to record customer activity in e-commerce.
- The customer's initial contact is recorded in an audit trail as well as each subsequent action such as payment and delivery of the product or service.
- The customer's audit trail is then used to respond properly to any inquiries or complaints.
- A company might also use an audit trail to provide a basis for account reconciliation, to provide a historical report to plan and support budgets, and to provide a record of sales in case of a tax audit.
- Audit trails are also used to investigate cyber crimes.
- In order for investigators to expose a hacker's identity, they can follow the trail the hacker left in cyberspace.
- Sometimes hackers unknowingly provide audit trails through their Internet service providers' activity logs or through chat room logs.
AN AUDIT TRAIL CAN BE DEFINED AS THE PRESENCE OF DOCUMENTATION THAT ALLOWS A TRANSACTION TO BE TRACED THROUGH ALL STAGES OF ITS INFORMATION PROCESSING.
3.What are the two basic approaches in auditing the information system.
1. Auditing around computer
2. Auditing through computer.
1. Auditing around computer
2. Auditing through computer.
4.What are the types of IS audit.
1.Technological Innovation process Audit
2.Innovative Comparison Audit
3. Technological Position Audit
5. What are the types of IS Auditors.
1. Internal Auditors
2. External Auditors
6.What are the steps in IS Auditing.
step 1.Scoping and Pre-audit survey
step 2.Planning and preparation
2.1 hand-off from audit manager.
2.2 Preliminary Survey
2.3 Customer Requests
2.4 Standard checklists
2.5 Research
step 3. Fieldwork
step 4. Analysis
step 5. Issue Discovery and validation
step 6. Solution Development
6.1 Recommendation Approach
6.2 Management Response Approach
6.3 Solution Approach
step 7.Report Drafting and Issuance
step 8. Closure
7. Benefits of Is Audit
1. Mapping Business Control with It Application
2. Business Process Re-engineering
3. It Security Policy
4. Security Awareness
5. Better return on Investments
6. Risk management
8.Application of IS Audit
1. Management Requests
2. Pre-Implementation Reviews of new application
3. Post-Implementation applications Review
9. What is information system Audit?
* It is an examination of the controls within an information technology infrastructure.
* An Is audit is the process of collecting and evaluating evidence of an organizations information systems,practices and operations.
* The evaluation of obtained evidence determines if the information systems are safeguarding assets,maintaining data integrity and operating effectively and efficiently to achieve the organization goals or objectives,
* These reviews may be performed in conjunction with a financial statement audit ,internal audit or other form of attestation engagement.
* IS audits are also known as Automated Data Processing audits and computer audits.
* They were formerly called electronic data processing audits.
No comments:
Post a Comment