July 30, 2011

Exam Essentials - Secrets of a Successful Auditor


Know the purpose of policies, standards, guidelines, and procedures. Policies are high-level objectives designated by a person of authority, and compliance to policies is mandatory. Standards ensure a minimum level of uniform compliance to a policy, and compliance to standards is mandatory. Guidelines advise with preferred objectives and useful information in the absence of a standard. Guidelines are often discretionary. Procedures are a cookbook recipe of specific tasks necessary to implement a standard. Compliance to procedures is mandatory.
Know the ISACA standards governing professional conduct and ethics. The auditor is expected to perform with the highest level of concern and diligence. Each audit should be conducted in accordance with professional standards and objectivity, and should implement best practices.
Understand the general purpose of the audit and the role of the IS auditor. The purpose of auditing is to challenge the assertions of management and to determine whether evidence will support management's claims.
Understand an audit role versus a nonaudit role. There are only two roles in an audit. The first role is that of the auditor who performs an objective review, and the second is the role of everyone else. A person cannot be an auditor and also involved in the design or operation of the audit subject.
Understand the importance of IS auditor independence. It is unlikely that an auditor could be truly independent if the auditor were involved with the subject of the audit. Auditor independence is an additional assurance of truth.
Know the difference between discretionary and mandatory language. In regulatory language, the word shall designates a mandatory requirement. The word shall indicates that there is no excuse for failing to meet the stated objective, even if compliance would cause a financial loss. The word should indicates a recommendation that could be optional, depending on the circumstance.
Know the different types of audits. The types of audit are financial, operational (SAS-70), integrated (SAS-94), compliance, administrative, and information systems.
Understand the importance of IS auditor confidentiality. The IS auditor shall maintain confidentiality at all times to protect the client. Sensitive information should not be revealed at any time. Your client expects you to protect their secrets whenever legally possible.
Understand the need to protect audit documentation. The data must be protected with access controls and regular backup. Sensitive information is the property of the owner, and its confidentiality shall be protected by the auditor. A document archive is created during the audit and is subject to laws governing record retention.
Know how to use standard terms of reference. The auditor should communicate by using standardized terms of reference to avoid misunderstanding or confusion. The standard terminology should be defined through a mutual agreement at the beginning of the audit.
Understand application of the evidence rule. Audit evidence needs to be confirmed or verified to ensure that it is actually used in the production process.
Identify who the auditor may need to interview. The IS auditor needs to consider the roles of data owner, data user, and data custodian when selecting persons to interview. Data owners specify controls, data users are to follow acceptable usage requirements, and custodians protect the information while supporting data users.
Understand the organizational structure. Officers of an organization are usually persons with the title of vice president or higher, up to the board of directors. Department directors, managers, and staff workers are seldom liable for the organization, unless criminal activity is involved.

9 comments:

  1. How to value company?

    Entrepreneurs generally inquire, tips on how to value company May be the amount simply just ripped from nothing? The simple truth ishow to value company is a rather easy strategy. The Enpowergroup.com worth regarding virtually any small business, publicly-traded share, as well as various other personal asset can be the sum the existing worth of the funds streams required to possibly be generated through which investment decision. Today’s worth is a purpose of the predicted potential world wide web funds streams how the owner as well as investor can expect for getting by possession of their asset, reduced presenting trip to the risk-adjusted low cost charge. Obviously, funds streams that could take place all 5 many years by today are well worth less throughout today ’s bucks, because of a volume of aspects including risk along with the “time worth regarding cash.
    With our broad selection of Capital Raising ranging from conventional lending options and responsibilities to be able to difficult structured financing, we’ll assist acquire your organization to the next degree. Our understanding and practical knowledge within determining the Capital Raising for the buyers throughout goods allow us all to address all our own clients’ cash wants, such as purchase financing, buyouts, control buyouts, growth cash, affected property financing, recapitalization, pre-IPO placements, shareholder financing, and so on.

    ReplyDelete
  2. Great post.
    I really appreciate your hard work and giving us some information and inspiring others to follow.
    Thanks so much.
    Inventory Audit
    Fixed Assets Audit

    ReplyDelete
  3. Informative post.I have read your post.It was amazing blog helpful.Thank for sharing this blog.Get MORE Duplicate Payment Review | Continuous Transaction Monitoring
    Duplicate Payment Recovery

    ReplyDelete
  4. Thanks for sharing such a great information, Hope you will publish more.
    I really appreciate the blog,
    Please publish more blogs like this
    To know more about CIA do visit the below mentioned Link-
    CIA CERTIFICATION
    Again thanks for providing great quality blogs...

    ReplyDelete
  5. It was during my research on HIV/Herpes that I stumbled upon the Hiv/Herpes information; information which is quite easy to find when doing a search for STD on google. I was into conspiracy at the time thought of HIV/Herpes Cured' being a conspiracy was something Ignorance though,I found pretty interesting about herbal medicine. I asked questions about the Herbal cure's on official HIV/Herpes websites and I was banned for doing so by moderators who told me that I was parroting Hiv/Herpes propaganda. This reinforced my belief that there is a cure for Hiv/Herpes Then i found a lady from germany name Achima Abelard Dr Itua Cure her Hiv so I send him a mail about my situation then talk more about it and send me his herbal medicine I drank for two weeks.And today I'm Cured no Hiv/Herpes in my life,I searched for Hiv/Herpes groups to attempt to make contact with people in order to learn more about Hiv/Herpes Herbal Cure's I believed at this time that you with the same disease this information is helpful to you and I wanted to do the best I could to spread this information in the hopes of helping other people.That Dr Itua Herbal Medicine makes me believes there is a hope for people suffering from,Parkinson's disease,Schizophrenia,Cancer,Scoliosis,Fibromyalgia,Fluoroquinolone Toxicity Syndrome Fibrodysplasia Ossificans Progressiva.Infertility, ,Epilepsy ,Diabetes ,Coeliac disease,,Arthritis,Amyotrophic Lateral Sclerosis,Alzheimer's disease,Adrenocortical carcinoma.Asthma,Allergic diseases.Hiv_ Aids,Herpes,Inflammatory bowel disease ,Copd,Diabetes,Hepatitis,I read about him online how he cure Tasha and Tara,Conley,Mckinney and many more suffrin from all kind of disease so i contacted him . He's a herbal doctor with a unique heart of God, Contact Emal..drituaherbalcenter@gmail.com Phone or whatsapp..+2348149277967.

    ReplyDelete
  6. Existing without the answers to the difficulties you’ve sorted out through this guide is a critical case, as well as the kind which could have badly affected my entire career if I had not discovered your website.accounting firms in dubai

    ReplyDelete
  7. Nice blog has been shared by you. it will be really helpful to many peoples who are all working under the technology. Thank you for sharing this blog.company registration services in india

    ReplyDelete
  8. I would highly recommend Le_ meridian funding services to any person in need financial help and they will keep you on top of high directories for any further needs. Once again I commend yourself and your staff for extraordinary service and customer service, as this is a great asset to your company and a pleasant experience to customers such as myself. Wishing you all the best for the future.Le meridian funding service is best way to get an easy loan,here is there email..lfdsloans@lemeridianfds.com Or talk to Mr Benjamin On WhatsApp Via_+1-989-394-3740 Thank You for helping me with loan once again in my sincerely heart I'm forever grateful.

    ReplyDelete
  9. Thanks for sharing your insights and practical advice. If you want any types of financial services in UAE, visit our website . we are a one of the top accounting and audit firm in Dubai providing accounting, auditing, VAT, Banking and Golden visa services.

    ReplyDelete