O'Reilly logo

Understanding and Conducting Information Systems Auditing + Website by Arif Ahmed, Veena Hingarh

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter Twelve

ISecGrade Checklists

THIS CHAPTER PROVIDES A series of checklists for use by information systems auditors. These checklists follow the ISecGrade methodology described in Chapter 11. Readers may consult this chapter and select appropriate checklists for their use during the audit.

CHECKLIST STRUCTURE

Checklists provided in this book use the pattern shown in Table 12.1.

TABLE 12.1 Checklist Structure

image

The top heading is the name of the checklist. The query column describes the control to be tested. “Used” is marked as selected if the control is applicable. “Y” and “N” each signify the response of the auditee. “Value,” unless grayed, contains the value for the control, which is otherwise 0 for “Y” and 1 for “N.” “Score” is the value obtained by the auditee. A soft copy of the checklist is available at the companion website.

INFORMATION SYSTEMS AUDIT CHECKLISTS

Exhibits 12.1 to 12.40 contain checklists to be used under the ISecGrade methodology. These checklists are also available for download. Please refer to About the Website at the end of the book for more information.

EXHIBIT 12.1 Audit Plan Checklist

Auditee: Date:
Address:
Name of Auditor:
Action Observation
A. Understanding the IT Environment and the Business
1. Overview the organization’s business objective.
2. Assess the organizational structures and the role of IT.
3. Identify the critical areas ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required