Register now or log in to join your professional community.
Being IS Auditor, we are not responsible for implementation of any Information System that will become part of our Audit Universe. We may however, proactively carry out a pre implementation review to identify any gaps or risks before the actual implementation and facilitate the implementing department by adding value to their product thru our expertise. However, Risks that our review failed to identify could be treated as a shared responsibility between us and the implementing department/unit. Ultimately, the implementing department/unit and the respective business owner department(s)/unit(s) are responsible for a successful implementation.
Regards,
Umar
No ,It will create a conflict and might impair professional independence of IS Auditor