Start networking and exchanging professional insights

Register now or log in to join your professional community.

Follow

As an internal auditor, what is the minimum IT knowledge you need to be able to perform your duties satisfactory?

As an internal auditor, what is the minimum IT knowledge you need to be able to perform your duties satisfactorly?

user-image
Question added by Deleted user
Date Posted: 2013/08/10
Shahid Abbasi
by Shahid Abbasi , Head Internal Audit , HBL Microfinance Bank Ltd

An effective Internal Auditor must have sufficient Knowledge/Hands on exposure of the following: 1.
Overall IT Structure environment of the Organization, IT core Systems (Operational and Financial) 2.
Detailed IT End to End processes in respect of Accounting and Finance 3.
IT Access Controls ( Physical & Logical) 4.
Chnage Management Proces of IT 5.
Risks associated with IT related infrastructures like Networks, DRP etc.
 

Jamaludin Jana
by Jamaludin Jana , Senior Accountant and Finance , M/s. Pure Gold Real Estate Development L.L.C

As an good Internal Auditor, one must know 1. To be able to understand Information systems set up of the company 2. Risk associated with company Information and secrets such as Security of the Data and backups 3. ERP and Excell usage.  

Deleted user
by Deleted user

Bare minimum necessary for successful IT audits consists of the following:

1. Thorough knowledge of the business process and how it is using the technology

2. Ability to link business objectives to the technology and to define proper scope.

3. Access Provisioning and Deprovisioning

4. Segregation of duties in the applications based on business rules.

That is a bare minimum expected from non-IT-auditor.

mosab alsaideh
by mosab alsaideh , Cyber Security - Manager , Deloitte

As an IT auditor you have to have basic knowledge in networking, OS,  access control, security and risk management to be able to conduct effective audits.

fraidy pinto
by fraidy pinto , Area IT Director - Middle East & Sub Saharan Africa , Rezidor Hotel Group

As an internal auditor , its important to look at the larger picture ie.
risks and controls which is what a major portion of what an IT Audit is about.
Some may argue that Compliance to standards should also be an integral part of an audit and understandbly so as standards define methodolgies and procedures involved in system deployment which can thereby reduce risks.
     

More Questions Like This